I am new to windows development. I packed my project into a msi setup to install on other systems but when I open the msi in any system it shows a warning as attached 
. How can I remove this warning?
Asked
Active
Viewed 703 times
3
Pavel Anikhouski
- 21,776
- 12
- 51
- 66
Anubhav Gupta
- 66
- 4
-
Maybe have a read through this: https://stackoverflow.com/a/48835413/4181058 – Captain_Planet Nov 13 '19 at 07:47
1 Answers
1
Note: Be sure to check if your organization already has an EV-level certificate? Just a few emails or phone calls might be wise before trying to research the purchase process?
Trust & Reputation: What you really need is an EV code-signing certificate. Microsoft's SmartScreen feature in Windows (which is what you see with that blue prompt) is a reputation-based system where unknown binaries are flagged as unsafe until they are validated safe by users in actual use.
Virustotal.com: An EV code-signing certificate "buys trust outright" - interesting concept - and should allow your users to not see such a prompt even for brand new binaries. Make sure to check all your binaries using virustotal.com though, as many malware-scanner detections can trigger a resurged smartscreen warning for any binary - which is what it is for (signed malware is still malware).
False Positives: False positives for malware is a huge problem since you have to deal with it and solve it, and you can't just tell your users to rebuild their PC and try again.
Moral: The moral of the story is to use Virustotal.com to test for both malware and false positives in your binaries and files for distribution, and to use an EV-level certificate for serious software distribution to get trust for your binaries outright (without delay). An EV-level certificate is not a silver bullet. Problems can still be seen. Trust can be lost too, not just gained (trust... hard to earn, easy to lose).
Tip: A properly signed MSI will also show up with the correct name in the UAC prompt: Installshield Custom Dialogue Installer (see screen shot and then the answer a bit down the page).
The Far Side Perspective: "Be sure that your setup is malware free or an applied digital certificate is proof positive that you delivered the malware" (until that is hackable too) :-)
We do our best.
Link:
- How to protect MSI against modification (on malware and false positives - recommended)
- How to add publisher in Installshield 2018
- How to pass the Windows Defender SmartScreen Protection?
Stein Åsmul
- 39,960
- 25
- 91
- 164