Windows 10 has been struck by a worrying problem in that some of its core (installed by default) apps are displaying fraudulent adverts which could potentially play all sorts of nasty tricks on the user.
As spotted by Ghacks (opens in new tab) and first highlighted on Microsoft’s German support site (opens in new tab), a post has since appeared on the US Answers.com (opens in new tab) website clarifying the issue that affects apps including Microsoft News and Weather, and possibly other applications or indeed Microsoft services (MSN Money is also mentioned).
- We show you how to defrag Windows 10
- And how to install the Windows 10 May 2019 Update
- This is the best antivirus software out there
These malicious banner adverts are being erroneously picked up by Microsoft’s ad servers and presented to the user. They contain some kind of bait to get the user to click them, either claiming that your PC is infected with viruses, or suggesting that you have won a lottery.
If clicked, they will take you to some malicious site which will seemingly try to sell you a ‘cure’ for the (non-existent) virus, drop malware on your machine (or perhaps both), or perform some other kind of nefarious activity.
A Microsoft moderator notes: “The fake virus warnings eventually direct to a download page for Reimage Repair, which is classified by Microsoft as potentially unwanted application (PUA) but not detected as malware by Windows Defender at this time.
“A scan of the downloaded file at VirusTotal indicates nine different antivirus/antimalware programs detect it as malware and some may block the download or even the landing page for the download.”
Normally, these sorts of malicious ads should be policed and stripped out of Microsoft’s ad serving network, but evidently these rogue banner ads are slipping through the net somehow.
Countermeasures such as Windows Defender SmartScreen should still block these, but as Microsoft notes, SmartScreen isn’t recognizing all the current malicious adverts out there, so is failing to defend against some of them.
Close and don’t click
The upshot is that if you use these core Microsoft apps and see any suspicious adverts, be careful not to click them. All you need to do is close the window offering the ad, and that should be the end of it, Microsoft advises.
It is possible for the more tech-savvy to block these ads at the DNS level, as Microsoft Support explains (opens in new tab), “for example via a central ad blocker in the network like a Pihole, you should block the following pages: * .adnxs.com / * .nuxues.com / * .vungle.com”.
Otherwise, the only thing to do is wait until Microsoft gets on the case and blocks the ad operators from running these banner adverts, which you would hope will happen sooner rather than later.
One of the major reasons to upgrade to Windows 10, of course, is that the newest OS is sold as being more secure than Windows 7/8.1, so glitches in the default operating system’s apps are a bit embarrassing for Microsoft to say the least.
- These are the best laptops of 2019