Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Antivirus Briefly Flags Google.com As Malicious

Posted by Soulskill on from the quarantine-all-the-googles dept.

tsu doh nimh writes "Computers running Microsoft's antivirus and security software may be flagging google.com — the world's most-visited Web site — as malicious, apparently due to a faulty Valentine's Day security update shipped by Microsoft. For several hours on Tuesday, PC users browsing with Internet Explorer on a machine equipped with Microsoft Security Essentials or Forefront saw warnings that Google.com was serving up a 'severe' threat – Exploit:JS/Blacole.BW — basically that google.com was supposedly infected with a Blackhole exploit kit. The warning prompted users to 'delete' the threat, although accepting the default action appeared to cause no ill result. The episode is more embarrassing than harmful, given that Microsoft is expected to ship antivirus technology with the next version of Windows."

21 of 123 comments (clear)

  1. And here I thought Windows was the real virus... by Anonymous Coward · · Score: 4, Funny

    Isn't the real virus actually windows?

  2. They may know... by Anonymous Coward · · Score: 3, Funny

    ...something the world does not know !

  3. Aww! by Cyphase · · Score: 5, Funny

    Dear Google,

              Happy Valentine's Day!

                        Your valentine,
                                  Microsoft

    --
    by Cyphase ( 907627 )
  4. Well, Google did that already to MS.. by Giloo · · Score: 5, Funny

    Google already flagged MS France as malicious 2 years ago: http://gilouweb.com/bordel/google_truth.png (Ce site risque d'endommager votre ordinateur meaning: this website might harm your computer) So I guess it's only revenge ;)

    1. Re:Well, Google did that already to MS.. by Bogtha · · Score: 5, Funny

      this website might harm your computer

      To be fair, it does host Microsoft software ;)

      --
      Bogtha Bogtha Bogtha
  5. To be fair by Reed+Solomon · · Score: 5, Funny

    in Microsoft's eyes, they are the most malicious threat in existence right now.

  6. Did not see the behavior on a Win8 VM by AndGodSed · · Score: 3, Informative

    Incidentally I was doing a google search from a Win8 VM and did not see this behavior. I _did_ get a notification to update my spyware/malware definitions for Windows Defender as well, so maybe my definitions did not yet include this snafu.

    Of course I have updated post Vday, so cannot confirm this behavior now, even with an older snapshot.

    --

    Seven Days with Ubuntu Unity

  7. Re:And here I thought Windows was the real virus.. by mr_gorkajuice · · Score: 5, Informative

    It might have been kinda funny some 5+ years ago when someone first told it. Maybe if I came across it less than once per week, I'd eventually find it kind of amusing again.

  8. AV is not really mature yet by gweihir · · Score: 4, Insightful

    I like MS bashing just as much as the next slashdot-poster, but I think here the blame is minimal. AV software based on signatures has a very high probability of doing things like that and testing all common possibilities is very hard or impossible, while at the same time new signatures need to be pushed fast in order for them to be effective.

    That also shows that AV software is, at best, a temporary measure. IMO the future is better OS security (and here MS is to blame), better application security (which is a budgetary and an education/knowledge problem).

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:AV is not really mature yet by nzac · · Score: 3, Insightful

      AV software based on signatures has a very high probability of doing things like that and testing all common possibilities is very hard or impossible

      No basic automated testing of say the top 500 websites and 100 applications to see if they get a false positive is too hard or time consuming. Say they managed to block some local news site that uses some site that uses shitty java-script with adds is a mistake.

      That also shows that AV software is, at best, a temporary measure. IMO the future is better OS security (and here MS is to blame), better application security

      No this incident is does not prove anything like this, just that software needs decent quality testing.

  9. Oh my god by SmallFurryCreature · · Score: 4, Funny

    I just had an image of Steve Ballmer and Bill Gates going down on Larry Page and Sergey Brin (which by the way, google had to guess at being the right answer for being the founder of google) in a nerd love fest...

    My eyes! What has been seen cannot be unseen.

    ...

    ...

    ...

    Oh who am I kidding. Fap fap fap fap fap

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  10. There is nothing incompetence cannot achieve! by coder111 · · Score: 5, Funny

    Let's just wait until they block microsoft.com due to some related screwup.

    Exploit:JS/Idiots.ASS detected

  11. I think by maroberts · · Score: 3, Funny

    Microsoft simply confused Valentines Day with April Fools Day

    --

    Donte Alistair Anderson Roberts - hi son!
    Karma: Chameleon

  12. Icing on the cake by high_rolla · · Score: 3, Funny

    Would have been absolute gold if the message that came up was something along the lines of:

    "We're sorry but Google.com has been identified as a threat to Microsoft *cough* *cough*, I mean your computer. We suggest you fix this by going to Bing.com. Would you like us to make Bing your homepage and redirect all future request for Google to Bing instead?"
    [Yes] [OK]

    --
    Ryans Tutorials - A collection of technology tutorials.
  13. Delete the threat by inpher · · Score: 5, Funny

    So, did anyone manage to delete the threat? Google.com is still running.

    Meh, I guess nobody really reads the warning dialogues anymore.

