Microsoft begins active struggle with adware like Superfish

Photo source: Shannon Stapleton / REUTERS

Microsoft has announced its intention to "detect and remove" insecure adware from user PCs running Windows OS starting in 2016. This decision was made to prevent a recurrence of a problem with Lenovo PC software. In particular, the company is introducing new rules for adware. Now, such software can only use official browser tools to install, run, block and remove. The changes will take effect in March 2016.

The goal of Microsoft's new policy is software like Superfish, adware, which was preinstalled on Lenovo user's PCs from 2014 to 2015. This software, as previously reported, listens to traffic, analyzes user requests in search services, and adds its own ads to web pages.

Moreover, all this works at the level of the system itself, with the interception of HTTPS traffic as one of the “work” tools.

In order to be part of the system, the program installs the Superfish CA certificate in the Windows keystore, with the substitution of certificates for your own. The software came with laptops of Lenovo Y50, Z40, Z50, G50 and Yoga 2 Pro models.

Microsoft said: “All these methods of intercepting traffic allowed you to insert ads into any type of web page, without any control from the browser. We are trying to give the user the ability to control the viewing of web pages, and such software reduces the level of such control. "

And the problem is not only in advertising. The fact is that the software itself is poorly protected from hacking from the side. Hackers, if desired, can intercept control on adware such as Superfish and perform other types of operations from the user's PC, including interception of important information (bank account and access to it, access to other resources, etc.).

Since March 31, 2016, “programs that create ads in browsers should use only the regulated capabilities of the browser to install, execute, block and remove.”

As for the same Superfish, even after the removal of this software, the vulnerability for the user's PC remains open. Lenovo recently apologized for the problem and released the official Superfish removal tool that solves the problem.