Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Antivirus Briefly Flags Google.com As Malicious

Posted by Soulskill on from the quarantine-all-the-googles dept.

tsu doh nimh writes "Computers running Microsoft's antivirus and security software may be flagging google.com — the world's most-visited Web site — as malicious, apparently due to a faulty Valentine's Day security update shipped by Microsoft. For several hours on Tuesday, PC users browsing with Internet Explorer on a machine equipped with Microsoft Security Essentials or Forefront saw warnings that Google.com was serving up a 'severe' threat – Exploit:JS/Blacole.BW — basically that google.com was supposedly infected with a Blackhole exploit kit. The warning prompted users to 'delete' the threat, although accepting the default action appeared to cause no ill result. The episode is more embarrassing than harmful, given that Microsoft is expected to ship antivirus technology with the next version of Windows."

6 of 123 comments (clear)

  1. Everything's dangerous! by Anonymous Coward · · Score: 2, Insightful

    Since anti-malware programs largely work by looking for known patterns and fingerprints, and the databases of these patterns and fingerprints keep growing steadily, when will we have reached the point where basically every software ever written will fit one of the patterns? :)

  2. AV is not really mature yet by gweihir · · Score: 4, Insightful

    I like MS bashing just as much as the next slashdot-poster, but I think here the blame is minimal. AV software based on signatures has a very high probability of doing things like that and testing all common possibilities is very hard or impossible, while at the same time new signatures need to be pushed fast in order for them to be effective.

    That also shows that AV software is, at best, a temporary measure. IMO the future is better OS security (and here MS is to blame), better application security (which is a budgetary and an education/knowledge problem).

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:AV is not really mature yet by nzac · · Score: 3, Insightful

      AV software based on signatures has a very high probability of doing things like that and testing all common possibilities is very hard or impossible

      No basic automated testing of say the top 500 websites and 100 applications to see if they get a false positive is too hard or time consuming. Say they managed to block some local news site that uses some site that uses shitty java-script with adds is a mistake.

      That also shows that AV software is, at best, a temporary measure. IMO the future is better OS security (and here MS is to blame), better application security

      No this incident is does not prove anything like this, just that software needs decent quality testing.

  3. Re:Needs sanity checks. by Sancho · · Score: 3, Insightful

    You act like this has only happened once.

    Antivirus has detected system files as viruses since the DOS days.

  4. Re:And here I thought Windows was the real virus.. by poetmatt · · Score: 4, Insightful

    It's no different than when they "accidentally" (note the word) flagged chrome as a virus before.

    Expect these accidents to become more frequent as microsoft panics about google competition.

    Apparently this has to happen more than 50 times before people accept that it's not just some magic "mistake".

    see http://chrome.blogspot.com/2011/09/problems-with-microsoft-security.html

  5. Re:first! by LifesABeach · · Score: 1, Insightful

    I'm still working on the part where a group of convicted Liars, and Thieves are still allowed to do business. But then again, I'm amazed that Criminal Law is second to Torts.