Microsoft advances its move against adware, browser hijackers and other potentially unwanted applications (PUAs) in enterprise corporate networks, as it launches its PUA protection in its anti-malware products.
The new feature is available in Microsoft’s System Centre Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEP) as an option that can be turned on by system administrators.
PUA signatures are included in the anti-malware definition updates and cloud protection, so no additional configuration is needed.
Potentially unwanted applications are those programmes that, once installed, also deploy other programmes without users’ knowledge, inject advertisements into Web traffic locally, hijack browser search settings, or solicit payment for various services based on false claims.
“These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify among the noise, and can waste helpdesk, IT, and user time cleaning up the applications,” researchers from the Microsoft Malware Protection Centre said in a blog post.
System administrators can deploy PUA protection for the specific anti-malware product version in their organisation through the registry as a Group Policy setting.
Microsoft recommends that this feature be deployed after creating a corporate policy that explains what potentially unwanted applications are and prohibits their installation. Employees should also be informed in advance that this protection will be enabled to reduce the potential number of calls to the IT helpdesk when certain applications that worked before start being blocked.
If the network is already likely to have many PUA installations, it’s recommended to deploy the protection in stages to limited number of computers in order to see if any detections are false positives and to add exclusions for them. Exclusion mechanisms based on file name, folder, extension and process are supported, the Microsoft researchers said.