Potentially unwanted apps will now be automatically blocked by Windows 10

Windows 10 makes blocking potentially unwanted programs a default setting

Windows Defender now blocks PUPs automaticallyWindows Defender PUPs blocking feature will now be enabled by default

Microsoft has announced that the PUP (potentially unwanted program) blocking feature they released last year will now be enabled by default starting in August. Every device with the 2020 update installed will automatically block unwanted programs without the user having to do anything. Previously this setting had to be manually enabled. This will make it easier for users to keep their systems performing at their best. But if needed, you will still be able to turn it off or back on manually in your settings.

Automatic PUP blocking will be achieved with the help of Microsoft Defender[1], which is a Windows Security program. It provides virus protection along with other advanced security features. It is not required to download this program as it is part of the Windows security suite. Potentially unwanted app blocking was first introduced in the Windows 10 May 2020 update, but it was turned off by default for consumers.

Microsoft provides this protection from potential threats by identifying and analyzing software and online content. When people download, install, and run software, they check the reputation of downloaded programs and ensure consumers are protected against known threats. Windows also has a function that warns about software that is unknown to them.

Users who would like to turn off the feature will be able to do so by heading to the “Windows Security” setting, selecting the “App & browser control” option, clicking the “Reputation-based protection settings”. Users are also now able to choose if they want to keep blocking downloads or apps, or both.

Potentially unwanted applications pose a high risk to user privacy

PUA isn’t malware, but it is the software you often do not need and probably do not want. Potentially unwanted applications are normally created by reputable sources who walk a thin line between what is considered “legitimate” software and carry out unwanted behavior on users' devices. These programs usually do not fully disclose their purpose or functions. In some cases, the user might find the application useful enough to keep it on their system and continue to endure its effects. That is why they are defined as potentially unwanted.

Blocking these PUPs by default can be very useful for people who want to keep their devices protected from these unwanted third-party programs. These applications can critically threaten user's security or privacy, and this is probably the reason why Microsoft is changing its protection settings and making it enabled by default on Windows 10.

A PUP will sometimes function as a form of adware. These apps might cause your device to slow down, clogging up your system with advertising materials and change browser or system settings. Antivirus companies say potentially unwanted programs track the user's internet usage to sell information to advertisers, inject their own advertising into web pages that a user then sees.

Another reason why these programs aren't considered desired is because of software bundling. These types of applications install other applications that users may not want. The primary application that installed the additional applications often tricks users in the installation process, which allows the installation of the bundled software.

How Microsoft classifies software as a PUA

Microsoft Defender helps deliver more productive and performant Windows experiences for its users by having specific potentially unwanted application categories. These are advertising, torrent, cryptomining, bundling, marketing, evasion, and poor industry reputation software[2].

Advertising software includes software that inserts advertisements to web pages, displays advertisements, or prompts users to complete surveys for other products or services. These ads can be malicious and link users to shady websites.

Torrent software is used to create or download torrents or other files specifically used with peer-to-peer file-sharing technologies. Using these types of programs puts people at risk of downloading dangerous or infected torrents from unknown sources.

Cryptomining software uses your device resources to mine cryptocurrencies. Also known as cryptojacking, these possibly malicious cryptomining programs let cybercriminals hack into computers, laptops, and mobile devices to install software. It uses the victim's computer's power to mine for cryptocurrencies or even steal cryptocurrency from wallets.

Bundleware is a term used to describe software that offers to install other software which is not developed by the same entity or not required for the software to run. These unnecessary programs usually come with free version programs from third-party vendors. Users should be careful not to skip through the installation process if they want to get any apps from non-official sites.

Marketing software keeps track and transmits the activities of users to applications or services other than itself for marketing research. It is important to check the privacy policies of programs you download as they can overstep the boundaries of user privacy.

Evasion software actively tries to evade detection by security products, like antiviruses by detecting user behavior such as moving the mouse, by taking action at certain times, and laying still on others. It can also change its code and use encryption or use a technique called code compression[3]

Poor industry reputation software is detected with security products. This is achieved on Microsoft and other organizations constantly exchanging knowledge about analyzed files to provide users with the best possible protection.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions

References