From the IE Blog archive
Desktop applications remain an important part of the Windows experience and Microsoft remains committed to the safety of the desktop experience and our users. We recognize that Internet Explorer (IE) isn’t the only way users download applications from the Internet, so Windows 8 now uses SmartScreen to perform an application reputation check the first time users launch applications that were downloaded from the Internet.
This evolution of SmartScreen from IE-only to system wide is a significant improvement for Windows users. We have seen incredible results with this feature in IE9 (more here & here). Hundreds of millions of users have avoided malware infections due to these new experiences and we’re happy to bring this protection to Windows users, regardless of browser choice. For more details on the IE9 application reputation feature and the data models read this post. For more information on security & safety features in Windows 8 (including Windows SmartScreen) read this post.
The deeper integration of SmartScreen Application Reputation also means that desktop app developers have an additional motivation to sign their code and establish reputation. We’ve talked in the past about the importance of digitally signing code for both establishing reputation and proving the authenticity of programs. I’m happy to say the development community has responded to this call to action. Since the release of SmartScreen Application Reputation in IE9 we’ve seen a 10% global increase in signed downloads, from 73% at IE9 RTM to >83% today.
As we’ve discussed in the past, SmartScreen builds reputation for both individual programs and for the certificate used to sign that code. Code signing is important to our reputation intelligence because this higher level identity allows us to build reputation across multiple programs signed by a publisher. It is also important for publishers because signed programs inherit the reputation of the certificate with which they are signed; this means every program a publisher distributes doesn’t need to build reputation individually.
EV Code Signing
Today we are announcing our support for an important advance in code signing - the availability of EV code signing Certificates. We’re also announcing that EV code signing certificates will integrate with the SmartScreen Application Reputation technology in Internet Explorer 9, Internet Explorer 10 and in Windows 8.
Microsoft has been working with the CA industry over the past year to help make EV code signing certificates available. This code signing standard has a couple of key advancements from a safety and identity perspective. First, they require a more rigorous vetting and authentication process similar to that of EV SSL certificates that are in use today. This process requires a comprehensive identity verification and authentication process for each developer. Secondly, the EV code signing certificates require the use of hardware to sign applications. This hardware requirement is an additional protection against theft or unintended use of a code signing certificate.
Programs signed by an EV code signing certificate can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher. Other factors are considered when generating reputation and determining product experiences and EV-signed programs will be closely monitored over time. We think the improvements in the vetting and security of these certificates are a great development for both users and developers.
Starting today, EV code signing certificates are now being issued by Symantec and DigiCert, and the integration with SmartScreen is already live (IE9, IE10 & Win8).
Detractors may claim that SmartScreen is “forcing” developers to spend money on certificates. It should be stressed that EV code signing certificates are not required to build or maintain reputation with SmartScreen. Files signed with standard code signing certificates and even unsigned files continue to build reputation as they have since Application Reputation was introduced in IE9 last year. However, the presence of an EV code signing certificate is a strong indicator that the file was signed by an entity that has passed a rigorous validation process and was signed with hardware which allows our systems to establish reputation for that entity more quickly than unsigned or non-EV code signed programs.