Q&A What is Smartscreen? (Win8/10)

Discussion in 'Microsoft' started by Umbra, Apr 1, 2016.

?

Do you use it ?

  1. Yes

    45 vote(s)
    86.5%
  2. No because...

    7 vote(s)
    13.5%
  1. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,258
    13,534
    Utopia
    got it, so let's put zip files on the side.

    My second question is really more like this: let's say I download what I think is a plain old pdf file.
    In truth, it is javascript.
    I am stupid, and I click on it.
    Does smartscreen save my skin?
     
    Andy Ful likes this.
  2. Andy Ful

    Andy Ful Level 21

    Dec 23, 2014
    1,093
    4,690
    business
    Poland
    Windows 10
    Microsoft
    #62 Andy Ful, Feb 8, 2017
    Last edited: Feb 8, 2017
    Edit.
    Read my next post first, please.

    1. Not directly. It does not stop the PDF file to be opened. In Windows 10, the Edge Browser will be opened, too. The script can run or sometimes cannot run in Edge. If the script can run in Edge, then SmartScreen can block the phishing page or malicious download.
    2. If Edge Browser is not set to open PDF files, then the file will be opened by default PDF viewer. If one uses Microsoft Reader (AppContainer) with disabled JavaScript option then nothing happens. If JavaScript option is enabled, then the script is locked in Appcontainer or you will be redirected to malware webpage (see ponit 1).
    3. There are many possibilities.
     
    shmu26 likes this.
  3. Andy Ful

    Andy Ful Level 21

    Dec 23, 2014
    1,093
    4,690
    business
    Poland
    Windows 10
    Microsoft
    If it is double extension file malware.pdf.JS, then the script will be run, and SmartScreen can only help when the Edge or IE will be opened.
     
    shmu26 likes this.
  4. shmu26

    shmu26 Level 53

    Jul 3, 2015
    4,258
    13,534
    Utopia
    many thanks to @Andy Ful for this amazingly detailed information!
     
    Andy Ful likes this.
  5. Andy Ful

    Andy Ful Level 21

    Dec 23, 2014
    1,093
    4,690
    business
    Poland
    Windows 10
    Microsoft
    You are welcome.:)
     
    shmu26 likes this.
  6. reboot

    reboot Level 3

    Jan 27, 2017
    143
    402
    Marketing consultant
    Australia
    Windows 10
    Default-Deny
    Okay so that short circuits some thoughts and ideas I was having around why…

    1. one should really test native security as a 'whole' rather than just individual components like SmartScreen
    2. excluding folders full of samples of malware and ransomware (so real time protection doesn't kick in) and then including the folders may actually skew the results.

    I know that none of that probably makes sense in the context of my original question, but that's where my thoughts were headed.

    Anyway I am a bit intimidated to ask further questions in case Umbra slaps me for being lazy and not testing things for myself. LOL

    On a serious note thank you to for providing such detailed explanations. I have read your post several times and each time it feels like I pick up another gem. :)
     
    shmu26 and Andy Ful like this.
  7. DC47561

    DC47561 Level 3

    Feb 3, 2017
    103
    109
    IT Support
    Here
    Windows 10
    Kaspersky
    I leave SmartScreen switched on myself. It doesn't really do any harm. If you really need to run something, there is always the run anyway option.
     
    reboot and Andy Ful like this.
  8. Andy Ful

    Andy Ful Level 21

    Dec 23, 2014
    1,093
    4,690
    business
    Poland
    Windows 10
    Microsoft
    That is because, sometimes they are hard to understand (even for me).:)
     
    shmu26 and reboot like this.
  9. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,163
    29,642
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    Finally ! someone that use its brain ! i keep saying that since ages on various forums , even tests labs/youtesters, and some so called "security experts'" don't get it.

    Don't be shy , ask , anyway slaps makes your skin pinker and firmer with time :D
     
    Andy Ful, shmu26 and reboot like this.
  10. Rolo

    Rolo Level 18

    Jun 14, 2015
    863
    977
    Retired Electronics, Computer, Network Engineer
    North Carolina
    Windows 10
    BitDefender
    This is a bit inaccurate and creates confusion. SS works at the file system level and additionally works with IE & Edge; it does not work with all browsers.

    IE/Edge will give notification upon download; with any other browser, SS won't kick in until the file is opened.
     
  11. Umbra

    Umbra From Emsisoft
    Developer

    May 16, 2011
    17,163
    29,642
    Community manager
    Vietnam & France
    Windows 10
    Emsisoft
    #71 Umbra, Feb 20, 2017
    Last edited: Feb 20, 2017
    @Rolo exactly what i said lol

    That is the meaning of system-wide, means work with all downloaded files. I didn't point detection at download but at execution, which is what is important , block when executed. Of course , using IE/Edge his better but few use them.
     
Loading...
Similar Threads Forum Date
Smartscreen Test Page Microsoft May 14, 2017
Update Smartscreen in Creators Update Microsoft Apr 6, 2017
Poll If you don't use IE, should you disable Smartscreen on Windows 7? General Security Discussions Mar 25, 2017