This file is not commonly downloaded and could harm your computer

Question:
I have digitally signed my files with my Authenticode Signing Certificate (Code Signing), yet my IE9 users see a message containing: “This file is not commonly downloaded and could harm your computer.” What can I do?

Answer:
Your software needs to build up a reputation within the Windows community. The more that download and run your file, the better.
As per Microsoft:
Downloads are assigned a reputation rating based on many criteria, such as download traffic, download history, past antivirus results and URL reputation. Reputation is generated and assigned to digital certificates as well as specific files.

As an application developer, there are industry best practices that will affect your download’s reputation. To help establish your application’s reputation, consider doing the following:

Digitally sign your programs with an Authenticode signature

Reputation is generated and assigned to digital certificates as well as specific files. Digital certificates allow data to be aggregated and assigned to a single certificate rather than many individual programs.

Ensure downloads are not detected as malware

Downloaded programs that are detected and confirmed as malware will affect both the download’s reputation and the reputation of the digital certificate.

Apply for a Windows Logo

To learn more about the Windows Logo visit the Windows 7 Logo Program page on MSDN. This is a free process for signed programs that can help establish reputation for your download.

Related Articles

• SmartScreen Filter: frequently asked questions
• Blog: Installing an Application Using Internet Explorer 9
• “Stranger Danger” – Introducing SmartScreen® Application Reputation