Windows 10 users be careful – some default apps are showing scam adverts

Image credit: Microsoft

Windows 10 has been struck by a worrying problem in that some of its core (installed by default) apps are displaying fraudulent adverts which could potentially play all sorts of nasty tricks on the user.

As spotted by Ghacks and first highlighted on Microsoft’s German support site, a post has since appeared on the US website clarifying the issue that affects apps including Microsoft News and Weather, and possibly other applications or indeed Microsoft services (MSN Money is also mentioned).

These malicious banner adverts are being erroneously picked up by Microsoft’s ad servers and presented to the user. They contain some kind of bait to get the user to click them, either claiming that your PC is infected with viruses, or suggesting that you have won a lottery.

If clicked, they will take you to some malicious site which will seemingly try to sell you a ‘cure’ for the (non-existent) virus, drop malware on your machine (or perhaps both), or perform some other kind of nefarious activity.

A Microsoft moderator notes: “The fake virus warnings eventually direct to a download page for Reimage Repair, which is classified by Microsoft as potentially unwanted application (PUA) but not detected as malware by Windows Defender at this time.

“A scan of the downloaded file at VirusTotal indicates nine different antivirus/antimalware programs detect it as malware and some may block the download or even the landing page for the download.”

Normally, these sorts of malicious ads should be policed and stripped out of Microsoft’s ad serving network, but evidently these rogue banner ads are slipping through the net somehow.

Countermeasures such as Windows Defender SmartScreen should still block these, but as Microsoft notes, SmartScreen isn’t recognizing all the current malicious adverts out there, so is failing to defend against some of them.

The fake warning claiming that your PC is infected with viruses (Image credit: Microsoft)

The fake warning claiming that your PC is infected with viruses (Image credit: Microsoft)

Close and don’t click

The upshot is that if you use these core Microsoft apps and see any suspicious adverts, be careful not to click them. All you need to do is close the window offering the ad, and that should be the end of it, Microsoft advises.

It is possible for the more tech-savvy to block these ads at the DNS level, as Microsoft Support explains, “for example via a central ad blocker in the network like a Pihole, you should block the following pages: * / * / *”.

Otherwise, the only thing to do is wait until Microsoft gets on the case and blocks the ad operators from running these banner adverts, which you would hope will happen sooner rather than later.

One of the major reasons to upgrade to Windows 10, of course, is that the newest OS is sold as being more secure than Windows 7/8.1, so glitches in the default operating system’s apps are a bit embarrassing for Microsoft to say the least.

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).