For many of us, the line between adware and malware (if it exists at all) is akin to "You know it when you see it." For years, Microsoft has had the burden of trying to be a little more scientific about the distinction, and at the end of March they're adding new types of forbidden behaviors.
What they'll be on the lookout for, according to an update from Barak Shein and Michael Johnson:
- MiTM techniques add security risk to customers by introducing another vector of attack to the system.
- Most modern browsers have controls in them to notify the user when their browsing experience is going to change and confirm that this is what the user intends. However, many of these methods do not produce these warnings and reduce the choice and control of the user.
- Also, many of these methods also alter advanced settings and controls that the majority of users will not be able to discover, change, or control.
The full list of malware criteria is available at Microsoft's Malware Protection Center.
Poorly designed support tools from Dell and Lenovo introduced just these kinds of man-in-the-middle vulnerabilities earlier this year, so it's not a huge surprise that Microsoft is taking a closer look at the practice.