Very interesting. It goes to show of how software complexity is the enemy of security. I'm sure the link fixing code was written by someone totally different than the malware detection code. I didn't even know Windows did this link fixing, I bet the team testing the security detection logic didn't either.
While it is a fail, honestly, it doesn't seem very bad to me. You download software off the web and run it as your user account, then it can do whatever your user account can. This happens if you get a security popup and bypass it or don't get any popup. I don't believe I've seen Linux or MacOS have any equivalent protection. So in worst case it is as insecure as the alternatives.
As an application developer, I've found smartscreen to be annoying. I've had customers complain that we had malware when it was just a new software build that MS hadn't seen before. Or I'll get smartscreen complains on development tools and pre-compiled binaries because they aren't common.
Home
Help
Search
Login
Register
