SmartScreen Archives

Tech Optimizer

May 18, 2025

Do I need antivirus software for Windows 11?

Windows 11 accounts for nearly 44% of global desktop users as of April 2025, making it a prime target for cybercriminals, with 83% of malware in 2020 aimed at Windows systems. Microsoft Defender, which comes pre-installed with Windows 11, offers commendable malware protection, basic ransomware protection, a SmartScreen feature for anti-phishing, and a firewall that monitors network traffic. While it provides a solid foundation for security, additional third-party antivirus software can enhance protection, offering more comprehensive features such as superior parental controls, integrated VPN services, and identity theft protection.

Tech Optimizer

May 17, 2025

Do You Really Need Antivirus on Windows 11? Probably Not—Here’s Why

Windows 11 has robust built-in security features that may reduce the need for third-party antivirus software. Windows Security now offers comprehensive protection, including real-time malware detection, firewall protection, SmartScreen alerts, hardware-level security, account monitoring, and system health reports. According to AV-TEST results from January and February 2025, Microsoft Defender Antivirus scored 6.0/6.0 in protection, performance, and usability, effectively stopping advanced malware and phishing attempts with minimal system resource usage. Users of Microsoft Edge benefit from SmartScreen filtering, while those using other browsers receive system notifications for network protection. Basic digital hygiene practices, such as avoiding suspicious downloads and keeping software updated, are crucial for security. Third-party antivirus solutions may offer additional features but can lead to performance issues and privacy concerns. For casual users who maintain their systems and practice safe browsing, Windows Security is generally sufficient, while those handling sensitive information or needing advanced features may consider premium antivirus options.

AppWizard

May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.

Winsage

March 18, 2025

Microsoft Warns Windows Users—Change Your Browser As New Attacks Underway

Microsoft has issued a warning to Chrome users about a new remote access trojan called StilachiRAT, which can exfiltrate sensitive information such as stored credentials and digital wallet data. StilachiRAT can scan for configuration data across 20 cryptocurrency wallet extensions in Chrome and can extract and decrypt saved usernames and passwords. The malware can also monitor Remote Desktop Protocol (RDP) sessions, capture active window information, and impersonate users to gain unauthorized access to networks. Microsoft recommends that users switch to its Edge browser or other browsers with SmartScreen technology to enhance security. Additionally, users are advised to install software from official sources, utilize Safe Links and Safe Attachments in Office 365, and enable network protection features in Microsoft Defender for Endpoint. Despite this, Chrome remains the dominant browser among Windows users.

Winsage

March 10, 2025

Microsoft: Don’t fall for unwanted apps on Windows 10, clean install Windows 11 ASAP

Microsoft has revised its support documentation to highlight the importance of recognizing unsafe applications on Windows 10 and encourages users to upgrade to Windows 11. Applications on a PC can be categorized into three groups: Clean apps (from the Microsoft Store or pre-installed), malware apps (from untrusted sources), and potentially unwanted apps (PUAs) which may not be malicious but can clutter user experience. Microsoft warns that after October 2025, Windows 10 will no longer receive updates, increasing vulnerability to cyber threats. Upgrading to Windows 11 enhances security with features like Smart App Control. To clean install Windows 11, users need the Media Creation Tool to create a bootable USB drive. The process involves downloading the tool, creating the USB, and then installing Windows 11 on the target PC. Users should ensure their PC meets the hardware requirements for Windows 11. After upgrading to Windows 11, users are advised to configure settings to block potentially unwanted applications by enabling options in the Privacy and Security settings. To minimize risks, it is recommended to download apps from the Microsoft Store, keep Windows 11 updated, and use the Microsoft Edge browser with SmartScreen.

