We previously reported regarding Microsoft’s new policies addressing the criteria by which its security product would detect “adware” and browser modifiers. According to these policies, programs should not: 

  • Prevent or limit users from viewing or modifying browser features or settings; or  
  • Circumvent user consent dialogs from the browser or operating system.

Recently, Microsoft released a further update setting out an enforcement timetable and further clarifying its detection criteria ("the clarifications"), according to which:  

  1. The rule concerning programs that prevent user control will come into force with immediate effect. The clarifications include examples of common violations of this criteria:
    • programs that disable the controls in the Manage Add-ons dialogand
    • programs that remove the proxy control
  2. The rule concerning programs that limit user control will come into force on 1 January 2015. Examples for such programs are also provided by the clarifications and include:
    • programs that limit the user’s ability to choose their default search provider; and
    • programs that limit the user's ability to change their default home page, e.g. by adding additional questioning for the user.
  3. The rule concerning programs that circumvent user consent dialogue from the browser or an operating system, will come into force on 1 January 2015. Examples of such programs are:
    • programs that bypass a browser’s built-in consent-to-enable feature;
    • programs that install themselves in a way that circumvents the browser’s consent dialog box from being shown;
    • programs that bypass or try to suppress any other of the browser's built in protection dialogs; and
    • programs that bypass Internet Explorer's default search permission dialog;

  Additional information and details on Microsoft’s changes, as to how the company’s security products detect browser modifiers and adware, is available here