There are various ways you can change the default browser and similar defaults on Windows, but oneof the ways many third-party tools do this is by editing the relevant registry strings. It turns out that Microsoft is not particularly happy with this, as they’ve recently introduced a new driver specifically designed to prevent this from happening, by blocking tools like regedit or PowerShell from editing a number of registry keys for setting default applications. The driver was discovered by Christoph Kolbicz.
Microsoft implemented a driver based protection to block changes to http/https and .pdf associations by 3rd party utilities. The rollout was staggered and activated “randomly”, but in the meantime I got many reports – also from business or education environments (but not Server OS).
Microsoft also updated the driver during my tests (from 2.0 to 2.1) and extended the deny list of executables. This means, they can change the behavior almost on the fly and add new tricks or block additional extensions/protocols!
↫ Christoph Kolbicz
Digging further into what, exactly, this driver can do, Microsoft also made it so that even if you disable the driver, an additional scheduled task will run to re-enable the driver and revert the registry changes. It also seems this is somehow related to the changes Microsoft has to make to comply with the EU’s DMA, but the driver is also installed on systems outside of the EU, so it’s all a bit unclear at the moment.
I’m not sure how this would be something consumers want.
Sure, it might be a good option for large enterprises where they want to control desktop setups. But then, they have ACLs for these registry keys and Group Policy to govern them.
So basically, Microsoft has reached the IBM stage, where the marketers are in charge, and product is irrelevant.
Since when does Microsoft prioritize what consumers want? This type of scumbag move should come as no surprise.
friedchicken,
They occasionally do, and lull us into thinking “they have changed”
For example, bringing back compat to Xbox, making .net truly open source, or providing a good secure antivirus (defender), freeing us from installing crappy ones.
But then, yes, they come back to their old selves.
Yeah, WSL is one of their good move. But generally the whole ecosystem is pedaling backward.
WSL was becoming their only move; Linux was gaining traction with developers who were realizing they didn’t need Windows. When servers and a good chunk of phones run Linux, having a Linux desktop has knock-on benefits. You can run local servers that closely resemble your targets and Android VMs are multiple times faster on Linux.
Inadvertently Linux managed to pull from the MS playbook by having superior product integration. WSL answers most problems with the “Linux Halo” by sidestepping their own stack entirely.
When consumers benefit from what Microsoft does, it’s collateral advantage. Their goal isn’t to make users happy, it’s to lock them into as many products & services as possible, scraping as much data as possible, and leveraging it to milk as much as they can. I’m not one of those `Micro$oft is evil` people and have defended them on many occasions, but I’m also well-aware they’re a for-profit company doing business with a long list of governments, militaries, and agencies, outside public view.
It’s not that they come back to their old selves, it’s that they never left in the first place. The lulling is always smoke & mirrors.
Well, this also blocks third party software from changing default browser and PDF viewers without user permission.
Changing default browser, PDF viewer, and adding icons to taskbar/start menu without user intervention (outside of the Programs list) is something Microsoft has been trying to eliminate since Windows 10. Those are probably the most common things third-party apps do without permission that end up being a pain in the ass for users, and have long been a source of user complaints
In other words, Microsoft is merely enforcing user choice in this case, not blocking it.
Drumhellar,
It would have been perfectly fine if they themselves did not interject Edge as the default browser (on and off in there), or make it extremely difficult to change it as a user.
Previously an alternate browser like Chrome or Firefox could just have a single click to land you on the browser choice.
Now you have to manually browse those menus, and even then it would try to steer you away from making a choice.
https://support.mozilla.org/en-US/kb/how-change-your-default-browser-firefox-windows#w_manually-change-your-default-browser-to-firefox-in-windows-settings-windows-11
https://support.google.com/chrome/answer/95417?hl=en&co=GENIE.Platform%3DDesktop#zippy=%2Cwindows
Reading those instructions, I’ve decided that it is actually pretty dang easy to change your default browser. Yeah, its annoying that Microsoft occasionally reverts those changes on major updates, but no more annoying than Acrobat, Foxit, Chrome, IE, Opera, Vivaldi, or Firefox doing the same, or when some other app you install or use does it even if they aren’t related to web browsing or PDF, etc etc. In the past, even if you changed the program settings to respect changes, if you used a third-party updater/installer such as Ninite, the installer often wouldn’t respect that setting and make it really easy to accidentally re-assign defaults.
