The Microsoft Malware Protection Center announced yesterday that its security products would begin detecting all software containing search protection functions and classifying it as malicious, regardless of whether the search-censoring features are enabled or latent.
Search protection is a scheme deployed by certain software packages in an attempt to limit user control of browser and search settings. In some cases, software makers use search protection in order to prevent users from uninstalling products or changing their default search engine. Other varieties keep users from disabling or enabling certain browser extensions.
Detection changes: search protection code: http://t.co/UZJoAwyrdb
— Microsoft Threat Intelligence (@MsftSecIntel) May 27, 2015
Microsoft is encouraging developers to remove any search protection code from their software, warning that a failure to do so will result in malicious detection. Furthermore, it will not be enough to merely disable search protection, developers will have to completely rid their wares of any search protection code, no matter how long it lie dormant.
Microsoft began blocking programs that prevent or limit users from viewing or modifying browser features or settings late last year. Starting June 1, the tech giant will take the next step, detecting software that prevents users from changing default search engines and home pages. Microsoft will also move to classify as malicious programs that attempt to circumvent consent dialogue boxes on June 1 as well.
“Working with us can help reduce the risk of having programs with search protection functionality turned off, but still containing non-compliant code, being detected as developers work on completely removing the non-compliant code,” the Microsoft Malware Protection Center is telling developers.
This move represents a significant step in regulating coercive software and development policies. For years, software makers have deployed search protection features in an effort to surreptitiously control the browsing behavior and limit the decision-making capacity of their users. While Microsoft is by no means the first security product to deem search protect malicious, it is certainly among the most influential.