We have been releasing our Electron-based app for Mac and Windows for the last 2 years, but recently we started having a problem when releasing new versions for Windows. From the recent the new releases are being flagged as "PUA (Potentially Unwanted Software) PUAAdvertising:Win32/CrossRider" by Microsoft Virus & Thread Protection.
We publish our app to an AWS S3 bucket and we use electron-updater which detects if newer version was released and then downloads the latest .exe and installs it. As I can see the latest version successfully gets downloaded at \AppData\Local\theappnamehere-updater\pending\theappnamehere.exe. But it fails to be installed since Windows Defender flags it as PUAAdvertising
I had to manually mark the app with "Allow on device" settings, for the warning to be removed.
I also tested to release previous versions since I thought the problem could start happening because of recent changes in the codebase, but it didn't help.
Anyone had a similar problem?
"electron": "23.1.0",
"electron-builder": "23.6.0",
"electron-updater": "^4.3.9"
Certificate that we use is from DigiCert .p12 code signing certificate
Update on the problem that we faced, we have got offical update from Microsoft and the problem of detecting our app as PUA is on their side. It appeared to be false positive
Message from MS representative:
Now we need to inform all of our clients to update their MS security intelligence