How to avoid the Windows Defender SmartScreen prevented an unrecognized app from starting warning

Question

My company distributes an installer to customers via our website  Recently when I download via the website and try to run the installer I get the warning message   Windows protected your PC Windows Defender SmartScreen prevented an unrecognized app from starting  Running this app might put your PC at risk   If I right-click on the installer and choose Properties I note the following   Our installer is signed  How do I find the reason for the Windows Defender SmartScreen warning  I have not managed to find any log file for Windows Defender nor found anything in the Event Viewer

User · Answer

UPDATE  Another writeup here    How to add publisher in Installshield 2018    might be better       I am not too well informed about this issue  but please see if this answer to another question tells you anything useful  and let us know so I can evolve a better answer here   How to pass the Windows Defender SmartScreen Protection  That question relates to BitRock - a non-MSI installer technology  but the overall issue seems to be the same   Extract from one of the links pointed to in my answer above      a certificate just isn t enough anymore to gain trust    SmartScreen is reputation based  not unlike the way StackOverflow works    SmartScreen trusts installers that don t cause problems  Windows machines send telemetry back to Redmond about installed programs and how much trouble they cause  If you get enough thumbs-up then SmartScreen stops blocking your installer automatically  This takes time and lots of installs to get sufficient thumbs  There is no way to find out how far along you got    Honestly this is all news to me at this point  so do get back to us with any information you dig up yourself     The actual dialog text you have marked above definitely relates to the Zone Identifier alternate data stream with a value of 3 that is added to any file that is downloaded from the Internet  see linked answer above for more details      I was not able to mark this question as a duplicate of the previous one  since it doesn t have an accepted answer  Let s leave both question open for now   one question is for MSI  one is for non-MSI

User · Answer

If you have a standard code signing certificate  some time will be needed for your application to build trust  Microsoft affirms that an Extended Validation  EV  Code Signing Certificate allows us to skip this period of trust-building   According to Microsoft  extended validation certificates allow the developer to immediately establish a reputation with SmartScreen  Otherwise  the users will see a warning like  quot Windows Defender SmartScreen prevented an unrecognized app from starting  Running this app might put your PC at risk  quot   with the two buttons   quot Run anyway quot  and  quot Don t run quot   Another Microsoft resource states the following  quote    quot Although not required  programs signed by an EV code signing certificate can immediately establish a reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher  EV code signing certificates also have a unique identifier which makes it easier to maintain reputation across certificate renewals  quot  My experience is as follows  Since 2005  we have been using regular  non-EV  code signing certificates to sign  MSI   EXE and  DLL files with time stamps  and there has never been a problem with SmartScreen until 2018  when there was just one case when it took 3 days for a beta version of our application to build trust since we have released it to beta testers  and it was in the middle of certificate validity period  I don t know what SmartScreen might not like in that specific version of our application  but there have been no SmartScreen complaints since then  Therefore  if your certificate is a non-EV  it is a signed application  such as an  MSI file  that will build trust over time  not a certificate  For example  a certificate can be issued a few months ago and used to sign many files  but for each signed file you publish  it may take a few days for SmartScreen to stop complaining about the file after publishing  as was in our case in 2018  As a conclusion  to avoid the warning completely  i e  prevent it from happening even suddenly  you need an Extended Validation  EV  code signing certificate

User · Answer

After clicking on Properties of any installer  exe  which block your application to install  Windows Defender SmartScreen prevented an unrecognized app   for that issue i found one solution         Right click on installer  exe     Select properties option    Click on checkbox to check Unblock at the bottom of Properties        This solution work for Heroku CLI  heroku-x64  installer  exe

[windows] How to avoid the "Windows Defender SmartScreen prevented an unrecognized app from starting warning"

Examples related to windows

Examples related to installation

Examples related to windows-installer