stackoom
  简体   繁体   中英

Distributing Windows Application - browser and antivirus problems

 原文  2023-01-30 08:13:07       installation/ deployment/ download/ windows-installer/ code-signing

Question

We have Windows application (MSI install package), downloadable from our site. The problem is, that browsers and 3rd party antiviruses prevent some users from download an APP. Is there a way to make our MSI package more trustable for browsers and antivirus? Maybe it can be checked and uploaded in some other resource, and downloadable for users from here? PS We use code signing certificate, and Windows store is not a variant for us now.

2 answers

solution1
 0  2023-01-30 14:40:45

Reputable anti-virus vendors have a way you can send your installation packages to be "whitelisted". Browsers have their own heuristics and using an EV certificate (more expensive) is supposed to help. Edge also supposedly respects the Defender whitelist .

Ultimately, the more downloads you get, the better your URL's reputation, the better you pass the heuristics.

solution2
 0  2023-02-01 08:20:30

We've been building and releasing the same application for almost 20 years and AV false positives can still create problems. This is how we do it today:

After each release, we scan our new setup on https://www.virustotal.com/gui/home/upload and if we notice any AV vendors flagging it we reach out to each of them and submit a request for false positive removal. They all have some form or email address where you can contact them.

They usually process these requests in a few days, so no real big problem for our users and doesn't take a lot of time.

Now, with SmartScreen, there is another story. Even if our package was digitally signed for over a decade, 2 years ago when we renewed our certificate Windows flagged our installer for about 2-3 months.

在此处输入图像描述

This was an installer with hundreds of thousands if not millions of users in the last decade. In the end, its reputation system got back to normal and stopped flagging it but it was really annoying for our customers.

The solution to this is to buy an EV certificate (confirmed by some of our customers) and then you will get an instant reputation with SmartScreen. This Spring our normal certificate expires and we will go the EV route too.

You can read more about digital signing and EV certs in the following articles:

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Distributing windows media player 11 with .net based application Antivirus Software blocking VB.NET Application Installation problems with Lilypond for Windows Distributing a stand-alone Python web-based application to non-technical users How to avoid antivirus during installation? Java Application and Windows Firewall Problems installing Hadoop on Windows 7 Enterprise N Distributing java web applications Problems while restoring application from backup Problems installing django-1.0.2 on Windows XP
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM