Microsoft policy update will ban 'man-in-the-middle' adware technique used by Lenovo's Superfish

By midian182
Dec 23, 2015
Post New Reply
  1. Microsoft is cracking down on adware next year. In a post on its TechNet blog, the company said that it is banning ad injection software that uses 'man-in-the-middle' techniques, such as network layer manipulation, injection by proxy, and changing DNS settings without express consent.

    “All of these techniques intercept communications between the internet and the PC to inject advertisements and promotions into webpages from outside, without the control of the browser. Our intent is to keep the user in control of their browsing experience and these methods reduce that control,” Microsoft said in the post.

    Microsoft’s new policy, which comes into effect on March 31, states that any programs that show ads on the browser can only install, disable or execute programs through the browser itself. Meaning any ad software that wants to download or install something without notifying you via your browser will be blocked off and marked as adware.

    “Programs that create advertisements in browsers must only use the browsers' supported extensibility model for installation, execution, disabling, and removal," Microsoft said. "The choice and control belong to the users, and we are determined to protect that."

    The move comes in the wake of Lenovo’s Superfish controversy that was exposed earlier this year. The company was found to have pre-installed the adware on many of its consumer laptops. Not only did the software hijack a web browser to inject ads into webpages, but it also generated its own root certificate so it could intercept traffic from secure sites and overlay its own ads on the page.

    Lenovo eventually agreed to stop pre-loading its computers with Superfish, acknowledged that it was a security risk, and released an automatic removal tool. Hopefully, Microsoft's new policy will prevent a repeat of a similar Superfish scandal; it’s just surprising that the company has taken so long to implement it.

    Image credit: Sam72 / shutterstock

    Permalink to story.

  2. Uncle Al

    Uncle Al TS Evangelist Posts: 3,338   +1,986

    Well, it's about time!
    seeprime likes this.
  3. psycros

    psycros TS Evangelist Posts: 1,870   +1,291

    A positive move. Hopefully they'll be asking the NSA for its keys back next.
  4. alabama man

    alabama man TS Maniac Posts: 375   +241

    Father just got new lenovo desktop computer, out of package nothing installed slower than hes 10 years old computer. It keeps loading something on background no matter how long you wait.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...