A very interesting find by a researcher called Nadim Kobeissi.

He found that a Microsoft application called Smartscreen will by default, inform Microsoft of every app downloaded and installed by every user.

He claims that users are not informed about this even though they are given the option to disable SmartScreen (which is enabled by default.)

Smartscreen (to recap) is Microsoft’s application that proactively monitors your downloads to verify that they are not malicious before they get to your desktop. This is a good thing.

From Kobeissi:

Windows 8 appears to send this information to Microsoft to a server that relies on Certificate Authorities for authentication and supports an outdated and insecure method of encrypted communication.

It is possible that these insecurities could allow a malicious third party to target a Windows 8 user and learn which applications they are using. This allows them to profile the user and decide how to best exploit their personal selection of applications and their computing habits.

I find Microsoft’s decision to design SmartScreen in such a privacy-free fashion to be a very bad choice, and I really hope that these concerns regarding SmartScreen will be addressed in near-future updates.

He attached an image:

Smartscreen encryption

Smartscreen encryption

I have no doubt that Microsoft is analyzing how serious this is and if necessary will roll out a patch or update to fix.

I can’t imagine that this will be too hard to take care of.

As Rafael Rivera says:

But look, you have the power of choice. You can turn off Windows SmartScreen via Action Center -> Change Windows SmartScreen settings, and subsequently turn off annoying Action Center warnings by clicking Turn off messages about Windows SmartScreen in the same window.

About the Author

Onuora Amobi is the Founder and VP of Digital Marketing at Learn About The Web Inc. Onuora has more than a decade of information security, project management and management consulting experience. He has specialized in the management and deployment of large scale ERP client/server systems.

In addition to being a former Microsoft MVP and the founder and editor of EyeOnWindows.com, he is the CEO of a Pasadena based online marketing education startup - Learn About The Web Inc. (www.learnabouttheweb.com) and The Redmond Cloud (https://www.theredmondcloud.com).

Related Posts

Brace for impact! It looks like Microsoft may have had enough of the Edge adventure, as a...

Looks like Microsoft is aiming big! The company is said to be working on Windows Lite, an...

Say goodbye to the old classic Microsoft Office icons, which sported a big bold letter with...

  • Rex

    I completely expected MS to be watching Windows 8 usage by testers. I do hope they fix this by roll out time however.