![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 53%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EIA%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Defender | Other
Additional Microsoft Defender tools and services that provide security across various platforms and environments
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(54.400000000000006, 90%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EPM%3C/text%3E%3C/svg%3E)
SmartScreen and other Microsoft reputation systems don’t provide a direct “build reputation” or whitelist channel for small publishers, and there’s no separate SmartScreen contact path beyond the existing submission workflows.
Key points from Microsoft’s guidance that apply to this scenario:
- No manual “known list” or false‑positive prevention program
- Microsoft explicitly does not accept files for a “known list” or false‑positive prevention program from software developers. Reputation is built automatically based on telemetry and analysis, not by manual enrollment.
- Consistently signing program files with a digital certificate issued by a trusted root authority helps Microsoft quickly identify the source of a program and apply previously gained knowledge. Over time, this can result in the program being added to a known‑good list or, less frequently, the publisher certificate being treated as trusted.
- How to handle potential false positives / reputation issues
- For any installer or binary that is being flagged or blocked, the supported path is to submit the file as a software developer and wait for a final determination.
- If the determination is unsatisfactory, the developer contact form that appears with the submission result is the only supported way to reach Microsoft for further review.
- Microsoft encourages software vendors to review the documented criteria used to classify malware and potentially unwanted applications (PUA) to ensure installers and bundled components do not match unwanted behaviors.
- Reputation and “uncommon” warnings
- Microsoft’s reputation systems explicitly warn about software that is unknown or uncommonly downloaded. This is by design: unknown software is treated as higher risk until enough telemetry and analysis data is collected.
- Warnings for unknown or uncommonly downloaded software are not hard blocks; users can still choose to run the application. Over time, as more users download and run the software without issues and as Microsoft’s systems analyze the binaries, reputation can improve automatically.
- Practical implications for a small publisher
Based on the above, the supported ways to build and maintain reputation are:
- Continue to sign all binaries and installers consistently with the same OV certificate from a trusted CA.
- Avoid bundling or behaviors that could match Microsoft’s PUA or unwanted‑software criteria.
- Submit new or updated installers through the official submission portal whenever they are first released or when reputation problems are observed, and then use the developer contact form if the final determination is incorrect.
- Accept that reputation for a new certificate (new key) is built over time from usage and analysis; there is no separate SmartScreen team contact or manual reputation “transfer” mechanism exposed in the documentation.
There is no documented mechanism to directly accelerate SmartScreen reputation for a new OV certificate beyond these steps.
References: