9mo ago

New Windows driver blocks software from changing default web browser

www.bleepingcomputer.com New Windows driver blocks software from changing default web browser

Microsoft is now using a Windows driver to prevent users from changing the Windows 10 and Windows 11 default browser manually or through software.

Privacy @lemmy.ml

www.bleepingcomputer.com /news/microsoft/new-windows-driver-blocks-software-from-changing-default-web-browser/

184 38

134 comments

Some people are saying this is good, but Microsoft recently changed my default search engine to bing "In case it was accidentally changed or changed by another program". I have zero faith they won't abuse this, they are becoming ever increasingly pushy about using edge and switching to bing.
- It doesn’t seem like your computer, does it? It’s like you’re a user in their enterprise.
  
  Haven’t they recently renamed “My Computer” to “This Computer” on the desktop?
- BS like this has made it impossible to maintain a consistent experience for my parents who aren't super tech savvy. It's so frustrating helping them over the phone for hours only to realise that windows just on a whim changed major settings without any user interactions. Changed theirs OS to Debian now. Much better.
  
  Seriously. Windows has become garbage enough that 20 years ago Linux is the better OS. Even though 20 years ago windows (well, let's say 15) was better than modern Linux is.
- I use Kagi, and so far, it seems to casually switch it back with that message about once a month.
- Yeah that's why you can't give your computer to Fucking m$
- Set it via group policy (local or domain) and forget about it.
  
  How long til that's deprecated though?

Posts like these reveal how many reads the article.
This is a good thing done by Microsoft. They make sure that 3rd party software can't change the default browser without the user knowing.
They will get prompted with the choice screen showing all installed browsers. And when they make their choice, even Edge wouldn't be able to prey people into clicking a button that makes it the default instead.
- In principal, the change is good for reasons you mentioned. However microsoft has :
  bypassed any default screens in the past, allowing edge to be set default without user input.
  has added very annoying screens when changing default applications asking the user multiple times if they are sure.
  has added special protocols for applications and set edge as default browser to bypass default application settings in all office applications ( outlook, teams, word, ... ).
  They just can not be trusted with this, they have proven this in the past...
  
  No, they can't be trusted. That's why they are forced to do it by the EU to comply to the DMA.
  This may only be released in the EU, also.
- Posts like this reveal how many people believe every word a megacorp PR dept announces
  
  More like how many believe their own stupid head-canon without reading or confirming shit.
  
  It's literally to comply with the EU. Microsoft doesn't do this to be nice.
- Considering that Edge makes itself the default browser and even PDF reader on its own every few weeks, I don't trust Microsoft to keep Edge from taking over as default without user input.
  
  They'd have to. They don't make the change so they can be nice. It's probably also only for EU users, when it releases.
- Hahahahahaha, right, right. Hahahaha
  And I did read the article. No, this is MS continually pushing users into Edge.
  "Kolbicz believes this change may be to comply with Europe's Digital Markets Act (DMA)" (emphasis mine).
  "BleepingComputer contacted Microsoft about the lockdown of these Registry keys in March, but they said they had nothing to share at this time."
  
  The dma only speaks about easily changing the default application. It has nothing to do with this.
  What the dma did allow was the "complete" uninstall of edge in windows 11.
  The only thing that is left behind i noticed is the edge webview component for webview & webview2
- The "choose the default app" modal has special code that makes it say "HEY BTW EDGE EXISTS CLICK HERE" If the modal is for choosing your default browser. It is absolutely about control.
- So many headline readers. To be honest, 99% of these problems that folks rage about could be resolved with a group policy (local or domain). The problem is, Windows is like 73% of worldwide OS usage, so like it or not, there is a lot of trying to protect the user from themselves. Team Linux can't fathom that because they come from the perspective that they can build thier experience from the ground up to be exactly as they like. The VAST majority of people don't want that, they want something that works and they don't really care what happens behind the curtains. I would wager that 90% of users could care less what browser they use (or would even notice if it changed!) as long as they still had access to their bookmarks.
  I would like to share a positive experience from this new driver the article is about. I use notepad++ and setting it as the default was kind of a pain in the butt. It would work sometimes, but not consistently, and often depended on a registry hack or symlink to work. Now with the new interface for default apps, as long as I have the new Windows Notepad app installed when I change the defaults for "open with", it just works! For all the file extensions, all the time. Honestly it's a much better experience and it's ACCESSIBLE to the lay person.

