Announcement

Collapse
No announcement yet.

Delivering software over the Internet and being blocked by Windows Defender.

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Delivering software over the Internet and being blocked by Windows Defender.

    How is it that running Chrome installation download is not blocked by Windows Defender?

    Is there something special about a "setup" file?

    Anyone overcome this issue.

    I have a digital signing certificate and sign my .exe files. When I look at Chrome.exe they have two entries - see photo.

    Click image for larger version

Name:	Snap79.jpg
Views:	86
Size:	76.3 KB
ID:	785659Click image for larger version

Name:	Snap78.jpg
Views:	76
Size:	83.1 KB
ID:	785660

  • #2
    I've read the number of times a program is downloaded builds confidence with Microsoft.
    Chrome is also an exception in not showing EV certificates as green in the address bar. Example: https://www.godaddy.com or try a bank.
    Also if the user comes in with http to an https may cause it to be blocked.
    I wouldn't attempt installing anything without Innosetup or using a .ZIP file. Having setup or install in the name is supposed to help (at least at one time.)
    I always click on properties and then unblock before unzipping files that are downloaded.
    Definitely get ahold of your signing authority to see if they can help.

    https://revolution.screenstepslive.c...ith-inno-setup
    https://duckduckgo.com instead of google

    Comment


    • #3
      David, probably you submit this file to Virustotal and get it scanned or rename your file to BuildSNME.exe

      don't use the words Setup or Install in the filename

      Comment


      • #4
        Originally posted by Mike Doty View Post
        Chrome is also an exception in not showing EV certificates as green in the address bar.
        That's because Google (and Firefox) decided to stop feeding to what I call the scam that's EV: https://www.troyhunt.com/extended-va...y-really-dead/

        Comment


        • #5
          David,
          Can you clarify the point at which blocking occurs? As Mike suggests, I use InnoSetup and I name my files appname_setup.exe. I've not seen any problem with downloading the file using Chrome or Edge. The installation does require that I respond to a couple of Windows questions. I use Windows Defender. I put my setup files on my server and give the URL to the users.

          Comment


          • #6
            I do the same as Gary and don't have any problems with downloads from a protected https folder using InnoSetup.
            Users do have to answer question, but that can be turned off (not suggested) somewhere in internet options so doubt it is Windows Defender.

            Knuith,
            Address bar shows green using EV with Firefox. Maybe they fixed it. Try www.powerbasic.com

            Knuth,
            Correction, after reading the article. Thank you! Sounds like EV has become a waste of money.
            Firefox is in 69 series as of 10/9/19.
            In desktop Firefox 70, we intend to remove Extended Validation (EV) indicators from the identity block (the left hand side of the URL bar which is used to display security / privacy information).
            https://www.troyhunt.com/extended-va...y-really-dead/
            https://duckduckgo.com instead of google

            Comment


            • #7
              This is from https:// setup.exe is from InnoSetup, setup.exe is signed as in setup.exe inside of setup.exe...
              Still getting this but Chrome and others do not.

              Click image for larger version

Name:	Snap80.jpg
Views:	65
Size:	88.0 KB
ID:	785722

              Comment


              • #8
                "Although not required, programs signed by an EV code signing certificate can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher. EV code signing certificates also have a unique identifier which makes it easier to maintain reputation across certificate renewals."

                https://blogs.msdn.microsoft.com/ie/...-certificates/

                "Although not required, programs signed by an EV code signing certificate can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher. EV code signing certificates also have a unique identifier which makes it easier to maintain reputation across certificate renewals. Only Authenticode Certificates issued by a CA that is a member of the Windows Root Certificate Program can establish reputation. Don’t sign or distribute malicious code Distributing code detected as malicious will remove the reputation from a file and also any reputation from the associated digital certificate – even if signed with an EV code signing certificate."

                Comment


                • #9
                  I see both Chrome and Firefox allow downloading, just not running without the SmartScreen questions.
                  Settings are in Windows Security, App and Browser control, Exploit Protection, Program settings, Add program to customize.
                  Sounds like you are doing everything right. Hope the signing kicks in.
                  https://duckduckgo.com instead of google

                  Comment

                  Working...
                  X