Windows 10 continues to be struck with a worrying condition in that a number of its core (installed automatically) apps are displaying fraudulent adverts that could potentially play all sorts of nasty tricks on the user.
As spotted by Ghacks and first highlighted on Microsoft’s German support site, a post has since appeared on the US Answers.com website clarifying the issue that affects apps including Microsoft News and Weather, and possibly other applications or indeed Microsoft services (MSN Cash is also mentioned).
These malicious banner adverts are now being erroneously acquired by Microsoft’s ad servers and presented to the consumer. They contain some kind of bait to get the user to click them, either claiming that the PC is infected with viruses, or suggesting you have won a lottery.
If clicked, they will take you with a malicious site which will seemingly try to sell a ??cure’ for that (non-existent) virus, drop malware in your machine (or maybe both), or carry out some other type of nefarious activity.
A Microsoft moderator notes: “The fake virus warnings eventually direct to a download page for Reimage Repair, which is indexed by Microsoft as potentially unwanted application (PUA) although not detected as malware by Windows Defender at this time.
“A scan from the downloaded file at VirusTotal indicates nine different antivirus/antimalware programs detect it as being malware and some may block the download or perhaps the landing page for the download.”
Normally, these sorts of malicious ads ought to be policed and stripped out of Microsoft’s ad serving network, but evidently these rogue banner advertising are slipping through the net somehow.
Countermeasures such as Windows Defender SmartScreen should still block these, but as Microsoft notes, SmartScreen isn’t recognizing all of the current malicious adverts out there, same with neglecting to defend against some of them.
Close and don’t click
The upshot is when you utilize these core Microsoft apps and see any suspicious adverts, be careful not to click them. All that you should do is close your window providing the ad, and that should be the end of it, Microsoft advises.
It’s possible for that more tech-savvy to block these ads at the DNS level, as Microsoft Support explains, “for example via a central ad blocker in the network just like a Pihole, you should block the following pages: * .adnxs.com / * .nuxues.com / * .vungle.com”.
Otherwise, the only thing to do is hold back until Microsoft gets on the case and blocks the ad operators from running these banner adverts, which you’d hope will happen sooner rather than later.
One of the major reasons to upgrade to Windows 10, obviously, would be that the newest OS comes to be safer than Windows 7/Windows 8.1, so glitches in the default operating system’s apps are a bit embarrassing for Microsoft to say the least.