Luckily I've changed my default OS to Linux
- Lol .... you can bypass the Windows restriction by deleting the System32 folder
  
  Microsoft hates this one simple trick
  
  Instructions unclea---
  
  Classic
- This is the way

Didn't they already lose a court case about doing that?

Lin...ux?
- Yep, I just switched yesterday.
  
  Literally switched two days ago. Trying mint for now
- If you want to keep your computer, yeah.
  Might be rough, but, like... Windows7 isnt supported anymore.
- Linux Linux?
- Okay so KDE was okay 5-10 years ago. Ultimately crawled back to Windoze. What's in vogue in 2024?
  
  KDE 6 just dropped. Cinnamon is up there as well. And if you think iOS is too cluttered and functional, give Gnome a try.
  
  I'm a big fan of Pop OS personally.
  
  Budgie for minimalist KDE-like experience
  Cinnamon for good old Windows 7 vibes
  XFCE for going all XP
  KDE itself is really good nowadays, and probably the most popular option
  There is plenty of choices, those are just some of the major ones.

This is horrible. I run several different environments of VMware Instant Clone VDIs and use the SetUserFTA to help a users default browser and other file extension defaults to persist for a user from session to session on a non-persistent VDI. Now it’s broken.
Thanks a lot Microsoft. 😤
- I said literally like two days ago "fine then; keep using windows until they take a feature you rely on and all your data is either gone, or trapped in an impenetrably useless shell"
  Theres no practical value to being right, but fsmn does it feel good.
  Uh, sorry about your shit. If you want to still have your computer in a year; switch to linux
  
  We have 80,000 people that work for my company. That’s not going to happen. Now we have 10,000 VMs running a combination of Ubuntu, Red Hat, Debian, and Centos. But our employees choose the OS they want to run on their own work devices whether it be Linux, MacOS, or Windows and no way is everyone is going to Linux, even if that is my own OS of choice. Especially the C-Level and board member types.
  
  How do you know if someone is a bisexual vegan economics major who uses Linux? They've already told you.
- Awesome tool, that one. Not often we use it (and usually inside a virtual application environment), but it's great to rely on...
- Why aren't you using group policy?
  
  How long til that's deoricated, would you bet?
  
  We are using Instant Clones. It’s a non-persistent Virtual Desktop.
  We want to give our users the choice and then be able to persist those choices. Not force them to use just one option with a GPO that defines what they have to use.
  SetUserFTA and Dynamic Environment Manager allowed it until the last Windows CU came along…

Meanwhile, if you use Microsoft Teams & Outlook with the Teams add-on installed ... and you are wondering why your email links are suddenly opening in Edge instead of your default browser, disable the Teams add-on in Outlook and rage for a moment at the stupidity.
Teams is forcing Edge browser to open links in new Teams and by extension, in Outlook. Setting the default browser to open links within Outlook settings just leads to un-clickable links. The only way to fix it is to disable the Teams Outlook add-on.
Yes, same old Microsoft. Anyone who thinks they have changed in any way since the days of forcing Internet Explorer as the default are sadly and woefully mistaken.
- You can change the default Browser to open links in Teams. I had no problems opening links in Teams or Outlook since I changed it.
  
  I see your TLD is ".de" so maybe there it works, not in America. Home of the "free".
  Changing the setting in Teams and Outlook to Default Browser resulted in links that did not work at all. Removed Teams add-on was the only solution.

At least not in the EU, there Windows should even allow you to uninstall EDGE. MS in the EU is way different, less restrictive and more private than MS US.
- Maybe it's because websites should ask user before enabling cookies?
  