A major question that Christoph Kolbicz didn’t attempt to answer was if it it only blocks changes that try to choose a third-party browser/PDF reader but allows them if a third-party util switches them to Edge. I don’t run Windows, so I have no real way to test, but I’d be curious what the answer to that question is.
Drumhellar,
I agree with you that it’s very annoying when applications do that, but I think it’s even more problematic from an antitrust perspective when microsoft does it. They should not be using their privileged OS control to overriding user settings, but unfortunately they do and this is why 3rd party software have to keep checking.
Eh. Third-party software has been overriding user settings in this area for much longer than Microsoft. This has been a problem since Windows 95, while Microsoft’s pushiness wit this has been much more recent. Everybody lauded Microsoft when it banned third-party software from being able to drop icons onto your taskbar at will.
Unless you can think of a way to allow only apps you want to be able to, to change settings, while blocking apps that you don’t want, without requiring users to jump through more hoops, then I’d like to hear it.
But I’m wondering about the use-case for using a third-party app to change this setting instead of the UI. I guess remote administration of Home versions of windows that lack remote-admin facilities is one, but that is such a corner case versus how many poorly-behaved third-party apps are in use
Drumhellar,
I’m not against a new UI that behaves fairly. But 3rd parties have not been the limiting factor here, it works exactly the way microsoft built it. If microsoft wants to address the shortcomings of their own design going forward, that’s one thing, but to have drivers override user selections and not providing a new API really makes it seem like microsoft’s intentions might not be so pure after all.
No new UI is needed, just enforcing the UI as the only means to make these changes, which is what Microsoft has done.
<blockquote. But 3rd parties have not been the limiting factor here, it works exactly the way microsoft built it.
3rd parties have been a limiting factor here, even if not the only one. This has been an issue for a while.
And that’s exactly what they did here. A shortcoming of their design is that anybody can change this setting without user permission; this has been fixed.
One way to test Microsoft’s intentions with this is if it still blocks these registry changes if a 3rd party app attempts to switch to Edge as the default browser, rather than Chrome or something else. Of course, this developer didn’t test that.
It’s a huge problem that microsoft has been repeatedly cheating and overwriting user settings to benefit their monopoly. And it’s not a trivial for users to change under microsoft’s dialog when they replaced dozens of file associations and you have to go in and revert them one by one. They need to provide 3rd parties with the same API they they use to change user settings, otherwise it’s obviously not a genuinely impartial solution. The user should be able to decline any unwanted changes including microsoft’s!!! This is critical in order to stop their antitrust abuses. Their goal is to make competing software more cumbersome to use and unfortunately they’re accomplishing that.
I guess we’ll have to agree to disagree, because while I absolutely agree with the above quoted statement, I do not see this minor change as a part of that. I see it from the other side, of 3rd party apps being the ones that are misbehaving by maliciously changing these settings. I see it that way because apart from the user-hostile changes, Microsoft has been walking them back a bit at a time with each release. They have since bundled many of those related web browser settings into a single option (after previously separating each option out). I also have to fix PDF issues quite frequently because Chrome, Edge, and Adobe all like to hijack that setting. (Adobe is the worst, because Acrobat Reader will hijack it from Acrobat Pro DC, and vice-versa)
It’d be nice if everybody played along, but just because Microsoft occasionally hijacks these settings (Less frequently than Chrome or Adobe, in my experience), doesn’t mean they also shouldn’t do anything to prevent 3rd parties from doing it.
Drumhellar,
Of course nobody thinks applications should be changing settings maliciously without permission. But what I don’t understand at all is why anyone is ok letting MS off the hook when they have been guilty of repeatedly the very same malicious changes.
https://9to5google.com/2024/01/30/microsoft-edge-chrome-data-update-windows/
I don’t know if you are just posturing or are you actually ok with microsoft’s double standard?
If you are an MS edge user, maybe you don’t care, but obviously it’s not just MS edge user opinions that matter here. We must put an end to monopolies giving themselves special treatment, otherwise their abusive practices (including the ones you are complaining about) will only continue with windows updates that override the chosen browser.
https://answers.microsoft.com/en-us/windows/forum/all/windows-11-continues-to-default-back-to-edge-how/bbdd2562-f669-4dc9-8e88-71b29b7be5e7
Drumhellar, Alfman,
There is already a perfectly good solution to all these. But Microsoft will never implement it.
Like “Open” file dialogues in sandboxed environments, user interaction can be utilized to give temporary permissions to the program.
So, if Chrome of Firefox, or Adobe Acrobat wants to change settings, they would invoke a UI: “requestRegistryPermission(keys, user/system)” which will allow those changes for the current thread.