  14. These things can happen by MrManny · · Score: 3, Interesting

    To be honest, I don't think this is really *that* big of a deal. This can happen. Worse has happened, not only at Microsoft but by other AV products as well. I recall Avast crying out loud over Steam less than a month ago, moving its service into containment. And if I recall correctly, Avast even flagged notepad.exe as a virus once. I specifically mention Avast, because a.) I use it, and b.) it actually scored rather well last time I bothered to look it up in comparative studies.

    As long as there are probabilities involved, false positives and false negatives are bound to happen. When it comes to AV, I don't mind if it errs on the side of caution as long as it doesn't happen too often.

    Mod me down or call me fanboy as much as you want, but I really don't consider this too problematic, regardless of Microsoft being the "aggressor" here.

  15. Re:first! by WrongSizeGlass · · Score: 4, Funny

    And stranger than that, you are not bonch and your post isn't a criticism of Google claiming that they deserve it and Microsoft is right to label them as malicious. What are the odds!

    Perhaps Microsoft was right about the Google homepage on the 14th:
    - MS Security Essentials is written by programmers/nerds.
    - On the 14th, Google had an animated "Valentine's Day" logo.
    - The animated logo was an animated female. Innocent and harmless, but female none the less.
    - As usual, nerds (or in this case MS Security Essentials, the product of nerds) had no idea how to react to a female.
    - When MS Security Essentials determined that the animated female was holding a valentine it panicked.
    - MS Security Essentials protected Windows from Google's trojan horse valentine (metaphorically, of course).

  16. Re:And here I thought Windows was the real virus.. by oakgrove · · Score: 4, Funny

    I think poking fun at Microsoft Google Apple and the whole lot is for the most part almost always funny. Ever considered removing the giant stick from your ass?

    --
    The soylentnews experiment has been a dismal failure.
  17. Re:Needs sanity checks. by Sancho · · Score: 3, Insightful

    You act like this has only happened once.

    Antivirus has detected system files as viruses since the DOS days.

  18. Re:And here I thought Windows was the real virus.. by poetmatt · · Score: 4, Insightful

    It's no different than when they "accidentally" (note the word) flagged chrome as a virus before.

    Expect these accidents to become more frequent as microsoft panics about google competition.

    Apparently this has to happen more than 50 times before people accept that it's not just some magic "mistake".

    see http://chrome.blogspot.com/2011/09/problems-with-microsoft-security.html

  19. Re:first! by hairyfeet · · Score: 3, Interesting

    What bloatware would that be? The firewall in Vista/7 that has pretty damned comprehensive rules based filtering while being easy to use, THAT bloatware? or are you still bitching about a certain 12 year old OS that is going for a record on years of support even though they've passed any legal obligation they had to keep updating the thing, could it be that? Give me a damned break! What's next, you gonna complain that XP which is already 3 generations behind (XP X64, Vista, 7) runs as admin too? Move on dude. Man the world is gonna be full of butthurt nerds when 2014 gets here and XP doesn't get another extension so they will actually have to try to find things in the modern version to bitch about. But don't worry Ballmer is gonna shoot Windows in the face because he wants to be Apple so fucking bad he sleeps with an iPad under his pillow.

    As for TFA frankly if that is the WORST thing an AV does color me happy. We've seen dllhost marked as a bug thus disabling the system, we've seen core boot files flagged as bugs thus bricking the system unless you had a second machine to Google how to fix the first, frankly MSE has been so far pretty harmless. That said even though I use it on my netbook and gamer machines I do NOT use it on the machine I actually do any real surfing on because frankly in my tests it doesn't really DO anything. What I mean by that is while it has a pretty decent scanner for downloaded files that is pretty much it, you load up a webpage with malicious code MSE isn't gonna say a word or try to block that site whereas both Comodo Internet Security and Avast Free stop the page from loading. I will give them credit for being just about the lowest resource using on any AV but the flipside is it simply isn't doing much. So while I recommend it for geeks that actually practice safe computing or for machines like my gamer PC and netbook where the only surfing they are doing is checking webmail or going to well vetted sites like this for regular users I simply can't give it out.

    Maybe its because it was never really intended to be an AV, it was originally Giant Antispy before being purchased by MSFT, maybe the guys at MSFT got tired of AVs slowing down the system so focused on speed above all, who knows, but for a clean computer in my own tests which involved taking an offlease and hitting every topsite and crapsite I could find then using a disc filled with offline scanners to check the system I found MSE on XP scored horribly, MSE on Vista/7 did better simply because OS protections like low rights mode did most of the work, but in no version of Windows did it stop as much as Comodo IS or Avast Free. Oh and since you seem to hate the firewall so much Comodo IS is not only free for home AND business use but also has its own quite excellent firewall built in, which for those that just want one or the other its as simple as unchecking a box during install. For business users or those that want more finer grained controls I'd go with Comodo IS, for those that want a drop and go solution Avast Free is what you want. MSE? Meh only use it if resources are the highest concern, like say on an underclocked netbook (for those that haven't tried Brazos Tweaker it does rock and added an extra hour on my E350's battery) or a gamer system where you simply aren't doing any risky behavior.

    --
    ACs don't waste your time replying, your posts are never seen by me.