  MS US not only use cookies, it logs even your keystrokes and mouse movements, apart to pass your data to Towerdata and Facebook. Cookies are not the problem if yo use uBO, Cookie Autodelete or similar.

I understand that software directly and silently changing the default software can be a security issue. But it's only because it happens silently. Does Windows allow for showing a system prompt that confirms the change to the user? If not, then that's just plain ol' anti-competitive. Especially with how pushy Edge and Bing can be.
- I don't think the goal is to lock you into their browser, since you still can change it through the GUI. It seems to be part of the recent push to block software which changes hidden settings. The end goal being to lock down the OS and prevent users from disabling features MS wants to push onto them.

I’m not sure that a protection against changing the default browser with third party programs (maybe without the user knowing) via the registry is the evil thing being depicted here.
The way I read this article is that this is a move for compliance with the new digital markets act and I’m not seeing the maliciousness.
Willing to be wrong, I haven’t used Windows regularly for like 20 years.
- That's one take, except even the article notes that's a weak argument.
- You kidding? That means First party is now a protected method which will absolutely result in the expected outcome like they have done with every “feature” update blocking work arounds.
- Incomprehensibly stupid, because all they have to do is ask the user to confirm. Forcing through their own default instead of asking is malicious.

Presumably one can still set default in settings. I'm not giving up Firefox yet.

- We know. You keep telling us.
- Don’t worry, someone will port it to Linux some day.
  
  they ported ms edge to linux already
  
  edge is on linux at least as a beta as I write this

I've said it before and I'll say it again - Windows isn't ready for the desktop. Just use Linux.
- @Naich @ardi60 Totally agree.
  I mean, Windows is just such a weird proprietary distro.
  It doesn't use the latest Linux kernel, or even a mainstream POSIX-compliant alternative like BSD. Instead, you have a strange CP/M-like monolithic kernel — I think they used to call it DOS — that's been extended to behave more like VAX and MP/M.
  It also doesn't use either X11 or Wayland as a display manager. Instead, you have an incredibly unintuitive overblown WINE-like subsystem handling the display.
  Because it doesn't use Linux, Wayland, or X11, you are limited in the desktop environment that you can use. There's really limited support for KDE, despite the best efforts of volunteers.
  Instead, there's a buggy and error-prone proprietary window manager that ships with it by default. A bit like how Canonical tried to ship Unity as it's default desktop environment with Ubuntu.
  And confusingly, they've named that window manager Windows as well!
  That window manager lacks many of the features an everyday Gnome or KDE user would expect out of the box.
  It also doesn't ship with a standard package manager, and most of the packages ship as x86 binaries, so installing software works differently to how an everyday Linux user would expect.
  There's also only one company maintaining all of these projects. It insists on closed source, and it has a long history of abandoning its projects.
  And sure, if you're a nerd who's into alternative operating systems, toying with Windows can be fun.
  But if your grandpa is used to Linux, frankly he'll be utterly bamboozled by the Windows experience.
  I'm sorry to be glib, because Windows does have some nice ideas.
  But.
  Windows on the desktop just isn't ready for your average, everyday Linux user.
  Linux #Windows #PC
  
  @ajsadauskas @Naich @ardi60 And if you thought that was confusing, the same company also makes a “Windows Subsystem for Linux” but appears to have got the name backwards — it’s not FOR Linux, at all!
  
  I agree with every single bit of this but felt like I was being attacked the whole time I read it. Maybe it's PTSD from asking questions in Linux forums as a kid and getting ripped into with long replies. Does anybody else feel that way?

