Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

05-August-24

Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising any warnings.


Smart App Control (SAC) is a cloud-powered security feature introduced by Microsoft in Windows 11 to block malicious, untrusted, and potentially unwanted apps from being run on the system. In cases where the service is unable to make a prediction about the app, it checks if it’s signed or has a valid signature so as to be executed.


SmartScreen, which was released alongside Windows 10, is a similar security feature that determines whether a site or a downloaded app is potentially malicious. It also leverages a reputation-based approach for URL and app protection.

Read More…