Slashdot Mirror
Microsoft Security Products Flag Google Chrome As a Virus
New submitter maeltor writes "Reports poured in this morning that Microsoft's security products, namely Microsoft Security Essentials and Forefront Client Security, were flagging Google Chrome as a virus (PWS:Win32/Zbot) and removing the browser if users chose to clean and reboot their machines. Users reported that the only way to mitigate the problem was to set MSE and Forefront to 'always allow' Zbot, which is generally considered to be a bad idea."
A Google employee in the above support thread notes that Microsoft has now pushed another update to resolve the issue. "On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified. On September 30th, 2011, Microsoft released an update that addresses the issue. Signature versions 1.113.672.0 and higher include this update."
Microsoft Security Products Flag Google Chrome As a Virus
For once, Microsoft get's it right!
If you want news from today, you have to come back tomorrow.
"Oh, Woops! How did that happen?! So sorry about that Google. Totally a mistake. Totally. Our bad, really."
Meanwhile some clueless user just switched back to IE.
This has never happened in all of computing history.
It looks like they responded within 2 hours - not bad!
Google support ticket with issue and resolution at the top: http://www.google.com/support/forum/p/Chrome/thread?tid=42d6ba02d7eed070&hl=en
I wonder what Chrome did that smelled like Win32/Zbot.
Chrome is a virus. You see, it has caused the marketing people at Mozilla to go crazy with the numbering scheme of FF and as a result, borked up my once good to use user interface into a complete mess of new design, misplaced buttons, screwy single menus and a whole host of unusable extensions. Chrome is a virus... that has killed Firefox.
More Windows users do use it than not, I would suspect. It's free and works just as well as the pay-for competitors. So why not?
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
Even if the problem wasn't so completely lacking in newsworthiness, it was already fixed before the article got posted, so why even bother posting it?
It is as good as most of the competitors products, plus its free and doesn't bog down the system or constantly nag you with useless information.
It is probably the best free antivirus.
Nerd rage is the funniest rage.
...known as Adobe Flash.
make imaginary.friends COUNT=100 VISIBLE=false
Right. Let's face it, Microsoft would have done this on purpose if they had thought of it and thought they could get away with it, but chances are, this was an honest mistake. Test by: the regular (but hopefully infrequent) false positives you get from any antivirus product. Also test by: the speed at which M$ corrected it. Probably nothing to see here.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
After all the times AV products have flagged Windows system files!
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
Sadly, there's nothing better than MSSE + a good AV/AS firewall.
When the foot seeks the place of the head, the line is crossed. Know your place. Keep your place. Be a shoe.
I'm using it right now!
...the future crusty old bastards are already drinking the Kool-Aid.
Actually, it works quite a bit better. And since it isn't an income source, it doesn't nag you constantly.
Not the first time MSFT has flagged competing products as viruses.
Once is happenstance, twice is coincidence, three times is enemy action.
And one more reason not to trust Microsoft's "security."
I'm betting you meant to suggest that the state of security software is pretty wretched these days rather than heap praise on MSSE. Am I right?
It's not as bad as McAfee's "Oh hey, that important system file, you're not using it right? *delete*"
One of my friends was at work for nearly 2 weeks straight after that fiasco.
What do I know, I'm just an idiot, right?
The real reason Microsoft is flagging Chrome as a virus. Since Chrome appears to be a legitimate threat to IE (unlike FF), if enough users believe that Chrome *IS* a virus, perhaps IE will reign undisputed King Of The Browsers.
The difference is: Microsoft has a reputation as a strongly anti-competitive company.
Never had a single false positive with it. Odds are your's aren't. Beat it trollboy.
Patches to IE9 break g-mail's formatting.
"That's the way to do it" - Punch
Actually, it works quite a bit better. And since it isn't an income source, it doesn't nag you constantly.
See that's what I love about Linux. I never see a nag screen. I also have a real package manager too, so I don't have an icon tray full of little annoying pop-ups telling me that such-and-such has an update and that i really need to separately update each individual program one at a time... If you like putting up with that go ahead. I prefer knowing I can i.e. edit a document without being distracted, advertised to, nagged, reminded of things that should be automated, etc.
Looks like we're under a smug alert.. I always find it interesting when Linux fanboys assume that because someone uses Windows, it means they only use Windows.
It *should* have flagged it as spyware.
Yep, http://www.pcworld.com/reviews/collection/5928/2011_free_av.html it's just about on any list....
