First Published 28 Jan 2023
This article was prompted by a recent thread at Utter Access forum : FE/BE installation issues
Windows SmartScreen is a security feature built into the Windows operating system that helps protect users from potentially malicious software.
It works by checking the reputation of applications and files downloaded from the internet, and warns users if an application or file is potentially dangerous.
SmartScreen also checks the URLs of websites that are visited in Microsoft Edge, and warns users if a website is potentially fraudulent or dangerous.
For more info, see Microsoft Defender SmartScreen
Windows SmartScreen provides important safeguards to protect users.
However, you should always remain vigilant with regard to downloaded files, as it may not catch all malicious software.
Conversely, it may create 'false flags' for files that are perfectly safe, because it doesn't have sufficient data to mark a file as safe.
In such cases, if you are using the Microsoft Edge browser, the file you are trying to download will be marked like this:
NOTE: Other browsers such as Firefox and Chrome do not generate SmartScreen warnings
If you see a smart screen warning like that above, it may be wise not to download the file
However the user can choose to disregard the warning and continue the download.
To do so, right click the 'flagged file' or click the ellipsis (...) and select Keep. A further warning screen appears:
Click Show More then Keep Anyway. The file will then be downloaded
The end user can also assist by right clicking and selecting Report this file as safe (see below for more details)
Managing Smart Screen Warnings
Windows SmartScreen will at times create 'false flags' for files that are perfectly safe because it doesn't have sufficient data to mark a file as safe.
If you distribute applications as .EXE files, using a code signing certificate will significantly reduce the number of warnings seen by your customers.
If the .EXE file has a valid certificate and sufficient downloads to be designated as safe, no warnings appear and the file is downloaded with no problems.
Code signing certificates can be purchased from suppliers such as Sectigo or Verisign.
Before a certificate is supplied, you will need to complete some rigorous verification checks which can take some time.
There are two types of code signing certificate:
a) OV (for individual developers and small companies)
b) EV (for larger companies)
For more info, see Code Signing Certificate Info
Where the smart screen warnings do appear because the file is flagged as 'not commonly downloaded', those will disappear once the file has sufficient downloads.
Using the much more expensive EV code signing certificate will significantly reduce or eliminate the smart screen warnings
I have used an OV certificate since 2014. Until recently all of my .EXE files available from this website could be downloaded with no warnings. The vast majority still can.
However, last year I had to change to a different certificate name. As a result, the built-up reputation was lost and a very small number of files are now longer being reported as safe
I have identified these and as a test asked Microsoft to remove the inappropriate warning flag on one file.
To do so, click on the ellipsis (...) then select Report this file as safe
Complete the web form that appears. There are several questions starting with:
After 2 days, I received an acknowledgement email stating
In my case, the false flag was removed less than 48 hours later
I have since asked for warnings on the remaining 'flagged files' to be removed
Configure Windows SmartScreen Settings
The SmartScreen feature can be configured or turned off from the Windows Security settings.
The Windows Security screen appears:
Click App & browser control. The following screen appears:
Click Reputation based protection settings. The following screen appears:
Each option can be individually disabled but doing so increases the risk of malicious files being downloaded
For more info on the various options, see How to Disable SmartScreen in Windows 10
Please use the contact form below to let me know whether you found this article interesting/useful or if you have any questions/comments.
Please also consider making a donation towards the costs of maintaining this website. Thank you
Colin Riddington Mendip Data Systems 28 Jan 2023
Return to Access Blog Page
Return to Top