-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathWhat_Is_New.txt
82 lines (69 loc) · 5.19 KB
/
What_Is_New.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
Version 5.0.1.1
Added new digital certificate (July 2024)
Some code was adjusted to work with WindowsHybridHardening Light.
Version 5.0.0.0
Added new digital certificate (July 2023).
Some code was adjusted to the upcoming version of Windows Hybrid Hardening.
Version 4.1.1.1
Added ONE (OneNote) file extension.
Version 4.0.1.1
Added a new digital certificate.
Version 4.0.1.0
Added several new extensions (archives, disk images).
Version 4.0.0.1
Added APPX, APPXBUNDLE, MSIX, and MSIXBUNDLE extensions (Universal Windows Platform installation packages).
Such packages are used to install UWP apps from the web browser or via downloaded packages outside the Microsoft Store.
The safe method is installing UWP apps directly from Microsoft Store.
Version 4.0.0.0
Added ELF file extension.
Version 3.1.0.1
1. Added prevention for SmartScreen DLL hijacking.
2. Both 64-bit and 32-bit executables are wrapped in one NSISS executable.
Version 3.1.0.0
1. Corrected the procedure of checking if SmartScreen is enabled.
2. The executables were first unsigned but replaced (in August 2019) by digitally signed binaries (Certum Code Signing certificate).
Version 3.0.1.0
1. Corrected Help information.
2. Corrected some issues related to shortcuts.
3. Added icons for RunBySmartScreen executables.
Version 3.0.0.0
1. Only EXE, MSI, COM, and SCR files are checked by SmartScreen. The files (scripts and binary libraries) with extensions: BAT, CMD,
CPL, DLL, JSE, OCX, and VBE are not checked by SmartScreen, but instead, they were added to the list of unsafe extensions.
2. During the installation, 'Run By SmartScreen' changes Adobe Acrobat Reader 10+/DC 'Protected View' setting, similarly to the default
'Protected View' setting in MS Office 2010+.
3. 'Protected View' is applied when MS Office and Adobe Acrobat Reader 10+/DC are used for opening popular documents (DOC, DOCX,
XLS, XLSX, PUB, PPT, PPTX, ACCDB, PDF) and those documents are opened via Run By SmartScreen. Other MS Office document extensions are
added to the list of unsafe extensions.
4. The list of unsafe extensions was extended (over 250 extensions): ACCDA, ACCDE, ACCDR, ACCDT, ACM, AD, ADE, ADN, ADP, AIR, APP,
APPLICATION, APPREF-MS, ARC, ASA, ASP, ASPX, ASX, AX, BAS, BAT, BZ, BZ2, CAB, CDB, CER, CFG, CHI, CHM, CLA, CLASS, CLB, CMD, CNT, CNV,
COM, COMMAND, CPL, CPX, CRAZY, CRT, CRX, CSH, CSV, DB, DCR, DER, DESKLINK, DESKTOP, DIAGCAB, DIF, DIR, DLL, DMG, DOCB, DOCM, DOT,
DOTM, DOTX, DQY, DRV, EXE, FON, FXP, GADGET, GLK, GRP, GZ, HEX, HLP, HPJ, HQX, HTA, HTC, HTM, HTT, IE, IME, INF, INI, INS, IQY, ISP,
ITS, JAR, JNLP, JOB, JS, JSE, KSH, LACCDB, LDB, LIBRARY-MS, LOCAL, LZH, MAD, MAF, MAG, MAM, MANIFEST, MAPIMAIL, MAQ, MAR, MAS, MAT,
MAU, MAV, MAW, MAY, MCF, MDA, MDB, MDE, MDF, MDN, MDT, MDW, MDZ, MHT, MHTML, MMC, MOF, MSC, MSH, MSH1, MSH1XML, MSH2, MSH2XML, MSHXML,
MSI, MSP, MST, MSU, MUI, MYDOCS, NLS, NSH, OCX, ODS, OPS, OQY, OSD, PCD, PERL, PI, PIF, PKG, PL, PLG, POT, POTM, POTX, PPAM, PPS,
PPSM, PPSX, PPTM, PRF, PRG, PRINTEREXPORT, PRN, PS1, PS1XML, PS2, PS2XML, PSC1, PSC2, PSD1, PSDM1, PST, PSTREG, PXD, PY, PY3, PYC,
PYD, PYDE, PYI, PYO, PYP, PYT, PYW, PYWZ, PYX, PYZ, PYZW, RB, REG, RPY, RQY, RTF, SCT, SEA, SEARCH-MS, SEARCHCONNECTOR-MS,
SETTINGCONTENT-MS, SHB, SHS, SIT, SLDM, SLDX, SLK, SPL, STM, SWF, SYS, TAR, TAZ, TERM, TERMINAL, TGZ, THEME, TLB, TMP, TOOL, TSP, URL,
VB, VBE, VBP, VBS, VSMACROS, VSS, VST, VSW, VXD, WAS, WBK, WEBLOC, WEBPNP, WEBSITE, WS, WSC, WSF, WSH, XBAP, XLA, XLAM, XLB, XLC, XLD,
XLL, XLM, XLSB, XLSM, XLT, XLTM, XLTX, XLW, XML, XNK, XPI, XPS, Z, ZFSENDTOTARGET, ZLO, ZOO.
Version 2.0.1.0
1. The bug with the SCR extension check was corrected.
2. The PIF extension was removed (not supported in Windows 8+).
3. The URL extension was removed (not supported by the Explorer context menu).
4. Explorer context menu option for WSH extension was added.
5. Alerts for DLL and OCX files were added - those files cannot be run directly, so only 'Mark of Web' is added. If some program is
going to open them, then a SmartScreen check will be triggered.
6. Shortcuts with the CommandLine in the 'Target' area are always blocked, and the program shows an alert.
7. The installation process was simplified.
Version 1.0.3.0
From version 1.0.3.0 the program is prepared to help inexperienced users to open all new files. If the user tries to open the file with
"Run By SmartScreen" the program works as enumerated below:
1. Files located in the System Space (= inside C:\Windows, C:\Program Files, C:\Program Files (x86)) are opened normally, without
SmartScreen check.
2. Files located in the User Space with somewhat dangerous extensions (not supported by SmartScreen), are not allowed to open, and the
program shows an alert (similar to Software Restriction Policies).
3. The executables located in the User Space are checked by SmartScreen before the run.
4. Other files (media, photos, documents, etc.) are opened normally, without SmartScreen check.
The program has a hard-coded list of dangerous extensions (not supported by SmartScreen App Reputation on run):
WSH, WSF, WSC, WS, VBS, VB, URL, SHS, SCT, REG, PS1, PIF, PCD, MST, MSP, MSC, MDE, MDB, JS, JAR, ISP, INS, INF, HTA, HLP, CRT, CHM,
BAS, ADP, ADE.