And then Windows will make sure the user has consent to what is going on, and only then will allow the change.
Of course, this would be counter to their efforts to force Edge to all users, and making it extremely difficult to change with dark patterns.
This, again. I like how we praise Android and iOS for forcing apps to go through OS APIs to change important system settings (which gives the OS the chance to present a confirmation dialog to the user), but when it comes to Windows, apps should for some reason be free to scribble on the registry, system files, and even other apps. As long as the user clicks a meaningless UAC consent dialog box, the app should be free to scribble away everywhere.
Also, back in the Windows XP->Vista transition days, we even had antivirus vendors defending their “right” to patch the Windows kernel with the use of a kernel driver and complaining that PatchGuard is “anti-competitive”. BTW some AV vendors still patch the kernel to this day by abusing loopholes in PatchGuard left for hypervisors, and it’s the reason I don’t use third-party AVs until the practice of kernel patching by AV vendors is completely eliminated.
Ideally, Microsoft would phase out the UAC/admin requirement from new apps completely (for example, no app signing for you if your app requires UAC/admin privs), but unfortunately they don’t have the guts to do that.
IMO only the user should have root, preferably in some sort of well-hidden (from the casual user) developer mode, and explicitly grant root access to apps from that well-hidden developer mode.
kurkosdr,
This is microsoft’s doing. IMHO competitors would be happy to have an API that actually works and respects user preferences. However 1) in most cases the registry IS the official API for user settings and 2) microsoft did everything in it’s power to impede user choice. I don’t know if you remember, but in the DOJ browser trial they uncovered dozens of separate mechanisms that microsoft were building into the OS to have IE to open instead of the user’s selected browser. The reason browsers are using these awful gimmicks is because microsoft created them and essentially forced other developers to play the same game.
Correct. It’s so easy to automatically presume Microsoft is acting nefariously, since they do so often enough. This driver actually blocks oddball browsers from taking over as default. When I ask our shop’s customers why they use Avast secure browser, for the few that had it, they typically didn’t even know that it was installed, let alone being used, as it looks like Chrome but reports to Avast who then sells their usage data. It’s about time this BS actively was blocked.
Seeprime,
That’s a great idea, but the problem is that microsoft themselves are guilty of the very things you accuse others of doing. Microsoft abusing users of other browsers should not be allowed to stand. For the sake of fairness, they need to lead by example and they should pass a mandate that MS applications are required to use the same APIs and restrictions they’re forcing others to use. I doubt anyone here is against protecting the user from unwanted changes, but it’s completely disingenuous to suggest such restrictions are about protecting user choice when microsoft themselves won’t abide by those same choices. They need to be called out on their hypocrisy.
https://www.theverge.com/21310611/microsoft-edge-browser-forced-update-chromium-editorial
https://www.theverge.com/24054329/microsoft-edge-automatic-chrome-import-data-feature
Have they not learnt anything from the IE antitrust lawsuit in the 90s? This is literally the same, except this time it’s even more blatant (at least back then you could install something else and only have IE running for stuff like active desktop or folders).
Of course they didn’t. The Bush Admin did a 180 degree turn from the Clinton admin and basically gave them less than a slap on the wrist.
Drumhellar,
I don’t it is an admin thing, but a general government issue.
and
It only went up from there.
Regardless of the party colors, large tech companies have learned to fund campaigns of all politicians to make things move smoothly.
(yes I know the “foreign” part, I could not find domestic for those dates)
Thom Holwerda,
I think it’s clear from the MS and Apple EU cases that these corporations are not willing to let progressive EU consumer protections carryover to other markets any longer. We’re going to see operating systems with divergent experiences for consumers based on the jurisdictions we live in. Unfortunately for those of us in the US, where consumer rights are typically very weak, we could end up with domestic platform variations that are more restricted than our european counterparts.
Obligatory “Why are people still using Windows?” post.
Linux has never been better, or more compatible. It’s really a great time to try it out, and see if you really need Windows any more. I know there are still many cases where it’s not possible to switch. But there are many more where it is possible, including, and especially for games (check out Nobara).
I have a native Linux laptop, very recent, and no, Linux is far from being stable and user friendly. For what Linux can do well, a Chromebook can also. And with more user focus (not having to dig into bash commands and script editing). Not even talking about device and application support. Gimp won’t replace Photoshop and its ecosystem.
