Popular Topics

Topics

About

Policies

Our Network

More

Lucian Constantin
by
CSO Senior Writer

Microsoft enables potential unwanted software detection for enterprise customers

news
Nov 30, 20152 mins

Sysadmins can now turn on the feature in System Center Endpoint Protection and Forefront Endpoint Protection

microsoft headquarters
Credit: Microsoft

It’s time to throw adware, browser hijackers and other potentially unwanted applications (PUAs) off corporate networks, Microsoft has decided. The company has started offering PUA protection in its anti-malware products for enterprise customers.

The new feature is available in Microsoft’s System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEP) as an option that can be turned on by system administrators.

PUA signatures are included in the anti-malware definition updates and cloud protection, so no additional configuration is needed.

Potentially unwanted applications are those programs that, once installed, also deploy other programs without users’ knowledge, inject advertisements into Web traffic locally, hijack browser search settings, or solicit payment for various services based on false claims.

“These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify among the noise, and can waste helpdesk, IT, and user time cleaning up the applications,” researchers from the Microsoft Malware Protection Center said in a blog post.

System administrators can deploy PUA protection for the specific anti-malware product version in their organization through the registry as a Group Policy setting.

Microsoft recommends that this feature be deployed after creating a corporate policy that explains what potentially unwanted applications are and prohibits their installation. Employees should also be informed in advance that this protection will be enabled to reduce the potential number of calls to the IT helpdesk when certain applications that worked before start being blocked.

If the network is already likely to have many PUA installations, it’s recommended to deploy the protection in stages to limited number of computers in order to see if any detections are false positives and to add exclusions for them. Exclusion mechanisms based on file name, folder, extension and process are supported, the Microsoft researchers said.

SecurityMalwareTechnology Industry
Lucian Constantin
by
CSO Senior Writer

Lucian Constantin writes about information security, privacy, and data protection for CSO. Before joining CSO in 2019, Lucian was a freelance writer for VICE Motherboard, Security Boulevard, Forbes, and The New Stack. Earlier in his career, he was an information security correspondent for the IDG News Service and Information security news editor for Softpedia.

Before he became a journalist, Lucian worked as a system and network administrator. He enjoys attending security conferences and delving into interesting research papers. He lives and works in Romania.

You can reach him at lucian_constantin@foundryco.com or @lconstantin on X. For encrypted email, his PGP key's fingerprint is: 7A66 4901 5CDA 844E 8C6D 04D5 2BB4 6332 FC52 6D42

More from this author

Show me more

opinion

An architecture for engineering AI context

By Sean Robinson
10 mins
DatabasesGraph DatabasesNoSQL Databases
Image
opinion

Designing self-healing microservices with recovery-aware redrive frameworks

By Anshul Gupta
5 mins
Cloud ComputingSoftware Development
Image
news

VS Code now updates weekly

By Paul Krill
4 mins
Development ToolsIntegrated Development EnvironmentsVisual Studio Code
Image
video

How to build desktop apps in Typescript with Electrobun

5 mins
Python
Image
video

Write and run assembly in Python with Copapy

5 mins
Python
Image
video

Run AI Models Locally on Your PC — No Cloud Required (LM Studio Guide)

5 mins
Python
Image