In response to Superfish, Microsoft will block adware at OS level

By JC Torres/Dec. 23, 2015 1:30 am EST

Early this year, Lenovo was placed on the hot seat after word of the Superfish adware pre-installed on many of its devices became public. Since then, there has been an increased scrutiny of similar traps that lurk within OEM computers, especially those baked inside the OS or even the firmware. In response to these kind of attacks, Microsoft announced that it will enforce a new security model starting next year that will disallow that kind of software on Windows and instead force advertisers to abide by browser features and rules.

The goal of adware like Superfish is to ultimately show ads inside browsers. The way they do so, however, are unconventional as far as browser ads go. They employ what is commonly called a Man in the Middle or MitM attack. In a nutshell, this intercepts communications between a PC and a remote server and masquerades as that remote server in order to inject certain data into the computer, like ads inside browsers. Such software use different methods like changing DNS settings or controlling the system's network layer, all without knowledge of the user.

Aside from the inherent devious nature of this type of software, these adware also present a security risk to computers, as evidenced by Lenovo's Superfish scandal. They create undetected backdoors into users' computers and can even become themselves vehicles of malicious attack. They also deprive users of choice and control over things they want or don't want to see.

So starting 31st of March 2016, Microsoft will be implementing a more hardened stance on adware on Windows. Any software that wants to display advertisements in browsers will have to do so through the browser's own mechanisms and not through external, system-level methods like what Superfish did. This would, in theory, be both safe and more controllable.

It's a noble goal no doubt, but one that will require the cooperation of software, and even OEM, vendors. Microsoft will surely have some way to lock down wayward adware, but whether that will be enough to get more malicious software in line is something yet to be seen.

SOURCE: Microsoft