Kochise,
Chromebooks are technically Linux, and since last few years, they can directly run Linux applications natively (though a container, but it still stands).
https://chromeos.dev/en/linux
Many apps like Xcode, or even Steam games run at very acceptable speeds.
Sure, technically speaking, but that’s not what I was talking about. Kids and grandmas are using Chromebooks and not Linux machines for a reason. Guess why.
Kochise,
I do know kids and grandmas using linux without issue, so I wouldn’t want to hazard a guess, For those needing to run windows software, sure I’d agree linux isn’t for them. But for many users only do web/social media/youtube/news, windows/chromebooks /linux desktops etc all get you there. Unless you have specific need for windows software, I honestly believe the choice of operating system is mostly one of habit because change is frustrating. Yes, even going from linux to macos or windows can be frustrating just like the other way around.
Kochise,
I’m not a fan of either. I don’t do graphics any longer but when I did I had a strong preference for paintshop pro. This was even before adobe pushed users into the “creative cloud” crap. Anyway, PSP doesn’t support linux either, which is a damn shame because it’s a missed opportunity to differentiate themselves from photoshop. Still, there are other solutions that do run natively on linux including Krita, which IMHO is better for artists than Gimp is.
https://krita.org/en/features/
Also, I’d like to point out that much of the software I was using most frequently on windows is actually available on linux too, including inkscape, blender, filezilla, libreoffice, firefox, thunderbird. I do appreciate that some people are stuck with windows-only software, and I personally wouldn’t tell them to switch or presume to know what’s best for them (it bugs me when people do that). But I do think it’s wise to look for software providers that don’t lock customers into one platform, since it’s not good to end up vendor locked and limited in terms of what options we have to migrate in the future.
PSP doesn’t support Linux officially, but at least it’s far easier to get it to run via Wine or Proton than Adobe stuff.
As for replacements for Photoshop, the mistake many people are making is to look for a single app that will replace PS. It’s actually 2 apps. GIMP when you need to remove zits or pimples from a wedding photos or turn up a contrast for your vacation photos, Krita for digital painting.
PSP is indeed very good. Well, *was* very good, until Corel bought it and made it slow like a paraplegic snail. PSP 9 was fast like a tropical hurricane.
Kochise,
I agree with you there, but it’s been long enough that I probably need to try it again.
I have heard this argument for over two decades, and while it’s technically correct it’s also a flawed argument. For the vast majority of people who use Photoshop, they are using the wrong tool anyway. Photoshop is best used in certain specific industries and workflows, and for lesser needs there are tons of easier to learn, easier to use, and less expensive replacements. For most regular users, Paint.net on Windows, Pinta on Linux, and Pixelmator on macOS will cover their needs. For touching up photos taken with one’s phone (which is what most people use), the tools already on the phone are the best ones to use. Photo editing and enhancement features built into both Android and iOS are simply amazing these days.
For those who do need Photoshop specifically for their workflow, they are already using either Windows or macOS because that’s what their employer provides, or if they are freelance they use whichever of the two commercial OSes they are already used to.
And for those who want something closer to Photoshop that can be used on any platform with a web browser, there’s always photopea.com which is free and fairly powerful for a web app.
Morgan,
It might be difficult to explain to those who don’t use Adobe tools, but there is basically no competition.
I am not a professional photographer, but I take this hobby a bit seriously. I shoot RAW and then process them in Lightroom, and also use it for organization.
I have tried switching off of it, without success. There is no other software that even comes close.
(And professionals don’t always have an employer either. Craigslist will have lots of small photography business which could be a single person or two).
Yep, you fall under the “specific workflows” I was talking about:
“Photoshop is best used in certain specific industries and workflows, and for lesser needs there are tons of easier to learn, easier to use, and less expensive replacements.”
I also mentioned freelancers:
“For those who do need Photoshop specifically for their workflow, they are already using either Windows or macOS because that’s what their employer provides, or if they are freelance they use whichever of the two commercial OSes they are already used to.”
Because people don’t buy OSes, they buy computers. And even then, they don’t buy computers for the sake of buying computers, they buy computers for the sake of gaining access to app ecosystems.
I wish more techie people understood the above.
