As Microsoft anticipates a richer “apps” ecosystem for Windows 8, they appear to be taking some extra steps to shield users from malicious applications with the introduction of an in-built file verification policy powered by the SmartScreen Filter.
Originally a feature from Internet Explorer but now also (annoyingly) integrated in Windows Live Messenger 2011, SmartScreen is practically a dynamic list of known “illegal, viral, fraudulent, or malicious” URLs that Microsoft manually or algorithmally identifies. It uses this list to compare the link or executes a user visits or downloads, warning if there’s a match.
Although it’s been proven highly effective to prevent socially engineered malware, it’s also subject to false positives which frustrates developers to “clear their name”.
In Windows 8, SmartScreen appears to serve two purposes – to reactively check the file system and proactively prevent any downloaded applications from running that are unknown to the filter. Unfortunately I haven’t been able to trigger it so I don’t know exactly how it responds but I presume not unlike a security warning. Having said that, it’s comforting to know the feature can also be disabled for the brave.
This addition mechanism adds to a growing list of security-centric features and tools including but not limited to digital signing, User Account Control, Windows Defender and Security Essentials that Microsoft is building into Windows or making available for free. A win for users of course.
Update: To clarify, the “never run programs” options is not on by default.