Thursday, December 24, 2015
Microsoft moves to mitigate man-in-the-middle malvertising
Microsoft has announced that with effect from March 31, 2016, it will enforce new adware objective criteria in an attempt to mitigate the evolving malicious advertising threat landscape. The moves by Microsoft will be looking to address the particular problem of ad injection software whereby automated advertising networks are tricked by threat actors into delivering ads complete with embedded malware. "Ad injection software has evolved, and is now using a variety of ‘man-in-the-middle' (MiTM) techniques. Some of these techniques include injection by proxy, changing DNS settings, network layer manipulation and other methods. All of these techniques intercept communications between the Internet and the PC to inject advertisements and promotions into webpages from outside, without the control of the browser. Our intent is to keep the user in control of their browsing experience and these methods reduce that control," said Barak Shein and Michael Johnson from the Microsoft Malware Protection Center in a Threat Research & Response Blog posting. Microsoft says it will "encourage developers in the ecosystem to comply with the new criteria" and that "programs that fail to comply will be detected and removed." In other words, Microsoft will classify ad injection software using man-in-the-middle techniques as malware.