Microsoft announced Monday that they will no longer tolerate adware that utilizes man-in-the-middle attacks or out-of-browser techniques that monitor and modify the network traffic between the browser and a server.

These types of adware typically use man-in-the-middle attacks such as proxy servers, DNS modifications, main-in-the-middle SSL certificates, Layered Service Providers, or other techniques that allows the adware to listen into the traffic that passes between the web browser and a web server.  With the adware sitting in the middle and all web traffic passing through it, the adware has the ability to modify the data so that ads are injected.

Below you can see an example of how a man-in-the-middle attack works.

Man in the Middle Attack
Man in the Middle Attack

This is great news as most adware today should be categorized as Trojans because they pretend to be something useful but are in fact the opposite. Though many people are referring to the Lenovo Superfish fiasco as the primary reason for this new policy, the reality is that adware injection has been going on for quite some time using techniques that are nothing like Superfish. These techniques utilize network stack manipulation, function hooking, and proxy servers to sit in the middle and manipulate web traffic.

Considering that Google took aim at these same type of adware purveyors back in March 2015, the biggest surprise is how long it took Microsoft to take similar action. Another concerning statement in the Microsoft announcement is this sentence:

To address these and to keep the intent of our policy, we’re updating our Adware objective criteria to require that programs that create advertisements in browsers must only use the browsers’ supported extensibility model for installation, execution, disabling, and removal.

Does this mean that adware developers who install their programs as extensions, addons, or browser helper objects are allowed to continue injecting ads into the browser as they will be implemented using the browser's extensibility model?  We will just have to wait and see.