Microsoft to start blocking adware that lacks easy uninstall
- 05 April, 2014 00:17
Microsoft has toughened its criteria for classifying programs as adware and gave developers three months to conform with the new principles or risk having their programs blocked by the company's security products.
The most important change in Microsoft's policy is that adware programs will be blocked by default starting July 1. In the past such programs were allowed to run until users chose one of the recommended actions offered by the company's security software.
Interestingly, Microsoft's crackdown on adware comes as it introduces tools to make it easier for developers to incorporate advertising into Windows 8.1 and Windows Phone apps.
The company has re-evaluated its criteria for classifying applications as adware based on the principle that users should be able to choose and control what happens on their computers, according to Michael Johnson, a member of the Microsoft Malware Protection Center.
First of all, only programs that display ads promoting goods and services inside other programs -- for example, browsers -- will be evaluated as possible unwanted adware applications, Johnson said Thursday in a blog post. "If the program shows advertisements within its own borders it will not be assessed any further."
In order to avoid being flagged as adware and blocked, programs whose revenue model includes advertising must only display ads or groups of ads that have an obvious close button. The ads must also clearly indicate the name of the program that generated them.
Recommended methods for closing the ad include an "X" or the word "close" in a corner; the program name can be specified through phrases like "Ads by ...", "... ads", "Powered by ...", "This ad served by ...", or "This ad is from ...".
"Using abbreviations or company logos alone are not considered clear enough," Johnson said. "Also, only using 'Ads not by this site' does not meet our criteria, because the user does not know which program created the ad."
In addition to following these ad display guidelines, programs need to provide a standard uninstall method in the Windows control panel or the browser add-on management interface, if the program operates as a browser extension or toolbar. The corresponding uninstall entries must contain the same program names as displayed in the generated ads.
"We are very excited by all of these changes," Johnson said. "We believe that it will make it easy for software developers to utilize advertising while at the same time empowering users to control their experience."
Adware programs typically affect the Web browsing experience and have been a nuisance for years, primarily because their developers make it intentionally hard to completely remove all of their components or undo the changes made by these applications.
Researchers from antivirus vendor Avast named unwanted browser toolbars and extensions as one of the biggest problems for users in 2013. Such toolbars are often difficult or even impossible for average users to fully uninstall because they change their names and identifiers on almost every new computer to prevent detection and removal by security products, they said in a blog post at the end of December.
"Most adware in the past years has been classified as greyware at best," said Bogdan Botezatu, a senior e-threat analyst at antivirus vendor Bitdefender, Friday via email. "Often users would have to opt out of the adware offering and those less careful would end up with a product they don't want installed on their machine. These adware add-ons are also very difficult, if not impossible to remove, which makes them look awfully similar to spyware."
"However, the adware industry is a multi-billion dollar business and I don't expect adware developers to go along with Microsoft's decision without any pressure," Botezatu said.