Microsoft apologises for serving malware

Send to a friend Print

Help more people find out about this story

Del.icio.us
StumbleUpon

Dan Warne21 February 2007, 10:00 AM

Microsoft has apologised for serving malware via its websites and Windows Live Messenger software, and has promised to tighten checks on companies booking banner ads on its websites.

Microsoft has apologised for serving malware via its websites and Windows Live Messenger software.

APC reader Jackie Murphy reported the problem:

"With Microsoft launching Vista along with their Defender software to protect users from viruses and spyware, it seems therefore to be an oxymoron that they have started to putting paid changing banner advertisements for malware, on the popular MSN groups servers.

"SystemDoctor2006 has made an appearance over the past few days, coming complete with pop-up windows to trap and then cause horrific damage to the computers of unaware users -- causing them to then rush out to purchase Microsoft Defender?

Murphy supplied screenshots of the scam in action:

 

 

 

 

SystemDoctor 2006 is described by many websites as being a "rogue antispyware/malware application installed by malware".

A Microsoft Australia spokesperson confirmed the malware vendor had slipped through its ad booking processes.

"We have learned that Microsoft was notified of malware that was being served through ads placed in Windows Live Messenger banners. As a result of this notification Microsoft immediately investigated the reports and removed the offending ads, as this is a violation of Microsoft's ad serving policy. Microsoft can confirm that the ads are no longer being served by any Microsoft system.

"Microsoft apologizes for the inconvenience and is reviewing Microsoft's ad approval process to reduce the chance of an occurrence such as this happening again. To help customers protect their PCs from malware threats, Microsoft recommends customers follow our Protect your PC guidance at www.microsoft.com/protect."


Related stories

Read more stories about

Post your comment



Reader Comments

 RSS feed Email alert

Sandi Hardmeier:

I am the person who reported the malware outbreak to Microsoft and have been working with them while they track down and contain the outbreak.

Please ask your correspondent to contact me as soon as possible. I would like to talk to her about what she saw, and possibly gather data about where those ads came from.

My report here:

http://msmvps.com/blogs/spywaresucks/archive/2007/02/18/591493.aspx




report abuse reply

Tim:

Um.. Your link doesn't work! I believe this is it here? (NB: Selected HTML tags work in comments)

http://msmvps.com/blog…archive/2007/02/18/591493.aspx

report abuse reply

Sandi Hardmeier:

Thanks for that Tim - I spotted I'd screwed up re tags but knew you guys would find me anyway ;o)

report abuse reply

Sinzen:

I'm sure the guide by MS on how to protect your pc includes installing Windows Defender and their One Care Live.

Boy that would be nice to include those in a guide so they can potentially increase profits for themselves.

In this case they drop the infection onto clients computers and then get the client to pay for their software to take it off. Brilliant!


report abuse reply

bill sanderson:

I'm a little startled that you suggest that Microsoft advises installing Windows Defender as part of its standard suggestions to secure your pc--and that you see a profit motive in that.

Windows Defender is free. It has no ads. If it is a profit center, I'd be interested to hear how that works. It also comes with two free support incidents.

I'll admit that it is also a part of Windows Vista, which is a purchasable product--but you can't buy it without Windows Defender, so it's a little hard to put a price on it...

For the record--here's what Microsoft actually says:

http://www.microsoft.com/athome/security/default.mspx

They don't name specific products, just technologies. I've no doubt that somewhere below that page they may well suggest their own products, but the advice is technology-based, not specific product-based.


report abuse reply

Frank Chapman:

That's the problem with these big companies; they'll do anything to make a buck. Microsoft should stick to its knitting rather than transform itself into an advertising company simply to try to clone Google's success. You don't hear about Google serving malware do you.

report abuse reply

kaka:

Microsoft will kill Google one day .. it is sure.

report abuse reply

Anonymous843273849723:

With what? MSN Search?
Don't make me laugh...

report abuse reply

efflux:

http://www.live.com/
It's what they've position to do it at any rate. I mean, they've already stolen google's design.



report abuse reply

Anonymous{9FFF13CB-962F-4052-B387-0DB7A5C2DA74}:

Sure, apple guys had been saying just about the same thing btw. See what happened to them, allowed to exist and develop under the possession of "the corporation" - google's time is ticking away, if you're asking me.

report abuse reply

Fox:

Haha,I went to the site and saw this link:

"Take a break and play crossword puzzles - FREE!"

Yes, take a break from spending your buck. Play for FREE, for a change. :)

report abuse reply

Caliban Darklock:

Every time I go to Google, I get irrelevant crap on the side of the screen. Some of it is clearly garbage: "Find the best price on broken ribs at eBay!" (No, really, I got that one yesterday.) Just because we know where the crap is doesn't mean it isn't crap, and I fail to understand why people don't already know EVERYTHING behind an ad banner is crap.

report abuse reply