Microsoft recently announced a new “extension” as part of an update to its Office 365 ProPlus software that forcibly changes company-wide Chrome and Firefox search engine defaults to Bing search, automatically, from what is likely set to Google. After considerable backlash, the company is reversing course, a bit.
In a predatory fashion, the extension automatically seeks out, through the network and local device file systems, installations of independent browsers (Chrome and Firefox were mentioned) in order to edit configuration files outside its own software ecosystem.
A compromise
In a halfhearted reversal, Microsoft will compromise with modifications that comply more with administrators’ wishes to make the extension optional. This will result in a timeline delay, as well. Rather than automatically changing default search engines for Chrome and Firefox to Bing, administrators are now required to opt-in for it to do so, and actions will initially be limited to only Active Directory joined devices.
This means, at first, the extension won’t act like a worm that traverses the whole network looking for vulnerable computers — until sometime “in the future.”
In the future we will add specific settings to govern the deployment of the extension to unmanaged devices.
Microsoft
It’s still troubling Microsoft plans to do this but is understandable when considering what is often done in tandem with an organization’s rules. IT infrastructure setup and maintenance require super-user levels of control over software installation and configuration settings.
The problem is when organizations are less restrictive, allowing users to install Chrome and Firefox rather than limit them to using Microsoft Edge or past versions of IE. Browser applications get very personalized when authenticated with Google and/or Firefox Accounts for services such as Google search.
No matter how convenient the ability to search for docs and refs from shared drives and Microsoft applications via Chrome and Firefox default search is, users of those browsers should be able to do that through company resources and manage search defaults on their own.
Security implications
In more restrictive organizations, like those that require secure access to sensitive information by authenticated staff, having “overlord” control over networked machines is a vital component of IT systems operations. In those cases, it is commonplace to disallow software installations in the first place.
It stands to reason security incidents can increase when browser search with Microsoft in Bing accesses network resources. Administrators have to take care when considering such applications. They certainly didn’t ask for the features the new extension provides and rightly view the move as one of pure marketing.
It’s when users are allowed to install programs that policy and operations should be less impinging. Automatically changing default search settings to Bing while only providing last-minute instructions for administrators who must take action to prevent the extension from executing was a very poor way to introduce a controversial procedure in Office 365 setup.
Why we care
Ironically, ink from the press about the backlash gave the search capability of Microsoft in Bing a spotlight that the extension may not have received otherwise. Microsoft should not resort to leveraging its Office 365 install base to switch user-defined search defaults from a desired choice to Bing in order to unfairly compete. It demonstrates how much it would like to take search market share away from Google. Bing integrated with Microsoft search competes fairly well with its unique results from network resources, something Google can only emulate with its own suite of interoperable services appearing in search results.