Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

Windows 10 Option to Block Installation of Win32 Apps

Windows 10 could soon allow users to block the installation of applications coming from other sources than the Microsoft Store, a feature that would likely help prevent the installation of malware.

Windows 10 could soon allow users to block the installation of applications coming from other sources than the Microsoft Store, a feature that would likely help prevent the installation of malware.

The feature, which would essentially prevent users from installing Win32 applications, is said to be currently tested as part of the latest build to have been pushed to users in the Insider Preview program (which is Windows 10 build 15042).

Win32 is the core set of application programming interfaces (APIs) available in the Microsoft Windows operating systems and is often referred to as the Windows API. In addition to Win32 apps, however, Windows 10 users can also install software built using Microsoft’s Universal Windows Platform, or UWP.

This new platform is the framework for applications that support not only Windows 10 computers, but also other devices running under the platform, such as Xbox One, HoloLens, and phones. Microsoft Store, the app portal accessible from all these devices, only accepts UWP applications, and the tech company even released a converter to help developers port Win32 apps to UWP.

With millions of Win32 applications available out there, it might take a while before all developers switch to the new framework, especially if users aren’t in a hurry to embrace UWP applications.

What the newly observed change does is to let users block Win32 apps from being installed, by selecting an option to “Allow apps from the Store only” from the Windows 10’s Apps & Features settings screen. According to Vitor Mikaelson, even when this option is selected, already installed Win32 apps will be allowed to run normally.

The option is expected to become available in all Windows 10 editions once the Creators Update arrives in April, which will also allow enterprise users to benefit from it. Basically, admins will be able to install necessary apps and then turn the feature on to keep unwanted applications away. This option will essentially prevent malware from being installed on Windows 10 devices, either with or without user’s consent, unless it is being distributed via Microsoft Store.

The upcoming feature will also offer options such as to allow applications from anywhere without warning, or to prefer those from the Microsoft Store but still allow those from other sources (which will trigger a prompt to inform users that they are installing applications that are not from the Windows Store).

Related: Windows 10 Creators Update Brings New Security Capabilities

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Malware & Threats

Microsoft plans to improve the protection of Office users by blocking XLL add-ins from the internet.

Cybercrime

Chinese threat actor DragonSpark has been using the SparkRAT open source backdoor in attacks targeting East Asian organizations.

Cybercrime

CISA, NSA, and MS-ISAC issued an alert on the malicious use of RMM software to steal money from bank accounts.

Malware & Threats

Norway‎-based DNV said a ransomware attack on its ship management software impacted 1,000 vessels.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Malware & Threats

Cybercrime in 2017 was a tumultuous year "full of twists and turns", with new (but old) infection methods, a major return to social engineering,...

Malware & Threats

Fortinet warned of three malicious PyPI packages containing code that fetches the Wacatac trojan and information stealer.

Cybercrime

The recent ransomware attack targeting Rackspace was conducted by a cybercrime group named Play using a new exploitation method, the cloud company revealed this...