Microsoft to Detect Search Protection Code as Malware

microsoft disables search protect

Microsoft security products will begin detecting software containing search protection functions and classifying it as malicious on June 1.

The Microsoft Malware Protection Center announced yesterday that its security products would begin detecting all software containing search protection functions and classifying it as malicious, regardless of whether the search-censoring features are enabled or latent.

Search protection is a scheme deployed by certain software packages in an attempt to limit user control of browser and search settings. In some cases, software makers use search protection in order to prevent users from uninstalling products or changing their default search engine. Other varieties keep users from disabling or enabling certain browser extensions.

Microsoft is encouraging developers to remove any search protection code from their software, warning that a failure to do so will result in malicious detection. Furthermore, it will not be enough to merely disable search protection, developers will have to completely rid their wares of any search protection code, no matter how long it lie dormant.

Microsoft began blocking programs that prevent or limit users from viewing or modifying browser features or settings late last year. Starting June 1, the tech giant will take the next step, detecting software that prevents users from changing default search engines and home pages. Microsoft will also move to classify as malicious programs that attempt to circumvent consent dialogue boxes on June 1 as well.

“Working with us can help reduce the risk of having programs with search protection functionality turned off, but still containing non-compliant code, being detected as developers work on completely removing the non-compliant code,” the Microsoft Malware Protection Center is telling developers.

This move represents a significant step in regulating coercive software and development policies. For years, software makers have deployed search protection features in an effort to surreptitiously control the browsing behavior and limit the decision-making capacity of their users. While Microsoft is by no means the first security product to deem search protect malicious, it is certainly among the most influential.

Suggested articles

Tech Support Scammers Cast a Wider Net

Microsoft is warning of a wave of phishing campaigns pushing tech support scams via malicious links to phony Amazon, Alibaba and LinkedIn web pages.

Where Have All The Exploit Kits Gone?

For a long time, exploit kits were the most prolific malware distribution vehicle available to attackers. Where did they go and what’s replaced them?

Discussion

  • Rob on

    They're doing this when last I checked document.pdf.exe isn't flagged as malware? buh?
  • Bob on

    yeah, Microsoft's security systems are always the last to act. That is why MS Security Essentials is such a joke!

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.