December 22nd, 2015, 19:44 PM
Microsoft to Crack Down on Adware
Months after Lenovo's Superfish debacle, Microsoft this week announced a crackdown on man-in-the-middle techniques that's intended to halt the spread of malicious adware.
Starting on March 31, 2016, programs that use things like injection by proxy or network layer manipulation, or change DNS settings will be categorized as malware by Microsoft and blocked.
"Programs that create advertisements in browsers must only use the browsers' supported extensibility model for installation, execution, disabling, and removal," Microsoft said in a blog post. "The choice and control belong to the users, and we are determined to protect that."
Adware has long been an issue. Software running on Windows computers around the world produce ads that are displayed across the operating system, including the browser. While there are several tools designed to remove adware, Microsoft says adware techniques have become more sophisticated.
"All of these techniques intercept communications between the Internet and the PC to inject advertisements and promotions into webpages from outside, without the control of the browser," Microsoft said. "Our intent is to keep the user in control of their browsing experience and these methods reduce that control."
That became quite apparent earlier this year with Superfish. The adware was pre-installed on some Lenovo computers built in late 2014 and and resulted in annoying pop-ups and unwanted ads across the Web. But it also made people's PCs susceptible to hackers.
More recently, Dell said PCs shipped since August 2015 were equipped with a root certificate known as eDellRoot, which "unintentionally introduced a security vulnerability."