Microsoft has a serious problem with fake program extensions browsing Edge hosted on the company's store.
After removal of many fake and dangerous extensions last week, η Microsoft έπρεπε και πάλι να αφαιρέσει μια ψεύτικη επέκταση. Την περασμένη εβδομάδα, έγινε γνωστό ότι αρκετές ψεύτικες επεκτάσεις αφαιρέθηκαν από τη Microsoft. Είχαν κατασκευαστεί έτσι ώστε να μοιάζουν με επεκτάσεις από νόμιμες υπηρεσίες (uBlock Origin, VPN services NordVPN, Adguard VPN and TunnelBear VPN and many other regular browser extensions).
Many companies and developers have not developed extensions for Microsoft Edge or ported their existing extensions to Microsoft Store. Fake extensions are created and uploaded by third-party developers. All used the names of popular products, likely to make Microsoft Edge users install them without checking. These extensions redirect browser searches to OKSearch.
The developers of Windscribe (a popular VPN application) revealed yesterday that their service was also targeted. A fake Windscribe extension was uploaded to the Microsoft Store, and like many others, it was accepted by Microsoft.
Someone uploaded a modified one version of the extension and the company approved it without any review, or if there was a review it was not sufficient. The extension does not appear to contain any malware at first glance, however it is a good idea to change your Windscribe password if you are using the extension.
Microsoft, meanwhile, has labeled the fake extension malicious. As a result, the extension is no longer available and users who have it installed will see it as disabled.
The actual Windscribe extension is still waiting in line for control by Microsoft.
Microsoft's audit process did not detect any fake extensions released in the company's store in the last two weeks. It seems that the company should change the control process, and even immediately.