Remond has updated its paid System Center Endpoint Protection and Forefront Endpoint Protection services with a feature to kill spammy and advertising injecting programs operating from within enterprise networks.

The upgrades will help system admins to eliminate potentially unwanted programs (PUPs) from networks that are not explicitly malware but at minimum are annoying and will escalate corporate attack vectors.

Microsoft security bod trio Geoff McDonald, Deepak Manohar, and Dulce Montemayor say the PUP destroyer will be delivered through automatic updates.

"These applications can increase the risk of your network being infected with malware, cause malware infections to be harder to identify among the noise, and can waste helpdesk, IT, and user time cleaning up the applications," the trio say.

"Typical examples of behavior that we consider [to be PUPs] include ad-injection, many types of software bundling, and persistent solicitation for payment for services based on fraudulent claims."

Annoying applications and reckless download bundlers foisted on users from major software attics will be blocked at download and install time if the opt-in feature is enabled.

The Redmond trio says admins should explicitly ban the installation of unsanctioned apps in corporate IT policies. If that is not practical, then admins using the new PUP killer should alert users that some downloads may be blocked. ®