There are currently 2 major ecosystems for desktops and laptops: “Windows PCs” and “Macs”
When I buy a desktop and laptop computer, I want it to work with one of those two ecosystems. Windows gets me access to the “Windows PC” ecosystem, Desktop Linux kinda sorta does but not really:
https://www.protondb.com/search?q=need%20for%20speed
https://www.protondb.com/search?q=tomb%20raider
Just look how few games above are rated “platinum” (which is the rating you want for 100% compatibility), and there are some silvers in there too. There is potential in there, but people don’t buy products based on potential. And then there are many pro apps that Wine doesn’t have perfect compatibility with either. As the old saying goes, “Desktop Linux covers 90% of the apps people need, but the other 10% is different for everyone”.
Does a niche of people who don’t need many apps exist? Yes, it does, and it’s commercially exploited by Google with their Chromebook/Chromebox products.
Does a niche of people satisfied with the Desktop Linux app ecosystem (and the percentage of Windows apps that work on Desktop Linux) exist? Yes, it does, and it’s commercially exploited by Canonical and Valve (Steam Deck).
kurkosdr,
There are more extreme OS fans who exaggerate the qualities of their favorite OS, but I don’t think it’s fair to make generalizations about us “techie people” lacking an appreciation for user needs. Many and even most of us have been affected by the same market dynamics and social pressures as the “normie people”.
Agreed, many developers only cater to the dominant platforms. For better or worse this tends to create market feedback loops that perpetuate monopolies.
Unfortunately protondb lists some titles as “Platinum” that don’t even remotely deserve that status. I bought “stray” for the kids to run on linux via proton and it is full of bugs and crashes and moreover steams forums are full of users complaining about it. Protondb seems not to have attracted the same magnitude of user compatibility complaints. I’m not sure why this is, maybe there is systematic bias in protondb.com contributions? Honestly I have no idea, but in any case in my personal experience the steam forums are more representative than protondb.com of the experience you’re likely to get.
Well, more and more of what people do is done online and large swaths of the software market has gotten displaced by online alternatives. Naturally there are users who still depend on local software, but the widespread shift to online apps has helped make linux more viable for users who previously would have been too dependent on local windows software. Of course everyone’s needs are different, and I don’t deny windows is still important for many, but these trends are unmistakable and it’s not just linux that becomes more viable – I think all platforms that compete with windows are now better able to replace it than they used to be.
Agreed. I’ve been running a Linux desktop for > 15 years now. It is *significantly* better in performance and stability than current Windows versions. Hardware support is excellent. Access to help on the Internet is excellent and always improving. Yes, there is a learning curve but it is perfectly reasonable to build, manage and maintain a system without vast and arcane terminal-fu.
I’ve put a Linux netbook in the hands of an 80 year old FIL who wanted to access his webmail and news, and he was quite content. He didn’t even realize it wasn’t Windows until I told him. That proves Linux is an acceptable substitute from Windows in the hands of a “typical” user.
Microsoft and the big software houses have clearly decided that customer exploitation is just another cash cow. I choose autonomy over victim-hood.
If you want something like a Chromebook for an 80-year-old person, then yes, any Desktop Linux distro makes for a good Chromebook-like device. That’s not news. Most people want access to app ecosystems though, so the following is not true:
Typical users want apps. Most users have one or more WIndows apps or one or more MacOS apps they need to run.
Also:
Enough with the pom-poms, Nvidias are still problematic on Desktop Linux and WiFi still isn’t 100%. And then you have the typically bad power management of Desktop Linux on Windows-centric laptops (aka anything not made by System76). How do you define “excellent”? I don’t blame Desktop Linux for not being 100% compatible with hardware designed for Windows, just don’t make such claims.
To clarify even further: If the typical user didn’t have one or more WIndows apps or MacOS apps they need to run, Chromebooks would have a much bigger market share than they do now.
I will continue to make claims based on my experience. I have several laptops working just fine with power management under Linux.
If your experience is different, you’re welcome to make your point. But if you want to control my speech, then crawl back under your bridge.
>”And then you have the typically bad power management of Desktop Linux on Windows-centric laptops (aka anything not made by System76).”
Do you have a specific problem that occurred with power management?
I’ve used lots of different name brand laptops and I’m trying to think of an issue, other than occasionally I dug into the power settings to stop the wifi card from being put to sleep. That’s a bit irritating when you are working along, getting work done, and all of a sudden the OS decides, “sleepy time for wifi”. But that’s also a very easy fix.
I definitely could not say Windows was a better experience. MS used to put out semi-annual updates that would just crush the living hell out of my uncle’s laptop’s networking and sound. We would spend weeks reading through online forums together trying to find solutions. I don’t know if MS is still doing that, but it wouldn’t surprise me.
How is this NOT Monopolizing the OS? Didn’t Apple get sued for this too?