How to deal with Microsoft Edge's "isn't commonly downloaded" warning
All downloads in the Microsoft Edge web browser are scanned using Microsoft Defender's SmartScreen feature. Designed to weed out malicious files before they land on the user system, SmartScreen is the first line of protection when it comes to file downloads.
One of the problems with SmartScreen is that it is also blocking file downloads for new and uncommon files. If a file is not known at all by SmartScreen, or not commonly downloaded, then it may be blocked automatically. The file itself may be perfectly harmless, but it won't land on the user system unless explicitly allowed.
Some users may deal with the issue by using another browser or program for the download. Others may want to use controls provided by Microsoft Edge to keep the download.
While the latter is relatively easy, it may not be obvious immediately how that is done. Edge displays different SmartScreen warnings depending on why it is blocking the download.
In the case of new files, it displays:
FILENAME isn't commonly downloaded. Make sure you trust FILENAME before you open it.
The interface has no options to deal with the issue by default. All icons that are displayed are standard icons that do not help. It is necessary to move with the mouse over the entry of the blocked file to get a list of actions. Even then, it is limited to a trash icon to delete it and a three-dots menu.
A click on the three-dots menu displays more options, including "keep". The file is saved to the local system's download folder when you select keep, but not immediately.
Edge displays yet another warning and an explanation for blocking the file download in first place.
Make sure you trust FILENAME before you open it.
Microsoft Defender SmartScreen couldn't verify if this file is safe because it isn't commonly downloaded. Make sure you trust the file you're downloading or its source before you open it.
Edge displays the file name below that and the publisher, or unknown, if the publisher is not known.
The entire prompt has no "keep" option by default. There is a big Delete button and a Cancel button. Delete removes the download file, cancel stops the process, but does nothing else.
You need to activate the "show more" link to display additional options.
Once activated, show more reveals new options, including "keep anyway". Activate the option to -- finally- get the file saved to the local system.
Note that Microsoft Defender may scan the file once it lands on the local system, and that you may have to deal with it interfering with the file as well.
The entire process is designed to discourage Edge users from downloading flagged files. While that would be an understandable approach for malicious files, it is not for files that are blocked just because they are new.
Now You: what is your take on the process? How do you deal with browser's blocking file downloads?
“…While that would be an understandable approach for malicious files, it is not for files that are blocked just because they are new.”
In the screenshots you are downloading an unsigned executable file with no reputation history. Those types of files should be treated as highly suspicious, as anyone can create them and upload them somewhere pretending to be legitimate software. That should absolutely set alarm bells ringing and therefore make sure the end user if fully aware what they are about to do and don’t just mindlessly click through and download something that has a high chance of being malicious.
I agree that there should be some safeguards, bu for people who dont know any better it is also a way to keep genuine files away and under suspicion.
Many opensource projects cant afford to get binaries signed and not that signing binaries is any protection anyway, since certificates have been known to be misused to sign malware payloads and not the least Microsoft certificates have been not once but several times caught signing malware payloads that would happily pass this not even security feature and most antivirus.
So some caution always not just because some moronic tinfoil hat idiot who devs these features says so., sign/not signed new old its all arbitrary decision on what is exactly malware or maybe dangerous.
I’m reminded of an old meme.
“Everything happens for a reason. But sometimes the reason is you’re stupid and make bad decisions.”
I’ll have to side with M$ on this one. Telling people to “Think before you do this” is a good thing IMO.
Telling people to think works? Since when?
And which company or gov wants people capable of critical thinking?
That’s all well and good, but in this specific case, who is doing the “thinking”?
Certainly not the end-user at first.
The more dumbed-down society gets, the more dumbed-down it’s treated.
Race to the bottom.
I am curious about beautysearch.exe now.
Microsoft Defender SmartScreen should submit the files in question to virustotal just like Chrome does and block/allow according to results.
No browser should block but may offer a warning and ask if the user wants to continue and/or never ask again for that file or website, etc. Surely there is a smarter way of not imposing more control on everyone because some are dumb enough not to have protection.
This doesn’t protect the end-user as all the hackers will do is shield it inside of something legit. And scammers already use legit software to take people’s money.
It is just another means of making life more difficult for most people, give more decision making, control to MS and Chrome.
Why don’t they do more in education of the people? Because there is no money in it. Like good drugs are banned because Pharma can’t use them to make bigger profits.
I’ve always fully disabled defender smartscreen from running. Don’t need it’s annoyances. Been on the internet since 56k dial-up days. I.e. over 22 years ago. And just by common sense you know what to and not to download or click on.
My solution is the simplest. Do not use Edge.
So.. I’m on GITHUB.. I can grab AND save with no warnings… app.dmg (macOS), app (linux)… BUT app.exe is going to cause me grief? AND I download app.exe EVERY time it’s updated on GITHUB. How is THAT “not commonly downloaded”????!!!????