Windows 8 includes a SmartScreen filter that prevents unknown and malicious programs from running. SmartScreen is part of Internet Explorer 8 and 9 – with Windows 8, it’s now integrated into the operating system.
SmartScreen is a useful security feature that will help prevent bad applications from running, but it may occasionally prevent a legitimate application from running. SmartScreen reports some information to Microsoft, so it may have some privacy implications.
How SmartScreen Works
By default, Windows 8 sends information about every application you download and install to Microsoft’s servers. Microsoft’s servers respond with an assessment of the application – if the application you’ve downloaded is something legitimate and fairly popular, such as Mozilla Firefox or iTunes, Windows 8 will run the application.
If SmartScreen doesn’t know about an application – whether it’s a new form of malware or just a niche program that few people use – Windows 8 will prevent the application from running on your computer. It will also prevent known-bad programs from running.
This is similar to the way SmartScreen works in Internet Explorer 8 and 9. When you download an application, Internet Explorer’s SmartScreen filter contacts Microsoft’s servers to determine whether the download should be allowed or not. However, with Windows 8, this is now integrated into Windows itself – if you download an application with another browser, such as Firefox or Chrome, SmartScreen will check the application.
Running An Unrecognized Application
When you try to launch an application SmartScreen doesn’t recognize, it will display a message saying it “protected your PC” by preventing the application from running. It’s good to be cautious if you encounter this message – however, some legitimate applications may be considered unrecognized.
If you’re sure that an application you want to use is safe, click the More info link.
Click the Run anyway button and Windows will allow the application to run, bypassing the SmartScreen filter.
Because SmartScreen reports information about each application you run to Microsoft to check whether the application should be run or not, it’s been singled out in the media as a potential privacy problem.
SmartScreen sends several pieces of data to Microsoft when you run a program. The information includes the file name of the application you attempt to run, along with a hash of the application’s contents — this hash is compared to Microsoft’s database. If it matches a known-good application, such as iTunes, it’s allowed to run. (For more information about the exact data sent to Microsoft, read this post on the Within Windows blog.)
When you attempt to run an application on Windows 8, Microsoft will know the file name of the application you’re attempting to run, along with your IP address.
However, Microsoft has responded to these concerns, saying they’re not building a database of programs linked to specific users:
“We can confirm that we are not building a historical database of program and user IP data. Like all online services, IP addresses are necessary to connect to our service, but we periodically delete them from our logs. As our privacy statements indicate, we take steps to protect our users’ privacy on the backend. We don’t use this data to identify, contact or target advertising to our users and we don’t share it with third parties.”
SmartScreen is a useful security feature that can help prevent less-experienced users from running applications they shouldn’t run.
However, you can disable the SmartScreen filter if you don’t want to use it — consult our guide to disabling the SmartScreen filter in Windows 8 for more information.