I remember back in 2010 it hit like #2 in terms of detection, but I can't find that study anymore, it hit like 99.5+% detection. Made me go hmm, I guess MS knows their own shit best. It works, it really does, it's just not very advertised or known because it's free and MS won't spend revenue telling newbs to download it. I prefer it over the ESET we use at work actually, it doesn't f w your system like norton and mcafee do. On that note, I can set up comodo via f'in w my system for a while to be the superior product by a mile, but that probably requires some serious computer knowledge, I can't tell anymore :)
I was just going to say that.
Wasted a good portion of the morning hunting down a non-existent threat.
In my experience for typical users it works better, lately checking AV comparitives, MSE is falling lower and lower on the list of effective catches. MSE's greatest stregnth however, is it's ability to work silently, with a small footprint. When working as a PC tech, my greatest nusance was when after removing a virus, I would load up a PC with avira, run them on firefox, install ad-block. Take 30 minutes teaching them about everything, then I would get a call back 2 weeks later and discover, they disabled avira due to being annoyed by "the pop-ups", and used IE, and were flooded with infections again. MSE has the perk of more or less being so out of the way they don't even notice it. Bottom line, users are getting less and less inteligent, and having idiot proof protection that catches 75% of possible threats, for many users is better then a fictional piece of software that eliminates 100% of threats, but is annoying enough that your dumb users turn it off.
If a product have been detected as a virus, it's often because of keyboard/mouse hook. ;)
Google want to know EVERYTHING
I can't call that English
I've found MSE to be terrible at false positives, flagging more than one perfectly valid file on my computer as some sort of malware.
Worse is that if I tell MSE to let me decide what to do with it, then go look up whether someone else had this problem and/or research the virus or whatever, MSE will *automatically* decide after a short time that it needs to delete it and will do so.
It was at this point when I removed MSE in disgust and promised never to touch that filth ever again.
It's a hush-hush move on MS' part to encourage the individual to research on their own before acting. :)
HUMOR, HUMOR.
I install it on peoples computers who are incapable of re-registering Avast.
Not the best solution, but it doesn't require user intervention unless something really goes wrong. Good for people who have no fucking clue what they are doing.
Don't know something? Look it up. Still don't know? Then ask.
I think he's referring to the fact the the "best" antivirus solution isn't really the best at catching viruses. It just happens to be the best at not making your computer run like crap.
Copyright 2010. All rights reserved. This comment may not be copied in any way including, but not limited to caching.
I've had heuristics tell me "i don't know what this is, i'm showing it to Microsoft is that okay?" but the only "false" positives have only been things named keygen.exe and once renamed, it found nothing wrong with (most) of them ;)
You should try it, it's actually pretty good.
"When information is power, privacy is freedom" - Jah-Wren Ryel
Isn't it about time for your product to remove a critical system component such as LSASS or WinLogon?
Actually, it works quite a bit better. And since it isn't an income source, it doesn't nag you constantly.
See that's what I love about Linux. I never see a nag screen. I also have a real package manager too, so I don't have an icon tray full of little annoying pop-ups telling me that such-and-such has an update and that i really need to separately update each individual program one at a time... If you like putting up with that go ahead. I prefer knowing I can i.e. edit a document without being distracted, advertised to, nagged, reminded of things that should be automated, etc.
Looks like we're under a smug alert.. I always find it interesting when Linux fanboys assume that because someone uses Windows, it means they only use Windows.
Looks like we're under a defensive dumbass alert... I always find it interesting when thoughtless persons assume that because someone uses multiple operating systems, it makes your comments about a particular one of those operating systems somehow less true. What I said about Windows applies to you when you are using Windows. This doesn't change just because you aren't always using Windows. Logic fail. You might as well say that because swans are birds, therefore all birds must be swans. But please keep accusing me of smugness because I don't like Windows, you seem so competent to assess this.
Looks like we're under a myopic moron alert. I always find it interesting when someone can't see any circumstance where someone would use a piece of software other than his preferred piece of software. What I said about the Security Essentials is true when I'm using Windows. What's also true when I'm using windows is that I'm a.) able to play games without spending 2 days looking for workarounds to get the game to run 5 minutes in Wine before it crashes, and b.) able to make money writing windows apps. That, combined with the fact that I don't have to put up with the nagging and such because I use SE, don't install malware, etc. makes for a fine case for using Windows when it suits my needs.
Why not? Common Sense 2.0 covers the big things, MSE is just an insurance policy...
