Windows 8 comes with SmartScreen Filter integrated into the operating system, which uses a URL reputation engine and a file/application system. The URL reputation engine protects users from phishing and socially engineered attacks.
The file/application reputation system tracks file downloads and verifies their respective reputations. When files have been blocked as malicious you will see a warning with no option to delete or run the file. Unknown files will also present a warning but you could still run or delete a malicious file. Admin controls will provide additional control over these settings.
SmartScreen also works with Internet Explorer 8 and 9 (as it did previously – it only worked in the browser) but now works with Firefox or Google Chrome in addition to being baked into the operating system. So how does SmartScreen work?
- Launch an application that SmartScreen doesn’t recognise
- You will see “Windows protected your PC” “Windows SmartScreen prevented an unrecognised app from starting. Running this app might put your PC at risk” – More into (see next bullet)
- Some apps may be flagged as malicious even though they are not – be extra careful here. If you are not 100% sure, don’t allow the app to run and do some research on the Internet.
- If you are sure an app you want is safe to run – click More Info link
- You will now see “Publisher: Unknown Publisher ” and “App: <name of app>”
- Click > Run anyway and Windows will allow the app to run, bypassing the SmartScreen Filter
There has been some noise regarding privacy of Windows 8 SmartScreen. By default SmartScreen will always send information about every application you download and install to Microsoft Servers. It collects the app filename and your IP address. This could allow Microsoft to build a substantial database of your software linked to your devices. If you don’t want this information to leave your computer I suggest you switch off Windows SmartScreen.
How to control SmartScreen Filter settings:
- Control Panel > System and Security > Action Center
- Expand the security list and scroll down to Windows SmartScreen
- Click > Change settings > You might be prompted to enter your UAC password
- You have the options to add admin approval before running an app; give a warning before running unrecognised apps or turn off Windows SmartScreen.
FACT: Last year an NSS report confirmed that SmartScreen was shown to be the best among modern browsers for detecting and blocking socially-engineered malware. Let’s hope they report the same when they test this latest integrated operating system version!
Safe surfing folks!