Number: IRCNE2014122396
Date: 2014/12/14
According to “zdnet”, back in October Microsoft announced that it would soon add detections to its antimalware products for behaviors exhibited by some misbehaving software. On Thursday they announced that some of these changes take effect immediately and others on January 1.
The behaviors mostly deal with browser extensions and settings. Many such problems have been blocked in all major browsers by a disabled-by-default model for newly-installed extensions, requiring the user to affirmatively choose to install new software. But some programs have found hacks around these restrictions. Microsoft has defined these two behaviors as unacceptable:
- Bypassing consent dialogs from browsers that ask you if you want to install browser toolbars/extensions/add-ons.
- Preventing you from viewing or modifying browser features or settings.
For example, some software has used Group or Local Policy Objects, registry changes, and preferences file modifications to permit the installation of software which is blocked or disabled by default.
This sort of capability, sometimes called HIPS (Host Intrusion Prevention Service), is common in other modern security suites. Kaspersky calls it Application Privilege Control, part of a set of related services that are much more flexible and comprehensive than Microsoft's.
But Microsoft's antimalware products set an effective baseline that users get by default. In a statement, Microsoft said that the new enforcement applied to all browsers, not just to Internet Explorer.
Microsoft has defined one more behavior as unacceptable: programs may not "... circumvent user consent dialogs from the browser or operating system." This change will go into effect on January 1.
- 2