Windows Defender is giving a warning when Installing a validly signed App.

Windows Defender is giving a warning when Installing a validly signed App.

 

Question Info


Last updated May 11, 2020 Views 1,716 Applies to:
Answer
Answer

That's the normal message for any new application for several years now, since the app must develop a reputation by receiving a significant number (3,000+ I believe I've read in the past) of accepted downloads before that message can be bypassed even with a certificate.

As this MSDN article from 2013 indicates in the following paragraphs, only an EV (Extended Validation) certificate will immediately establish reputation due to the more stringent developer validation that these require, as well as their higher cost for that process of course.

Rob

https://blogs.msdn.microsoft.com/smondal/2013/01/08/windows-smartscreen-prevented-an-unrecognized-app-from-running-running-this-app-might-put-your-pc-at-risk/

*P.S. The goal of the Application Reputation experience is to warn users, when appropriate, that a downloaded application has not yet established a reputation.

Reputation is established by SmartScreen® service intelligence algorithms based on how an application is used by Windows and Internet Explorer users. Reputation may be based on the downloaded application or can also be assigned to the publisher based on digital certificate information.  Only Authenticode Certificates issued by a CA that is a member of the Windows Root Certificate Program can establish reputation. Digital certificates allow data to be aggregated and assigned to a single certificate rather than many individual programs. Although not required, programs signed by an EV code signing certificate* can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher. EV code signing certificates also have a unique identifier which makes it easier to maintain reputation across certificate renewals.

At this time, both Symantec and DigiCert are offering EV code signing certificates as described in the blog Microsoft SmartScreen & Extended Validation (EV) Code Signing Certificates

2 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.