Author Archives: ericlaw

SmartScreen Application Reputation, with Pictures

Last Update: Sept 3, 2025 I’ve previously explained how Chromium-based browsers assign a “danger level” based on the type of the file, as determined from its extension. Depending on the Danger Level, the browser may warn the user before a file download begins in order to confirm that the user really wanted a potentially-dangerous file.Continue reading “SmartScreen Application Reputation, with Pictures”

Divorce – 18 Months In

I got separated in March 2020 and finally divorced in January 2022. It was a long time in coming, but it wasn’t awesome. In hindsight, I disassociated a bit, spreading the pain out over time rather than feeling it all at once. Immediately after our separation, I could easily distract myself for months by gettingContinue reading “Divorce – 18 Months In”

Attack Techniques: QR Codes

As outlined in earlier posts in this series, attackers know that security software can detect their phishing lures and block users from even seeing the lure if it contains a known-phishing URL. For example, both Windows Live and Gmail block email that is believed to contain phishing links. If your enterprise uses Microsoft Defender forContinue reading “Attack Techniques: QR Codes”

Enforcing SmartScreen with Policy

Microsoft Defender SmartScreen provides protection against the most common forms of attack: phishing and malware. SmartScreen support is built-in to Microsoft Edge and the Windows 8+ shell. The SmartScreen web service also powers the Microsoft Defender Browser Protection extension for Chromium-derived browsers. While SmartScreen provides powerful controls to block attacks, the user remains in fullContinue reading “Enforcing SmartScreen with Policy”