A while ago, Microsoft introduced the new protection option against Potentially Unwanted Applications (PUA) in Microsoft Edge. Today the company revealed how it works.
The option was first introduced in Edge Canary 79.0.280.0. Check out the following article:
How To Block Potentially Unwanted Apps For Downloads in Microsoft Edge
Potential Unwanted Application (PUA) usually refers to unwanted application bundlers or their bundled applications. These applications can increase the risk of your device being infected with malware, and can waste your time cleaning up the applications. Typical examples of behavior that is considered unwanted include ad-injection, many types of software bundling, and persistent solicitation for payment for services based on fraudulent claims.
Windows Defender comes with built-in protection against such apps.
How Microsoft Determines PUA
Microsoft uses specific categories and the category definitions to classify software as a PUA.
- Advertising software: Software that displays advertisements or promotions, or prompts you to complete surveys for other products or services in software other than itself. This includes software that inserts advertisements to webpages.
- Torrent software: Software that is used to create or download torrents or other files specifically used with peer-to-peer file-sharing technologies.
- Cryptomining software: Software that uses your device resources to mine cryptocurrencies.
- Bundling software: Software that offers to install other software that is not digitally signed by the same entity. Also, software that offers to install other software that qualifies as PUA based on the criteria outlined in this document.
- Marketing software: Software that monitors and transmits the activities of users to applications or services other than itself for marketing research.
- Evasion software: Software that actively tries to evade detection by security products, including software that behaves differently in the presence of security products.
- Poor industry reputation: Software that trusted security providers detect with their security products. The security industry is dedicated to protecting customers and improving their experiences. Microsoft and other organizations in the security industry continuously exchange knowledge about files we have analyzed to provide users with the best possible protection.
PUA Protection in Microsoft Edge
Microsoft explains the following. Here is what users will see when a download is blocked by the feature (Note: PUA blocking requires Microsoft Defender SmartScreen to be enabled):
If an app has been mislabeled as PUA, users can choose to keep it by tapping … in the bottom bar, choosing Keep, and then choosing Keep anyway in the dialog that appears.
Using the Downloads page, the user can also choose Report this app as reputable from the download context menu, which will open Microsoft's feedback site. There, the user can report that the file is mistakenly marked as PUA.
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
I haven’t been keeping notes but it guess this system also blocks files, right?
In Edge I tried downloading an mkv video but it was stopped with a warning, yet other mkv video was not blocked from that same site.
I’ve never got warnings about video files from other browsers.
Also, I went to download this software called Lively Wallpaper, and I got a PUA warning. It said the software had a low reputation, which is simply because it’s new.
The dev of Lively Wallpaper said he can make that PUA warning go away if he pays for a special Microsoft certificate, but it’s not worth it, as his software is free.
So that’s that.
I guess overall this PUA Protection in Microsoft Edge is a good thing, but so far it seems a bit too paranoid.
MKV is not a format it is a container. Like a zip file it has several seperate files inside it, often several attached images. I may be wrong but I would guess M$ looks inside at the seperate files like scanning any other archive.