This is why people ignore security warnings: IE9 blocks official Microsoft update

Microsoft has released a Web Standards Update for Visual Studio 2010, with new HTML5, CSS3 and JavaScript support.

I look forward to trying it; but Internet Explorer 9’s Smart Filter was not keen.

image

What you cannot see from the screenshot is that the option to “Run anyway” is hidden by default. You have to click More Options; otherwise you just get the first two options, Don’t run, or Delete.

Note that this download is from an official Microsoft site, and has been downloaded, according to the stats on the page, nearly 6,500 times.

Developers can cope; but I think this sort of warning is extreme for a download from an official Microsoft site, whose main crime is being unknown, for some reason, to the SmartScreen database of approved executables.

Though maybe the Visual Studio team should have signed the installer.

The long term effect is that we learn to ignore the warnings. Which is a shame, because the next one might be real.

Update: How do other browsers handle this scenario? Here’s Google Chrome:

image

Mozilla Firefox – a prompt, not a warning:

image

same in Apple Safari:

image

Which is best? Well, IE9 wins kudos for being the only browser to point out that the package is unsigned; but loses it for its over-the-top reaction. Chrome has pitched the leverl of warning about right; Firefox and Safari are perhaps too soft, though let’s also allow for the fact that their filters may already have worked out that thousands had already downloaded this file without known incident so far.

The IE9 issue is mainly because the installer package is unsigned, which is probably an oversight that will be fixed soon.

VN:F [1.9.18_1163]
Rate this post
Rating: 3.5/10 (2 votes cast)
This is why people ignore security warnings: IE9 blocks official Microsoft update, 3.5 out of 10 based on 2 ratings

Related posts:

  1. Microsoft’s Vista update – SP1 by another name?
  2. Microsoft appeals to Windows 8 Metro developers not to stray from the official API
  3. Microsoft’s Office UI patent trap: watch out with that MFC update
  4. The end of Code Access Security in Microsoft .NET
  5. Microsoft rolls out its browser choice update – but which is really the best?

6 comments to This is why people ignore security warnings: IE9 blocks official Microsoft update