Weather | TV Guide | Horoscopes | Competitions

Hotmail
Messenger
Mobile

Microsoft apologises for serving malware

Send to a friend

Dan Warne21 February 2007, 10:00 AM

Microsoft has apologised for serving malware via its websites and Windows Live Messenger software, and has promised to tighten checks on companies booking banner ads on its websites.

Microsoft has apologised for serving malware via its websites and Windows Live Messenger software.

APC reader Jackie Murphy reported the problem:

"With Microsoft launching Vista along with their Defender software to protect users from viruses and spyware, it seems therefore to be an oxymoron that they have started to putting paid changing banner advertisements for malware, on the popular MSN groups servers.

"SystemDoctor2006 has made an appearance over the past few days, coming complete with pop-up windows to trap and then cause horrific damage to the computers of unaware users -- causing them to then rush out to purchase Microsoft Defender?

Murphy supplied screenshots of the scam in action:

SystemDoctor 2006 is described by many websites as being a "rogue antispyware/malware application installed by malware".

A Microsoft Australia spokesperson confirmed the malware vendor had slipped through its ad booking processes.

"We have learned that Microsoft was notified of malware that was being served through ads placed in Windows Live Messenger banners. As a result of this notification Microsoft immediately investigated the reports and removed the offending ads, as this is a violation of Microsoft's ad serving policy. Microsoft can confirm that the ads are no longer being served by any Microsoft system.

"Microsoft apologizes for the inconvenience and is reviewing Microsoft's ad approval process to reduce the chance of an occurrence such as this happening again. To help customers protect their PCs from malware threats, Microsoft recommends customers follow our Protect your PC guidance at www.microsoft.com/protect."

Comments

RSS feed

Email alert

Sandi Hardmeier:

I am the person who reported the malware outbreak to Microsoft and have been working with them while they track down and contain the outbreak.

Please ask your correspondent to contact me as soon as possible. I would like to talk to her about what she saw, and possibly gather data about where those ads came from.

My report here:

http://msmvps.com/blogs/spywaresucks/archive/2007/02/18/591493.aspx

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

Tim:

Um.. Your link doesn't work! I believe this is it here? (NB: Selected HTML tags work in comments)

http://msmvps.com/blog…archive/2007/02/18/591493.aspx

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Sandi Hardmeier:

Thanks for that Tim - I spotted I'd screwed up re tags but knew you guys would find me anyway ;o)

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Sinzen:

I'm sure the guide by MS on how to protect your pc includes installing Windows Defender and their One Care Live.

Boy that would be nice to include those in a guide so they can potentially increase profits for themselves.

In this case they drop the infection onto clients computers and then get the client to pay for their software to take it off. Brilliant!

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

bill sanderson:

I'm a little startled that you suggest that Microsoft advises installing Windows Defender as part of its standard suggestions to secure your pc--and that you see a profit motive in that.

Windows Defender is free. It has no ads. If it is a profit center, I'd be interested to hear how that works. It also comes with two free support incidents.

I'll admit that it is also a part of Windows Vista, which is a purchasable product--but you can't buy it without Windows Defender, so it's a little hard to put a price on it...

For the record--here's what Microsoft actually says:

http://www.microsoft.com/athome/security/default.mspx

They don't name specific products, just technologies. I've no doubt that somewhere below that page they may well suggest their own products, but the advice is technology-based, not specific product-based.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Frank Chapman:

That's the problem with these big companies; they'll do anything to make a buck. Microsoft should stick to its knitting rather than transform itself into an advertising company simply to try to clone Google's success. You don't hear about Google serving malware do you.

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

kaka:

Microsoft will kill Google one day .. it is sure.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Anonymous843273849723:

With what? MSN Search?
Don't make me laugh...

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

efflux:

http://www.live.com/
It's what they've position to do it at any rate. I mean, they've already stolen google's design.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Anonymous{9FFF13CB-962F-4052-B387-0DB7A5C2DA74}:

Sure, apple guys had been saying just about the same thing btw. See what happened to them, allowed to exist and develop under the possession of "the corporation" - google's time is ticking away, if you're asking me.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Fox:

Haha,I went to the site and saw this link:

"Take a break and play crossword puzzles - FREE!"

Yes, take a break from spending your buck. Play for FREE, for a change. :)

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Caliban Darklock:

Every time I go to Google, I get irrelevant crap on the side of the screen. Some of it is clearly garbage: "Find the best price on broken ribs at eBay!" (No, really, I got that one yesterday.) Just because we know where the crap is doesn't mean it isn't crap, and I fail to understand why people don't already know EVERYTHING behind an ad banner is crap.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Sandi Hardmeier:

There is the incident where Google announced that a member of its video team had sent the worm, W32/Kasper.A@mm, to members of a Google Video Blog discussion list

You should also check out Ben Edelman's site where he discusses malware being advertised via Google Ads.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Mark:

Purchase Microsoft Defender ?? Umm the last time I looked :)

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

SomeGuy:

I love how everyone instantly assumes the worst about Microsoft. Haters anybody?

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

TSA - Thousands Standing Around:

You love it? Really, were you born yesterday? Back in the 80's Bill stole an OS called DOS, modified the front-end
slightly, (names of executables) and put it on the market as an origonal product!! He stole it! Not only once, but where do you think Windows 2.0 came from???

So, yes, M$ and Billy Gates have been creating hatred of their products for decades.

Doesn't it make you angry that Vista costs a small fortune and takes up GB's worth of disk space, and runs like crap on your current hardware??? Which forces you to go spend more money on faster hardware, more RAM and a different video card that supports DX 10!!!

I don't know about you, but I'd like to see this as%^$#le and his company ship a product that was smaller/faster/easier to use and cost less!!! Without forcing average consumers into buying $2000 worth of NEW hardware - to do the same things they have been doing.

It's one thing for a consumer to want new hardware, different thing to FORCE them in it!!

That's why I HATE M$ so much!

Bloated, worthless OS, requiring a supercomputer to run Word, email and Excel!!!

CRAP!!!

My 2 cents!

Cheers!

TSA (Say hi the next time you fly, will ya!)

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Treblemaker:

If you thought M$ had us over a barrel, then here's more stuff:

1. If you decide to upgrade to Vi$ta from XP, and then decide to revert back, you're out of luck.. can't be done. Only way might be to completely format and do a fresh re-install... and not sure if that will work...

2. Might be wrong on this one, so correct me if you know better, but if you have a hard drive crash on you, more than once, or you just need to transfer to some new machine, M$ will only allow you to do it once. Once. You have another HDD crash? Gotta buy a new ViSta copy.

But ya know, I think we only have ourselves to blame here... Let this get way out of hand. Too many people woke up way too late.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

DiggerP:

Don't worry.
In a situation like that you do 2 installs:
1.Using upgrade CD,do a fresh install (not upgrade)
2.Then do a 2nd install,this time choose the upgrade..

Check this link:
http://windowssecrets.com/comp/070201

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Tux:

I also laugh at your silly Windows.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

klem:

Its all very well for Microsoft apologising for this happening, but what they should do now is tell those of us who are suffering with these annoying pop ups, how to remove the malware from our systems as it appears to spread through home networks as well

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

f0rw4rd Sl4sh:

I am sure Bill and Steve were sitting there puffin a J and Steve says "You know what? sss...ssssss We don't have our own brand of virus yet, maybe we should corner that market too".

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

AnonymousPerson:

That is a good one dude ! I wouldn't be surprised if they do that too ... hehehe

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

John Smith:

Sorry, but, I hate misspelled words.

apologize
One entry found for apologize.

Main Entry: apol·o·gize
Pronunciation: -"jIz
Function: intransitive verb
Inflected Form(s): -gized; -giz·ing
: to make an apology
- apol·o·giz·er noun

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

Oz Stu:

Apologise IS the correct spelling in Australia where the article was written, and in england where the original word came from before it was changed 'for US use'.

So Nyah.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

BK:

"Apologise" is a valid British variant of "apologize". You, sir, are a douche.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Stu Oz:

Actually, apologize is the US variant of the original English word apologise.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

raindog:

Grow a life John! Really!!!

I knew what the author was saying! You knew what the author was saying! Get over yourself!

If it irks you that much go chain yourself to the railing at the nearest Microsoft offices and refuse to leave until they stop those random defaults of their spell-checkers to US English.

If your really sad, feel free to check my spelling and grammar now.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

ed:

ms should not be solely to blame for this. anyone can get a ad program rolling and then switch dns or change the content after the fact.

when a site allows others to insert content they are really loosing control of the site.

what i cannot understand is why, given their wealth are they even looking for advertising revenue?

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

SteveO:

Robert Heinlein said "You have attributed conditions to villainy that simply result from stupidity."

Why would Microsoft intentionally do something that they should know would just cause a big doo dah and get everyone all upset. This incident is explained much better by a plain simple incompetent inattention to someone's job.

I would like to add that Microsoft does what they do because they have become one of the most successful companies in history by executing a solid business plan brilliantly. They are not going to change anything until the market tells them that they need to change. These days, there are other choices available: Apple, Linux, Sun, etc.

I did not like Microsoft's policies, and I did not like their prices, so I changed to Linux in 2003 and have never looked back.

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

Dugudeia Murdstone:

"I would like to add that Microsoft does what they do because they have become one of the most successful companies in history by executing a solid business plan brilliantly."

Like buying a potential competitor, steal its ideas and later patent them as it were your own ideas???

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Clear_Thinker:

In the world of business, IP and company acquisition for commercial gain is a very sensible business plan (more sensible than wasting resources on developing inferior homegrown alternatives). And besides, if they bought the company, how can they steal its ideas if they own it?

I'm not particularly pro-Microsoft, but I am anti ill-thought-out comment...

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Dugudeia Murdstone:

Clear_Thinker wrote:

"And besides, if they bought the company, how can they steal its ideas if they own it?"

Typical American crap. You may own the ideas you bought, Mr. Dollar, but it won't make them your own creation. This what I meant.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Dorinda:

A good business plan? If that's a business plan then Hitler had a good business plan too. I guess the crusaders had a good business plan as well.
You can't justify being a complete asshole that hurts thousands and uses oppressive bully tactics because you made a lot of money. What sort of asshole are you?
I guess it's ok to blow up some dams, cause a drought and then exploit the victims too. Hell why not just become a kidnapper and get rich off extortion? If you get away with it you can call it a good business plan.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Anonymous_1:

Hmm it didn't take long for Godwin's Law to pop up in this thread....

http://everything2.com/index.pl?node=Godwin's%20Law

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Ugly:

My but that's funny. I never heard of Godwin's Law but I have to admit, there seems to be some truth in it.
When I tell people I intended to name my first son Adolphe they freak out not realizing I meant Adolphe Sax(e), inventor of the saxophone and not Adolf H.
The child turned out to be a girl so we picked a totally unrelated name.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Jesse:

Of course Godwin's law is invoked when discussing Microshaft. Microshaft are an evil pack of monopolists that destroy everybody that opposes their insane lust for dominance over the world. They are convicted criminals that invade your privacy through clandestine means to make sure you do everything how they think it should be done.
If ever there was a company that deserves to be comapared to Nazis, Microshaft is it. The similarities between their elitist philosophies is astounding.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Andrew:

Microsoft has hurt thousands? *dumbfounded look* Comparing MS to hitler is more than stupid. It's insulting and ignorant.

Honestly some of you people are mad. MS is a company like any other. They are not evil, they are competitive and they compete well. That's all.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

Dorinda:

You don't call driving thousands out of business with underhanded tricks hurting people? Don't you read books? The comparison with Hitler and the Crusaders is valid, it doesn't have to have the same degree of criminality to follow the same logic. If you don't consider purposely trying to monopolise a market at the detriment of all others isn't evil then you are morally challenged.

29 February 2008, 8:38 PM (2 years ago)report abuse Send to a friend

A_Reader:

http://msmvps.com/blogs/spywaresucks/
archive/2007/02/18/591493.aspx

I think this is the url from above

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

gollux:

This is why you should run adblock software.

In a case of you protecting your computer vs. websites gaining revenue from unfiltered, unvetted third party ad banner (malware injection services) suppliers, it's your computer and since you cannot trust the third party to supply clean product, it MUST BE BLOCKED.

If they are collecting the ads themselves, checking them for validity and displaying them from their own servers, I can see viewing the ads to help increase their revenue.

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend

If_I_could_ignore_micro$oft:

Here is my story,

being finnishing off my assignment, and just 2 hours after the installation of MS Messanger it slowed down the comp and messanger disconnected from the net.

i thought of restarting it but it could not even restart the maschine in safe mode. I could not mount the file system ( to recover files ) from linux live CD ...

this is un-forgivable to m$, I had to redo the whole thing again since the file extensions are such that recover software do not look for those in lost files.

almost failed to deliver the assignment in time.

the only reason of using M$ is the most stuff at the uni run on M$, otherwise I would opt to alternatives.

anyway any kinds of M$ messangers will never be part of the system I run ever.

29 February 2008, 8:30 PM (2 years ago)report abuse Send to a friend