Advice Request Dealing with Defender SmartScreen in Edge Chromium

Please provide comments and solutions that are helpful to the author of this topic.

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Today I wanted to check what sort of defence Microsoft Edge has against viruses and malware. As I don't deal with real malware, I'll opt for the safer virus test file (not malware). Screenshots are taken from Windows 10 20H2 Build 19042 with MS Defender as the primary Antivirus, and Microsoft Edge v89 as the default browser.


1. Downloaded the first file.
1615481022211.png



2. The first browser warning: "This type of file might harm your computer" [Keep] [Delete]
1615481053547.png


3. If I select Keep, this message appears.
1615481073711.png


4. Proceeding with Keep Anyway

5. The second browser warning: "This file was blocked as unsafe by MSDSS(...)" [Keep] [Delete]
1615481091518.png


6. Again I select Keep, and another warning:
1615481124149.png


7. Proceed with Keep anyway under Show more.

8. The browser download status changes to "Couldn't download - Virus detected".
1615481147382.png


9. The file is removed by the resident Microsoft Defender Antivirus.
1615481221615.png
 

Ink

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Microsoft Defender SmartScreen
Eicar isn't malware, only a virus test file as stated for this experiment.

By the looks if how SmartScreen works with Defender Antivirus, it would be quite troublesome to get any malware onto the computer.

The browsers' defence blocks the files at least twice, before allowing the user to Keep the file.

It begs the question, of how on earth do people get infected if the file is known to be unsafe.
 
Last edited:

Lenny_Fox

Level 22
Verified
Top Poster
Well-known
Oct 1, 2019
1,120
The browsers' defence blocks the files at least twice, before allowing the user to Keep the file.

It begs the question, of how on earth do people get infected if the file is known to be unsafe.
I remember my father angrily asking my youngest brother in disbelieve "why did you execute the file when the antivirus said it was malicious?"

Two of his hilarious answers:

- when antivirus allowed me to execute the program, I figured it could not be that bad, a really bad program would not be allowed to execute, would it?

- my friends found a free game with the same name (when downloading a crack), they did not had any problems, so I thought it would be okay

After the second infection we got an old laptop to share. He managed to wreck that one also once (again by downloading a crack).
 

jackuars

Level 27
Verified
Top Poster
Well-known
Jul 2, 2014
1,688
I remember my father angrily asking my youngest brother in disbelieve "why did you execute the file when the antivirus said it was malicious?"

Two of his hilarious answers:

- when antivirus allowed me to execute the program, I figured it could not be that bad, a really bad program would not be allowed to execute, would it?

- my friends found a free game with the same name (when downloading a crack), they did not had any problems, so I thought it would be okay

After the second infection we got an old laptop to share. He managed to wreck that one also once (again by downloading a crack).
Seems like your brother must be redirected to safer/trusted torrent sites for downloading games. :D
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top