Microsoft will identify and remove adware from Windows PCs in 2016, in an effort to prevent ad-injection software from sneaking in, thus keeping users in control of their browsing experience.
Techniques that intercept communications between the Internet and the PC inject advertisements and promotions into Web pages do so without the control of the browser. These include injection by proxy, changing DNS settings, network layer manipulation, and other methods.
Microsoft also wants to prevent a repeat of Lenovo's security hole that occurred in March 2014, by requiring advertising-based software to use a Web browser’s official methods for installation, execution, disabling and removal.
The PC manufacturer Lenovo was accused of compromising user security by installing an adware application, Superfish, on its Windows computers as they left the factory. The software offers a visual search experience, injecting third-party advertisements into Google search results and Web sites, without prior user approval.
The adware left Lenovo user permanently open to what's known as man in the middle attacks any time they use a public Wi-Fi network, allowing eavesdroppers to read users' Web browsing.
Microsoft business development gurus Barak Shein and Michael Johnson encourage developers to comply with the new criteria. "We are providing an ample notification period for them to work with us as they fix their programs to become compliant," the duo writes in a post. "Programs that will fail to comply will be detected and removed."