So the fix is to manually set your default browser. No more can programs do it for you.
I mean, it's not hard, and it stops most malware from doing it.
- It's still going to artificially inflate Edge's numbers from tech illiterate users that don't know how to change it. There's a significant number of users out there that will put up with Microsoft shitting down their throat before bothering to expend the few minutes it would take to learn how to change the settings themselves. The few that do try to figure it out will find Edge directing them to Bing which will make every effort to convince them not to do it. Meanwhile, Edge will steal all their bookmarks and tabs from Chrome, in order to further encourage users to just give up and use Edge.
  It's all calculated "dark patterns" shit, and it works. Microsoft counts on these people being so easy to corral.
  And you can bet your ass after they implement this, they will push an update that "accidentally" resets the default back to Edge for everyone. Just to "clear the board".
  it stops malware from doing it
  There are many different ways to prevent that apart from straight up removing the functionality. Another tactic Microsoft uses is trying to convince you there is only ever one way to secure the system and they "have no choice" if they want to keep their users safe.
  It's like saying the only way to keep a plane from being hi-jacked is to handcuff every passenger to their chair. It's bullshit.
  
  Are tech illiterate people intentionally using 3rd party software to change their default browser? Genuinely asking because I have always manually set my default on a new device.
  
  Other browsers can still point to the settings panel (ms-settings:defaultapps) where you see your default program association, you just need to change it yourself.
  This is a good change security-wise. All other modern OSes do it, Microsoft is simply catching up.

Does that mean Teams will finally stop opening links in Edge when that's not my default browser?

Shocking. Never expected this behavior from such a helpful and heart warming company like Micro~.sft /s

(only tangentially related) what does 'driver' mean in windows lingo? I thought it was hardware-related stuff but I'm probably wrong.
- It's pretty much a program running in OS kernel space to handle specific function calls which need low level system access. Most hardware needs custom drivers to work because they need to interact with those low level OS components, so that's why they're mostly associated with hardware.
  A lot of antiviruses use custom drivers to intercept and inspect program behavior to look for viruses, etc
- Just a low-level filter that inspects and vetos things (think anti virus)

To anyone saying "just use GPOs", here's a quote from the SetUserFTA page:
Microsoft offers a solution with GPO, but it is Computer-based and not User-based – and rather complicated. this means, you can not associate your Users on the same Server/Client with different file types. for example:
you have a PDF viewer and a PDF editing software on your XenApp server. Now you want that a certain group opens their PDF’s in the editor and the others only in the viewer (for licensing reasons for example). this is NOT possible anymore and Microsoft states “it is by design” and “this is a security measure”.
Said solution:
Set up a reference computer
Install applications
Go to Control Panel\All Control Panel Items\Default Programs and configure default apps associations.
Export/import the custom default app association with dism.exe
[...]
As some recommended applications can manage more extensions with each new Windows 10 version available, it's a good practice to refresh your XML. For example, in Windows 10 1703, Microsoft Edge registers the epub extension. If you're using an XML file from Windows 10 1607, epub is missing. As a result, you will get an app reset notification for epub.
[...]
Configure a policy for your domain-joined computer: file association will be configured at each logon. User will be able to change file association, but at the next logon file association will be configured using XML file. This policy works only for domain-joined computer.
This is just about the most convoluted, annoying way they could come up with for doing this, doesn't help people whose machines aren't part of AD and isn't scriptable. If they were mainly concerned about security they'd have an option for not allowing the user to change these preferences even temporarily on domain-joined machines.
- That's on purpose.

Is this why Windows has started opening all my chromium apps in edge? They fuck up constantly and it's really making me want to ditch windows.
If I understood Jack audio as well as I understand Voicemeeter, and if I could get my damn push to talk button working properly in Solaar I'd be done by now.
If anyone has a solution to the edge thing please help.

Google gets to do this on Android. Apple gets to do this on iOS.
The unfortunate reality is that MS is catching up to the bad apples in bad behaviour.
- Microsoft is the OG. The other two are just imitators. The only reason Microsoft happens to step carefully. Was a little thing that happened in the late 1990s. That all penalties were largely waived for. But still it frightened them enough to behave better for a short while.
  
  Google has long since surpassed anything MS dreamed of doing.
  Edit: to be clear, this article is that they're blocking programs other than the control panel from changing the default browser.
  Meanwhile, in Android, I've set Newpipe as the default app for YouTube videos. I have every single url for YouTube set to open in Newpipe. Still opens all YouTube video links in the YouTube app.
- sdfasdfadsf

134 comments