Manage Windows Smart Screen Warnings



First Published 28 Jan 2023

This article was prompted by a recent thread at Utter Access forum : FE/BE installation issues

Windows SmartScreen is a security feature built into the Windows operating system that helps protect users from potentially malicious software.

It works by checking the reputation of applications and files downloaded from the internet, and warns users if an application or file is potentially dangerous.
SmartScreen also checks the URLs of websites that are visited in Microsoft Edge, and warns users if a website is potentially fraudulent or dangerous.

For more info, see Microsoft Defender SmartScreen



Download Safety

Windows SmartScreen provides important safeguards to protect users.
However, you should always remain vigilant with regard to downloaded files, as it may not catch all malicious software.
Conversely, it may create 'false flags' for files that are perfectly safe, because it doesn't have sufficient data to mark a file as safe.

In such cases, if you are using the Microsoft Edge browser, the file you are trying to download will be marked like this:

SmartScreenWarning
NOTE: Other browsers such as Firefox and Chrome do not generate SmartScreen warnings

If you see a smart screen warning like that above, it may be wise not to download the file
However the user can choose to disregard the warning and continue the download.
To do so, right click the 'flagged file' or click the ellipsis (...) and select Keep. A further warning screen appears:

SmartScreenWarning2
Click Show More then Keep Anyway. The file will then be downloaded
The end user can also assist by right clicking and selecting Report this file as safe (see below for more details)



Managing Smart Screen Warnings

Windows SmartScreen will at times create 'false flags' for files that are perfectly safe because it doesn't have sufficient data to mark a file as safe.

If you distribute applications as .EXE files, using a code signing certificate will significantly reduce the number of warnings seen by your customers.

If the .EXE file has a valid certificate and sufficient downloads to be designated as safe, no warnings appear and the file is downloaded with no problems.

Code signing certificates can be purchased from suppliers such as Sectigo or Verisign.
Before a certificate is supplied, you will need to complete some rigorous verification checks which can take some time.

There are two types of code signing certificate:
a)   OV (for individual developers and small companies)
b)   EV (for larger companies)

For more info, see Code Signing Certificate Info

Where the smart screen warnings do appear because the file is flagged as 'not commonly downloaded', those will disappear once the file has sufficient downloads.

Using the much more expensive EV code signing certificate will significantly reduce or eliminate the smart screen warnings

I have used an OV certificate since 2014. Until recently all of my .EXE files available from this website could be downloaded with no warnings. The vast majority still can.

However, last year I had to change to a different certificate name. As a result, the built-up reputation was lost and a very small number of files are now longer being reported as safe

I have identified these and as a test asked Microsoft to remove the inappropriate warning flag on one file.

To do so, click on the ellipsis (...) then select Report this file as safe

ReportAsSafe1
Complete the web form that appears. There are several questions starting with:

ReportAsSafe2
After 2 days, I received an acknowledgement email stating

SmartScreenEMail

In my case, the false flag was removed less than 48 hours later
I have since asked for warnings on the remaining 'flagged files' to be removed



Configure Windows SmartScreen Settings

The SmartScreen feature can be configured or turned off from the Windows Security settings.

WindowsSecurity1

The Windows Security screen appears:

WindowsSecurity2
Click App & browser control. The following screen appears:

WindowsSecurity3
Click Reputation based protection settings. The following screen appears:

WindowsSecurity4

Each option can be individually disabled but doing so increases the risk of malicious files being downloaded

For more info on the various options, see How to Disable SmartScreen in Windows 10



Feedback

Please use the contact form below to let me know whether you found this article interesting/useful or if you have any questions/comments.

Please also consider making a donation towards the costs of maintaining this website. Thank you



Colin Riddington           Mendip Data Systems                 28 Jan 2023



Return to Access Blog Page




Return to Top