Microsoft Says It Has Resolved an Issue With Bing Which Was Causing It To Push Malware When Users Searched for Chrome

Chris Hoffman, writing for How To Geek: You launch Edge on your new PC, search for "download Chrome," and click the first result headed to "google.com" on Bing. You're now on a phishing website pushing malware, disguised to look like the Chrome download page. That's the story Gabriel Landau tells on Twitter. We were able to reproduce this problem, although it doesn't happen every time. Usually, you'll end up seeing an ad for "https://www.google.com". That goes to the real Chrome download page, and everything is fine. But, sometimes, you'll see an ad for "google.com". Guess what -- that doesn't actually go to Google.com. This ad was created by a scammer and goes elsewhere. Microsoft is apparently not verifying the web address the advertisement actually goes to. Bing is letting this advertisement to lie to people. Microsoft says it has resolved the issue.

(Probably) no underhandedness here

[hcs_$reboot]

Reading the title, my first thought was "fix the issue.. sure!". But it's actually not unlikely that Bing, being much less involved in Chrome than Google..., might render search results not in a way the user expects. Morale of the story: don't always click the first result - or at least check it!

Re:(Probably) no underhandedness here

[phantomfive]

I just checked......now the first search result links to spyware :)

Re: (Probably) no underhandedness here

[houghi]

Sure,but many people have been conditioned to use google.com or bing.com as their place to see other websites. I have seen people typing google.com in the default bing.com page, so they can enter the URL in google for our OWN website.
I wish I was kidding.

Edge has replaced Internet Explorer

[jfdavis668]

As the best web browser to use to download a better web browser.

Re:Edge has replaced Internet Explorer

[laffer1]

Edge is decent at rendering web pages. However, a few misconfigured network settings and it can't even load pages on some networks. If you allow "discovery" on networks behind pfsense, it can't work properly.

The other issue is that it has far less ad-ons than Firefox or chrome.

Finally, Opera is Chromium. Chrome is Chromium. They are the same browser with a different UI. It's all blink.

So MS finally admits it?

[El+Cubano]

Microsoft Says It Has Resolved an Issue With Bing Which Was Causing It To Push Malware When Users Searched for Chrome (emphasis added)

Glad to see MS finally admitting the true nature of Edge.

You know, after all, that the first step on the road to recovery is admitting you have a problem.

Re:So MS finally admits it?

[CeasedCaring]

You mean this? https://i.redd.it/hlfo7oahjvrz...

I am not sure if this helped MS or not.

[jellomizer]

Sure Microsoft is in competition with Google for both its Search Engine and its browser. But having Bing go to a Malware site, which infects your Windows PC. Makes Windows, Edge, and Bing all look bad, as well as Microsoft for trying to be underhanded.

With all the attention to prevent Google Chrome from taking more Edge share away I would expect Bings relationship with searching for a Google Product should be tightly controlled and managed, and mostly in a way to insure fairness and get good sets of data. I would expect the #1 result would be from Microsoft Telling you why Edge is So much better then chrome. But as #2 it should be googles download.

Re:I am not sure if this helped MS or not.

[Vlad_the_Inhaler]

I helped a friend set up her brand new machine at a time when Windows 8.1 was current. We downloaded Firefox using Internet Explorer and the free 1-Month copy of McAfee started screaming. It was right - we had been directed to a malware-infested version of Firefox.
A day or so later she installed a second virus scanner without removing McAfee and the system ended up reverting to a previous snapshot - before all of our installs - because it could not handle that any other way. Sigh.

" Bing is letting this advertisement lie people."

[mark-t]

#badtransitiveverbs

(facepalm)

Re:" Bing is letting this advertisement lie people

[tsqr]

#badtransitiveverbs

(facepalm)

...or maybe it's just bad punctuation: "Bing is letting this advertisement lie, people!

The only thing Edge is good for...

[GeLeTo]

... is downloading Chrome. Oh, wait...

They mean it pushed Edge?

[gweihir]

Makes sense.

Ads are a Virus.

[Deathlizard]

It's 2018. This crap has been going on for almost 8 years now. And it's not just Bing. Just about every search engine with ads has or has had this problem.

If it's a popular app, and your search engine has ads. Guaranteed there's a Virus Inc. buying adwords for it.

1) If someone is buying Adwords for any app, and it's NOT the company or group that maintains the software, ban it.
2) If you can't verify #1, don't allow it until you can.
3) It if sounds or feels shady in any way, don't allow it.
4) If it's going to a aggregate site not directly affiliated to the company, ban it.
5) If ANYONE auto redirects from the Adword link in any way. Legit or not. even after a minute. ban it.
6) Every dropper malware I see only drops a payload once. If you see one drop. Ban it. In fact ban every ad with that domain for at least a month or more. Preferably for life.
7) Since you're monitoring every click anyway, browse the link when it's clicked every time and make sure they are getting a clean page. If at any time, you're being redirected because it sees the traffic coming from you or the script is actually stupid enough to drop malware to your IP, ban it.
8) Better yet, enforce and serve the complete ad site yourself and pull it cloudflare style. Check any links or files clicked or downloaded from the site. Guaranteed your IP's / crawlers are blacklisted so that a malware payload won't drop if you pull it. Best case is that it never drops a payload cause you're pulling it and sending it to the user. Worse case is it drops malware on your pull request, at that point, show the user the "Site has a problem" page and ban it.