...that my primary OS at home and work is Linux. I guess I'd better check when I go into the office on Monday whether Chrome has been removed from my Windows VM; but given that the Windows VM is primarily used to access the corporate Intranet (most of which absolutely requires IE anyhow, don't get me started...), losing Chrome from there isn't the end of the world. I do 99% of my web access from the Linux host system!
> You think in 2011 microsoft can't possible have come up with a whitelist, or a way to remove a legitimately installed program other than uninstalling it, like deleting the executable (standard antivirus response)?
It's certainly technically possible, but why would Microsoft care about whitelisting Google apps? What does that buy them? Especially for an app Microsoft is giving away for free?
Moreover, even if they had not intended to bugger Chrome, it's not like Microsoft hasn't made phenomenally stupid mistakes in the past. This could have been yet another.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
The righteous indignation is strong with this one. The way I figure it, upon confronting humor, you have three options: (a) laughing because you think it's funny; (b) not laughing because it's not funny to you; and, (42) taking it seriously, getting offended, lecturing the jokester and proving yourself humorless.
I applaud your choice, good sir! 42 is always the right answer.
As a Symantec employee, you're a liar!!!! Viruses are everywhere, block ALL the things!!!!!
Microsoft puts most updates out once a week. Most users that actually update their software and run A/V tests do it at least once a week, so it only needs to be "wrong" for that one week.
What's a five-letter word that begins with an 'H' and ends with an 'R', has a 'U' in the middle, and relates to the use of satire or comical remarks to spark a laugh or amusement in others?
"HURRR", as in "HURRR DURRRRRRR"?
I write bullshit
+1 the above comment.
I'd bet almost anything this guy has Limewire installed on his computer. "False Positives", indeed....
Wait! You're both right! It's spyware AND a virus! Two taste treats in one!
No, wait.. It's a floor-wax AND a dessert topping!
Welcome to my nightmare
For justice, we must go to Don Corleone
I'll bet all the responses to this are from Microsoft.
FUD seems to be their only weapon to keep their shitware on people's computers.
I seem to remember a case not that long ago where a popular AV product would accidentally flag+nuke an (uninfected) core windows file, rendering systems unbootable.
I'm willing to chalk this one up to stupid - but not deliberate - mistake.
There is absolutely nothing in the OP to suggest any sort of humor. It received four insightful mods, and not a single funny mod, so it's pretty clear that most people who read it agree with me.
Trying to claim that you were "only joking!" after someone disagrees with you is one of the most tiresome debate tactics imaginable.
Ahh, misplaced sarcasm, the second lamest sarcasm (next to plausible sarcasm).
again, you are skipping the other part: why, ever, could be labeled an accident, that removing a particular malware = uninstalling a legitimate program? no malware in the world would ever follow proper windows uninstall processes.
What's a five-letter word that begins with an 'H' and ends with an 'R', has a 'U' in the middle
egrep -i '^H.U.R$' /usr/share/dict/*
surnames:Hauer
What do I win?
Disguise it as an FBI key logger
For justice, we must go to Don Corleone
It was fixed in two hours... and released...
to eliminate competition in the browser space.
Byte signature probably.
Avira has the better detections, but yes... when I come back several months later and find it in a dysfunctional state because the user didn't upgrade the program, or didn't notice that the umbrella wasn't opening anymore, or didn't notice that it's not even loading I have to switch them to something else.
Protip: if you are angry and start responding to things the other guy never said, you're going to look and feel like an idiot.
Okay, let's look back at what was said:
If you like putting up with that go ahead. I prefer knowing I can i.e. edit a document without being distracted, advertised to, nagged, reminded of things that should be automated, etc.
That's a pretty strong implication that you (or whichever AC originally posted) does not "put up" with Windows, as well as a veiled insult towards those who do. I merely pointed out that there are legitimate reasons for using Windows, and that the product in TFA improves on the experience of using said OS.
I'd just like to interject here that I run a Windows computer practically full time. It's connected to the Internet (via NAT). I don't have any special firewall software installed except for the Microsoft default one. I do run Microsoft Security Essentials. But the only time I've received a warning from MSE is when I've downloaded something that I'm almost certain was bound to be a Trojan in the first place (serial number generator). Otherwise, in all the years I've been running Windows I've been virus and malware free.
People seem to have this idea that Windows computers are so vulnerable that they'll be riddled with viruses a few minutes after you connect them to the Internet. It's just not true. Most of the people who complain about that stuff are deflecting -- they don't want to admit that they deliberately did something stupid (or illegal) that got them infected.
