This year we have seen many instances where leading PC OEMs such as Lenovo and Dell were found pre-installing programs that didn't only spoil the user experience, but also at times, left their customers vulnerable to several types of attacks. Thankfully, this should change soon. Microsoft has announced that it will detect and remove adware from Windows PCs in 2016.
Microsoft has said that it is taking a tougher stance on ad-supported software that utilise man-in-the-middle (MiTM) techniques. The company is making some changes to the adware detection rules. It announced that every advertising-based software needs to use the browser's official supported methods for installation, execution, disabling and removal.
Man-in-the-middle techniques have been heavily abused in recent years. These often bypass many of the notifications system used by modern Web browsers without the user being made aware of anything. Outlining some of the MiTM techniques, the company noted that these programs are able to perform injection by proxy, and are also capable of changing DNS settings, and manipulating network layers.
The Redmond-based company has also pointed out the shortcomings in Web browsers, and what needs to be done. "Most modern browsers have controls in them to notify the user when their browsing experience is going to change and confirm that this is what the user intends. However, many of these methods do not produce these warnings and reduce the choice and control of the user," the company wrote in a blog post. "Also, many of these methods also alter advanced settings and controls that the majority of users will not be able to discover, change, or control."
These techniques intercept the network communication between the Internet and the PC to inject advertisements and promotions. Microsoft has pointed out that this all could be fixed if any unofficial route to control and change the browser settings is stopped. "Our intent is to keep the user in control of their browsing experience and these methods reduce that control," it noted in a blog post. The changes Microsoft has shared will be effecting starting March 31, 2016.
As we noted recently, PC OEMs in an attempt to increase their profit margin are actively looking into ways for additional revenue channels. While PC bloatware isn't a new thing, in 2015, it was at the centre stage because of the level of security risks it imposed on customers.