Winsage

March 8, 2025

Microsoft lists a reason why you should update to Windows 11 from 10 via clean install

Microsoft is encouraging users to transition from Windows 10 to Windows 11, which currently holds a market share of 38% compared to Windows 10's nearly 60%. In February 2024, Microsoft launched a promotional campaign to highlight the benefits of Windows 11, and by June, it aimed to dispel myths about the new operating system. The company emphasized security features, particularly the Smart App Control feature in Windows 11, which helps protect against potentially unwanted applications (PUAs). The updated support page for Windows 11 includes recommendations such as downloading apps from trusted sources, using updated antivirus software, and keeping devices up-to-date. Smart App Control requires a clean installation of Windows 11, and users upgrading from Windows 10 must perform a reset, as an in-place upgrade is not sufficient.

Tech Optimizer

February 18, 2025

Microsoft Defender vs. McAfee: Features, Pricing, Pros & Cons

eSecurity Planet maintains editorial independence and may earn revenue from partner links. Microsoft Defender, a free built-in antivirus for Windows, offers minimal configuration and supports Windows 10 and 11, while McAfee, which holds a 12.47% share of the global antivirus market, provides extensive privacy monitoring and data protection across multiple platforms (Windows, Mac, Android, iOS) with various pricing plans ranging from .99 to 9.99. Microsoft Defender supports a single device and includes features like real-time threat protection, parental controls, and a firewall, but lacks advanced features like VPN and identity theft monitoring. McAfee offers a wider range of features, including a VPN, identity theft monitoring, and data cleanup, making it a more comprehensive solution despite its higher cost. Microsoft Defender has an overall rating of 3.8/5, while McAfee rates 4.4/5, excelling in customer support with multiple channels, including live chat and phone support. Microsoft Defender is suitable for users on a budget, while McAfee is better for those needing robust privacy and identity protection. Alternatives to consider include Norton, Bitdefender, and Malwarebytes.

Winsage

February 10, 2025

Microsoft Edge tests integrating Copilot into Settings, auto-opening AI on Windows 11

Microsoft is exploring deeper integration of its Copilot feature in Edge, with potential developments including a troubleshooter in the Settings menu and automatic sidebar activation upon browser launch on Windows 10 and 11. An "Ask Copilot" button may also be introduced in the Settings app for user assistance. References suggest Copilot could activate with new tabs or browser launches. Additionally, Edge has launched an AI-driven "Scareware Blocker" in version 133 for Windows 11 to protect users from online scams by blocking harmful sites in real-time. This feature is expected to improve over time and complements Microsoft Defender SmartScreen Protection.

Tech Optimizer

February 2, 2025

Microsoft thinks it could stop this dangerous scam forever

Microsoft has launched a new ‘Scareware blocker’ feature for Edge web browsers on Windows PCs, designed to enhance user protection against tech support scams. This machine learning threat detection software identifies signs of scareware in real-time and aims to reduce the prevalence of such scams, which cost victims millions annually according to the FBI. The technology analyzes new websites and uses a SmartScreen feature for global protection, processing information locally without uploading images to the cloud. When a potential threat is detected, Edge exits full-screen mode, stops aggressive audio playback, and alerts the user. Users can report malicious sites or inaccuracies to improve the model. The feature is available to all Edge users upon updating their browser.

Tech Optimizer

December 28, 2024

TotalAV Free Edition

TotalAV Free Edition provides limited antivirus protection, relying heavily on Microsoft Defender for real-time scanning. Installation is straightforward but can be lengthy, and users are automatically enrolled in a seven-day trial of TotalAV Antivirus Pro. The interface resembles the premium version, but it lacks real-time protection, leading to constant alerts for users to upgrade. Independent lab tests have shown that only the Pro version has been evaluated, achieving good scores, while the free edition remains untested. Users can perform on-demand or scheduled scans, with a full scan taking about 53 minutes. However, TotalAV does not register with Windows, complicating the user experience by requiring both TotalAV and Microsoft Defender to operate simultaneously. In a malware protection test, the free edition achieved a 99% removal rate of malware samples, but its phishing protection is inadequate, relying on Edge’s SmartScreen Filter, which has a low detection rate. Most privacy features are locked behind a paid upgrade, although it includes a clean-up scan and uninstaller feature. The Total Security page is the same for both editions, but most features require an upgrade. Overall, the free edition's reliance on Microsoft Defender and limited features suggest users might find better standalone antivirus options.