Microsoft’s Scary Windows Update—Change Your Browser Now – Forbes
You have been warned—do this nowRepublished on January 31 with responses to Microsoft’s update and more detailed advice for Windows users on how to defend against these threats.In a refreshing change from recent negative sparring with Google, Microsoft has just confirmed a critical update for Windows PC users that should make everyone safer. The Windows-maker is asking users to change their settings now, given it says, that this new update targets a threat the FBI warns costs victims “over a billion dollars per year.”“You’ve seen it yourself,” Microsoft posted, “There are more scams than ever before, on your phone, in your inbox, and in your browser. In fact, our data shows that in 2024, Edge blocked five times more scams on average than it blocked just three years earlier.” And while “Edge uses Microsoft Defender SmartScreen to block known scams as people encounter them,” Microsoft says, “what if you’re the first person to see a new scam before it can be blocked?”This latest update addresses so-called “scareware,” which can be especially convincing and urgent. “They use aggressive web pages to convince victims into thinking their system is infected with malware, pressure them to call a fake tech support number, and try to gain access to the computer.” We saw just how powerful such scams can be this week, with a security savvy engineer nearly caught out by a fake Google support call that mimicked all the right phone numbers and email addresses.Scareware blocker“Tech support scammers continue to impersonate well-known tech companies,” the FBI has warned, “offering to fix non-existent technology issues, renewing fraudulent software, or security subscriptions.”And it’s this threat that Microsoft has addressed: “Scareware blocker uses a machine learning model to recognize the tell-tale signs of scareware scams and puts users back in control of their computer. We call on users who want to combat scams to help us test our preview.” And you can do that with a simple settings change.As Crowdstrike says, “generally speaking, scareware is the gateway to a more intricate cyberattack and not an attack in and of itself. Scareware is often part of a multi-prong attack which incorporates social engineering techniques and spoofing to heighten the sense of urgency and drive the desired behavior. Scareware attacks, like many forms of malware attacks, are especially troublesome in that the scammer may gain access to the user’s account information or credit card details, which can put the user at risk of identity theft or other forms of fraud.”Blocking such threats in real-time is critical because “scams have become more sophisticated, often moving after a few hours to evade detection. This makes early detection crucial for protecting users. Scareware can appear unexpectedly, especially in rogue online advertisements. For example, you might accidentally click on a misleading banner ad while searching for a product manual, leading you to a scareware site instead of the PDF file you were trying to download.”Microsoft also warns that such scareware can mimic the threat it promises to fix, automating to full-screen so as to fake a device malfunction, playing sounds, blocking your keyboard or mouse, locking your screen.As for the damage scareware might do, ESET says, “at best, you might spend money on useless bloatware. You don’t get anything in return but at least that’s where the scam ends. At worst, the bad guys also harvest your personal and financial details to use in follow-on identity fraud. Or, by clicking through on the link or ad, you unwittingly install malware designed to steal your information or lock your computer with ransomware—in which case you’ll be forced to pay a charge in order to have it unlocked (which may or may not work).”Scareware blocker at workSo, how does the new scareware blocker work? “Most people who land on a scam in Edge will be protected by Defender SmartScreen,” Microsoft says. “Once an abusive site is detected, SmartScreen can protect users worldwide within minutes. Scareware blocker adds a new, first line of defense to help protect the users exposed to a new scam if it attempts to open a full screen page. Scareware blocker uses a machine learning model that runs on the local computer. The model uses computer vision to compare full screen pages to thousands of sample scams that the scam-fighting community shared with us. The model runs locally, without saving or sending images to the cloud.”When a threat is detected, “Edge will put users back in control by exiting full screen mode, stopping aggressive audio playback, warning the user, and showing a thumbnail of the page they were just viewing.” It won’t always get it right, but it’s a warning not a lockdown. “Users can also report when scareware blocker makes a mistake and blocks a legitimate page.” According to Microsoft, “sending this feedback makes a difference. By reporting false alarms, you help us make the feature more reliable to catch the real scams. Beyond just blocking individual scam outbreaks, our Microsoft Digital Crimes Unit goes even further to target the cybercrime supply chain directly.”Scareware blocker in settingsClearly this is Edge not Chrome, but for those using Microsoft’s browser, “scareware blocker is rolling out now as a preview for all Edge users on Windows PCs. To enable in Edge, first make sure that previews are allowed by your administrator and also that Edge is fully up to date. You may want to restart the browser once more to make sure your Edge client has the preview. After making sure you have the latest updates, you should see the scareware blocker preview listed under ‘Privacy Search and Services’.” This is on-device AI, so your feedback will help them hone their model.When using the new shareware blocker, Microsoft says that “once the user is back in control of their browser, scareware blocker will let them report the malicious site to protect others. Users can share a screenshot of the scam and other diagnostics with Microsoft, helping the Defender SmartScreen service detect scareware outbreaks across multiple machines. If they don’t choose to report, the scareware blocker model will discard the page. To reduce false alarms, users can also report when scareware blocker makes a mistake and blocks a legitimate page.”“Scareware scams have been around for a long time, and they’ve become one of the most damaging scams around – but what if they weren’t?” TechRadar says, welcoming this move. “This new technology could see the end to tech support scams entirely.”If you’re not an Edge users, ESET says “the good news is that it isn’t hard to stay safe from scareware,” offering some “best practices to bear in mind once you spot an ‘alert’.”So, a welcome move from Microsoft. And the Windows-maker could do with some positive news, given its continuing update glitches. As ZDNet points out, “with so many different Windows PCs and configurations used around the world, a certain number of bugs and conflicts are inevitable. But Microsoft and Windows users have been going through a particularly rough patch. Windows 11 24H2 has been a mess, with one glitch after another popping up, causing Microsoft to pause this version for affected PCs.”And per The Register, “2025 is not going well for Microsoft and its regular Windows update. Shortly after the release of the security update, KB5050009, the company admitted to issues with Citrix Session Recording software. The latest admission is related to USB audio, where playback might not work and an error message is shown in the Window Device Manager.”Beyond the PR benefits, Microsoft’s scareware blocker is a major step forward. And the on-device, privacy-preserving methodology is a huge plus-point. As I’ve commented before, especially when it comes to email threats, we need much more of this AI-fueled local detection and prevention.One Community. Many Voices. Create a free account to share your thoughts. Our community is about connecting people through open and thoughtful conversations. We want our readers to share their views and exchange ideas and facts in a safe space.In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.Your post will be rejected if we notice that it seems to contain:User accounts will be blocked if we notice or believe that users are engaged in:So, how can you be a power user?Thanks for reading our community guidelines. Please read the full list of posting rules found in our site’s Terms of Service.
