Windows Defender在安装有效签名的应用程序时会发出警告

         概述：为什么有了普通的代码签名证书签名软件后，还是会别smartscreen拦截，然后需要相应的下载量来消除这个提示；那么如何

通过什么方式来立马建立软件的有效声誉而不被拦截呢；

微软官方和博客如下：

That's the normal message for any new application for several years now, since the app must develop a reputation by receiving a significant number (3,000+ I believe I've read in the past) of accepted downloads before that message can be bypassed even with a certificate.

As this MSDN article from 2013 indicates in the following paragraphs, only an EV (Extended Validation) certificate will immediately establish reputation due to the more stringent developer validation that these require, as well as their higher cost for that process of course.

Rob

https://blogs.msdn.microsoft.com/smondal/2013/01/08/windows-smartscreen-prevented-an-unrecognized-app-from-running-running-this-app-might-put-your-pc-at-risk/

*P.S. The goal of the Application Reputation experience is to warn users, when appropriate, that a downloaded application has not yet established a reputation.

Reputation is established by SmartScreen® service intelligence algorithms based on how an application is used by Windows and Internet Explorer users. Reputation may be based on the downloaded application or can also be assigned to the publisher based on digital certificate information.  Only Authenticode Certificates issued by a CA that is a member of the Windows Root Certificate Program can establish reputation. Digital certificates allow data to be aggregated and assigned to a single certificate rather than many individual programs. Although not required, programs signed by an EV code signing certificate* can immediately establish reputation with SmartScreen reputation services even if no prior reputation exists for that file or publisher. EV code signing certificates also have a unique identifier which makes it easier to maintain reputation across certificate renewals.

in the blog Microsoft SmartScreen & Extended Validation (EV) Code Signing Certificates

大意如下：

     这是几年来任何新应用程序都会提示这个显示消息框，因为该应用程序必须通过获得大量（我相信我已经读过3,000多个）用户的下载来赢得声誉，甚至使用证书。

正如MSDN在2013年发表的文章在以下标题中指出的那样，由于EV（扩展验证）证书要求开发人员进行更严格的验证，并且过程成本较高，因此它们将立即建立声誉。

https://blogs.msdn.microsoft.com/smondal/2013/01/08/windows-smartscreen-prevented-an-unrecognized-app-from-running-running-this-app-might-put-your-pc-有风险/

* PS应用程序信誉体验的目标是在适当情况下警告用户已下载的应用程序尚未建立信誉。

信誉由SmartScreen®服务智能算法根据Windows和Internet Explorer用户如何使用应用程序来建立。信誉可以基于下载的应用程序，也可以基于数字证书信息分配给发布者。只有作为Windows根证书计划成员的CA提交的Authenticode证书才能建立信誉。数字证书允许将数据汇总并分配给特定证书，而不是很多单独的程序。虽然不是必需的，但通过EV代码签名证书*签名的程序可以立即建立信誉SmartScreen信誉服务，甚至该文件或发布者的先前信誉不存在。EV代码签名证书还具有唯一的标识符，这使在证书续订中维护信誉变得更加容易。

如博客Microsoft SmartScreen和扩展验证（EV）代码签名证书中所述。

转载于微软官方社区