The Microsoft Malware Protection Center is committed to protecting our customers and their Windows experience. We use our evaluation criteria to determine if a program should be detected by our security products. As the software ecosystem evolves, so does our evaluation criteria.
We are currently updating our evaluation criteria to address new technology changes, industry trends, customer feedback, and our desire to help better protect our customers. We are working with the industry and our partners to understand and implement these changes.
One of these changes will enable our systems to better detect misleading advertising. There has been a recent increase in the number of online advertisements that are intentionally misleading in nature. We’ve found that these types of advertisements often try to convince a user to do something, the consequences of which they may not fully understand, such as visiting an infected website or downloading a program that can negatively impact their browsing experience.
We will enforce our updated evaluation criteria from June 1, 2015.
Changes to our unwanted software evaluation criteria
We are including the following updates to our objective criteria:
Advertisements: The advertisement should not mislead you into visiting another site or downloading files.
Advertisements shown to a user:
- Must not mislead or deceive, or confuse with the intent to mislead or deceive
- Must be distinguishable from website content
- Must not contain malicious code
- Must not invoke a file download
The following examples show some of the advertising types that are considered misleading according to our updated evaluation criteria:
Figure 1: Examples of misleading advertising
Another example of misleading advertisements are those that prompt a download when the advertisement is clicked. This reduces user control over their browsing experience. The expected behavior is that the program will be downloaded from a product landing page, and not directly from an advertisement.
Advertisements that make it difficult to tell whether a user is looking at website or advertisement content will also be detected as misleading. In many cases these ads are created so that a user doesn’t realize that they are looking at an advertisement.
Advertisements that include malicious or exploit code are already detected. However, our updated evaluation criteria is now more explicit. Such behavior is not tolerated.
Enforcing our criteria
When SmartScreen Filter is turned on, Internet Explorer will notify you about sites that contain an advertisement that is detected under our evaluation criteria. The warning will look like the following example:
Figure 2: SmartScreen Filter warning for a webpage with misleading advertising
For more information about how this technology works, see the SmartScreen Filter page.
Michael Johnson and Barak Shein