How do I stop Microsoft Defender Smartscreen blocking my app?

simonx 126 Reputation points
2020-12-09T21:08:46.527+00:00

I am a software developer. I write and sell a (Visual C++) software product. I have just released a new version of my software. First in years. Customers buy a licence and download the software from the Internet. I've had my share of false positives from AV programs in the past and have done everything we can to avoid that happening. Actually recently it seemed to have got much better. We always have a valid code signing certificate and we always sign both the program itself and the installation program. The following happened when we just released a new version of the software.

(1) If a customer using Microsoft Edge clicked on the download button to download the installation program from an Amazon S3 bucket, Microsoft Defender SmartScreen put up a big red screen saying "THIS SITE HAS BEEN REPORTED AS UNSAFE" (in big letters). It gives the name of the download site (our bucket) and then says "Microsoft recommends you don't continue to this site. It has been reported to Microsoft for containing harmful programs that may try to steal personal or financial information". This of course is nonsense. We have reported this several times, but it's still happening.

(2) If you downloaded the software using another browser, when you tried to run it, Windows Defender said it contained a trojan virus. We had previously submitted the file to VirusTotal and all 64 AV programs had pronounced it clean. We of course at once submitted the file to Windows Defender, and to be fair they responded quite quickly. Windows Defender (in its updated virus definitions at least) no longer is reporting any problems with the file.

(3) However, now if you download the file on a web browser (other than Microsoft Edge because they're still blocking it), when you come to run it, you get another screen (blue this time) from Microsoft Defender Smartscreen which says "WINDOWS PROTECTED YOUR PC" (in big letters). And then says "Microsoft Defender SmartScreen prevented an unrecognised app from starting. Running this app might put your PC at risk".

It has been doing this last one for ages. I have tried reporting all of these issues to Microsoft every way I can think of. I have submitted numerous files. I have given all the information I can think of about myself and my company. We have been around for over 20 years. We have been using code signed certificates for a very long time (can't remember when we started doing that).

WHAT CAN WE DO TO STOP THIS HAPPENING?

We have tried contacting Microsoft support. We just get passed from one team to another. We have tried going via our Microsoft representative that get our MSDN sub and software licences from. They say they can't help. We have looked everywhere on the Internet for help and advice. This is damaging our business. Our customers are understandably very concerned and complaining. What are we supposed to do?

HELP!!!

Small BASIC
Small BASIC
A programming language created by Microsoft that serves a stepping stone for beginners from block-based coding languages to more complex text-based languages.
277 questions
C++
C++
A high-level, general-purpose programming language, created as an extension of the C programming language, that has object-oriented, generic, and functional features in addition to facilities for low-level memory manipulation.
3,526 questions

4 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. simonx 126 Reputation points
    2021-05-26T09:10:50.303+00:00

    For the benefit of anyone else who's had the same problem, I did buy an EV code signing certificate (I had 2 years to run on my old OV code signing certificate but I got nothing back on that) ... and hey presto all my problems went away (touch wood). Can't say I felt happy about having to pay even more for something I felt I'd already paid for, but at least it has seemed to fix the problem. I appreciate that this option is not available to everyone though. The current system seems designed to squeeze the smaller players out. In whose interest is that?

    2 people found this answer helpful.
  2. Aquaveo IT 11 Reputation points
    2022-11-16T20:21:48.6+00:00

    We've continued to have problems with this even though we've had an EV cert for years. Some government employees and contractors can't tell Edge the file is acceptable, so they have to do things like download the file at a library or at home (since they can't use any browser but Edge) in order to get around this. It would be awesome if Microsoft would provide a way for this to be fixed. It's not just affecting small, independent developers, but also well-established companies.

    1 person found this answer helpful.
    0 comments
  3. simonx 126 Reputation points
    2020-12-13T13:53:55.863+00:00

    I notice that there is some suggestion that things may be a little easier if you have an "EV" code signing certificate rather than an "OV" one. The former are about 3 times more expensive, and it's very unclear what you're paying for. Does anyone know anything about this? Should I pay for an "EV" certificate (even though my OV certificate has 2 more years to run and there's no upgrade option)?

  4. simonx 126 Reputation points
    2020-12-16T17:41:11.507+00:00

    Yes I'd seen that. It looks like I will have to shell out. Can't say I feel happy about it.

    0 comments