Windows 10 to get PUA/PUP protection feature

PUA/PUP-blocking option to be added in Windows 10 May 2020 update.

Protection feature against unwanted apps is now available to all Windows 10 users
0:50

The next major version of the Windows 10 operating system will include a new security option that will allow users to enable a Windows Defender secret feature that can detect and block the installation of known PUAs (potentially unwanted applications), Microsoft announced on Tuesday.

The term PUA, also known as PUP (potentially unwanted program), is one of the lesser-known terms in the cyber-security jargon.

It refers to software that has been installed on a computer by tricking the user -- hence the term of "potentially unwanted." This includes tactics like bundling an unwanted app with the installer of a legitimate program, or by using silent installs to bypassing user consent altogether.

The category of PUA usually includes apps that show intrusive ads, apps that track users and sell their data to advertisers, apps that change browser settings, install root certificates, or disable security controls.

Starting with the Windows 10 May 2020 update, which is set to roll out later this month, Microsoft said it added an option in the Windows 10 settings panel that can let users block the installation of known PUA threats.

This capability has been present in Defender/Windows for years, but it could only be enabled via group policies, and not via the Windows user interface. Going forward, this can be done by going to Start > Settings > Update & Security > Windows Security > App & browser control > Reputation-based protection settings.

The feature is turned off by default, so users will have to manually enable it once they update to Windows 10 May 2020 (v2004).

win10-pua-protection.png

Once enabled, the feature has two settings. Microsoft recommends that users enable both.

  • Block downloads looks for PUA as it's being downloaded, but note that it only works with the new Microsoft Edge browser.
  • Block apps will detect PUA that you've already downloaded or installed, so if you're using a different browser Windows Security can still detect PUA after you've downloaded it.

In March 2020, Microsoft also added a similar feature to its Edge browser (the Chromium-based version), which can also detect and block PUA downloads as they happen.

This feature is found at edge://settings/privacy

edge-security-pua-setup.png

Image: Microsoft