Microsoft tightens restrictions on adware on Windows PCs

Adware developers have a new set of Microsoft-imposed guidelines to follow

Starting July 1, developers of adware for Windows will have to contend with new Microsoft-imposed rules aimed at making it easier for people to stop bothersome ads.

In announcing the changes, Microsoft warned developers that ignoring the rules would lead to their programs being detected as adware and "immediately removed from the user's machine." The enforcers would be the security products Microsoft ships with Windows, such as Security Essentials and Windows Defender.

Currently, Microsoft's products notify a user when they identify a program as adware. If the user doesn't take the recommended action, then the program is allowed to run.

Under the new rules, Microsoft will remove programs that launch ads promoting goods or services in programs other than itself. If everything happens within the program, than Microsoft won't block the promotion.

Other rule changes include requiring a clearly seen close button for an ad and the name of the program that created it. In addition, a standard uninstall method has to be provided for the program identified in the ad. The latter will make deleting nuisance programs much easier.

While experts viewed the changes positively, they also said the new rules were overdue.

"The rules are a good first step by Microsoft to help mitigate the risks of adware," Ken Westin, security researcher for Tripwire, said. "However, I do not think it will have a huge impact on the amount of adware."

Westin pointed out that adware developers tend to be a "sly bunch" with the tenacity to find ways around rules.

"It will be interesting to see the actual affect these new rules and their means of enforcing them will actually have," he said.

Such steps as requiring the name of advertisers in programs and providing a standard method to remove them seemed basic to privacy consultant Rebecca Herold.

"If they haven't documented this until now, then it is long overdue," she said.

Jamz Yaneza, a threat researcher at Trend Micro, believed the changes could "benefit not just consumers, but businesses of all sizes, large and small."

Microsoft is sensitive to the overall user experience on Windows. If ads are popping up and people have no control to stop them, then users are likely to see the nuisance as a negative to using Windows.

At the same time, Microsoft does not want to prevent developers from the ad-generated revenue necessary to support applications provided at no charge.

The new rules mark a balance that "make it easy for software developers to utilize advertising while at the same time empowering users to control their experience," Michael Johnson, a researcher at Microsoft's Malware Protection Center, said in a blog post.

Over the last several years, adware, which has plagued PCs for many years, has spread to mobile devices. Trend Micro found in a report released in September 2012 an increasing number of mobile ad networks placing ads outside of the originating apps, typically in the form of notifications.

Join the CSO newsletter!

Error: Please check your email address.

Tags advertisementsapplicationsadwareMicrosoftWindowssoftwareoperating systemsdata protection

More about MicrosoftTrend Micro AustraliaTripwire

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Antone Gonsalves

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts