Microsoft now taking on Man in the Middle ad injection and browser hijacking

Microsoft now taking on Man in the Middle ad injection and browser hijacking

I once worked helpdesk tech support for a security software company and my main job was to assist customers in dealing with malware/adware infections on their systems.

Some of those sessions required that I remote connect to the customers desktop in order to help begin clearing things up but these adware/ad injection infections would not even allow the user to browse to the right website to download a small remote connection tool. Instead, the infection would redirect them to a screen that looked a lot like the destination I was sending them to but in reality it was not.

Instead they would land on a page with fake downloads, likely including malware infected payloads, and ads plastered everywhere.

Well Microsoft has decided that enough is enough and they are now focused on giving users back full control over their system.

The way they will do this is through their Adware objective criteria and the way their anti malware products identify and remove unwanted and malicious software.

It was in April of 2014 that Microsoft began this process in earnest by establishing their criteria for identifying undesired software programs and their activities in a set of evaluation criteria that included:

  • Displays unwanted behaviors; does not get explicit consent; prevents user from controlling actions of the program
  • Out of context advertising
  • Misleading advertisements
  • Collects user information without explicit permission
  • Consumer opinion/user input is key factor to also identifying unwanted behavior

There is a similar list of criteria for what Microsoft considers malicious software on the same page.

Yesterday, Microsoft added a new criteria that will be used to identify these man in the middle attacks and any software violating this criteria will be added to their malware definitions with settings to detect and remove the offending software.

To address these and to keep the intent of our policy, we’re updating our Adware objective criteria to require that programs that create advertisements in browsers must only use the browsers’ supported extensibility model for installation, execution, disabling, and removal.

Microsoft will begin removing any software programs that violate the above criteria on 31 March 2016.

This announcement follows news last week about the improvements Microsoft has made to their SmartScreen technology that helps to protect users on the web from drive by attacks. This feature is available in Internet Explorer, Microsoft Edge and Windows. It has used URL and Application reputation protection over the last 8 years to block users from billions of web based attacks according to Microsoft. Recent additions include protections against phishing, deceptive advertisements and technical support scams.

I have always believed that being secure on the Internet is a good mix of smart computing habits and software.  For me that means no clicking on unknown or questionable links from emails or websites and having Windows Defender active and updated on all of the systems in my home.

These practices have been the norm in my home for a few years now and do you know how many infections or hijackings I have experienced? Zero, Zilch, Nada.

How do you best protect yourself from malicious or unwanted software?

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.