Breakfast served all day!
MSE updates itself automatically. You see MSE definition updates in Windows Update, but they're marked "Optional" and you don't actually have to download them... you'll get them anyway.
Breakfast served all day!
Considering Google adds its updater as both a service and as scheduled tasks and will reinstall these to keeps the undocumented service always running, always connecting to the internet, I would say spyware.
I never thought of renaming the keygens. MSE has told me on several occasions that keygens are very specific, very likely-sounding Trojans. I kinda believe it. But I'll try renaming one next time.
Breakfast served all day!
Protip: if you are angry and start responding to things the other guy never said, you're going to look and feel like an idiot.
Okay, let's look back at what was said:
If you like putting up with that go ahead. I prefer knowing I can i.e. edit a document without being distracted, advertised to, nagged, reminded of things that should be automated, etc.
That's a pretty strong implication that you (or whichever AC originally posted) does not "put up" with Windows, as well as a veiled insult towards those who do. I merely pointed out that there are legitimate reasons for using Windows, and that the product in TFA improves on the experience of using said OS.
I said "I prefer". It is a preference. That puts it firmly in the realm of opinion. How did you handle that? You felt insulted and felt a need to point out obvious things like the existence of a reason to use Windows or the fact an optional utility can improve Windows. I am sorry you are such an insecure man that you must react this way when you see someone else who has a preference different from yours. I guess if I tell you a flavor of ice cream I like you'll have to point out that not everybody likes it as much as I do.
Man, people sure do suck a lot of dick when they eat $YOUR_FLAVOR. If you want to suck dick, go on eating $YOUR_FLAVOR, but I'm going to eat $OTHER_FLAVOR.
Yeah, in the old days it was always "format.com" that was triggering virus programs (if they were switched to "heuristic" mode only of course). But that was probably to give you an idea what you had to do to successfully program a 3,5" disk drive to work (almost no firmware there, hope you like programming timing in assembly). Not it is probably something like the special process handling that is the trigger.
I almost went and reported a DOS virus myself once. Came out that it was a common but unbelievably weird program that compressed .exe applications. Virus/trojan detection is hard. IMHO it should certainly only be the last defence against virusses. Most users and businesses still think it is the only and best way, which is just dumb.
Read the fine print.
EVERYTHING installs Chrome unless you tell it not to. Or ITunes. Or something else that you don't want.
READ THE FINE PRINT.
Who's to say what is legitimate? My mother has several "helper" apps installed on her PC right now that are known malware. I told her about it, showed her articles, but she *likes* her cute little animated cursor or talking pig or whatever it is. What do you do?
Parenthetically, Microsoft isn't just doing this to Google -- other products are also or have been mangled by the tool. I don't see any compelling evidence that M$ acted maliciously. Except of course for the standard maliciousness of choosing to test against their own products, and, you know, not anyone else's.
Oliver's law of assumed responsibility: If you're seen fixing it, you will be blamed for breaking it.
That's not unlike people who sleep around and are surprised when they get herpegonasyphalide.
However, even the most cautious net user is still vulnerable. There are just too many vectors of attack. I too am cautious when I surf. I never open the attachment of the picture of cute cats that my aunt refuses to stop sending me. I don't follow links people think are hilarious. I run not-windows and not-IE. I have an ad blocker and script blocker.
The thing is, even with all that there are plenty of ways I can get infected. Legitimate websites can themselves get hacked and serve up malware. Places that were fine yesterday may attack my computer today. Virus scanners and firewalls don't always catch the attack. You can even get infected if you never connect to the internet, as we have seen malware find its way onto software distribution CDs. Don't delude yourself. You can only reduce your risk. It is impossible to guarantee that you are 100% virus free unless you never turn your computer on. Ever.
... the SELinux subsystem of my Fedora 14 installation recently flagged Chrome as well, because the executable apparently tried to modify itself. I solved the problem by deinstalling Chrome. Must've come with the latest Chrome update.
Although you're generally correct, MSE is a Microsoft product so it uses the centralised update manager to update - silently - with Windows itself (if you so choose).
Now, fucking Adobe...
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
Must be using a McAfee Enterprise product. I'm not sure those even do anything, because they never actually report anything. Although they do frequently report in their log files that they allowed stuff to happen that would have been blocked by policy (without ever indicating why said policy did not apply).
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
I know of a six letter word which refers to those things, but the U isn't in the middle.
For a site about things like basic rights, Slashdot users sure do like to censor "dissent".