Microsoft has apologised for serving malware via its websites and Windows Live Messenger software.
APC reader Jackie Murphy reported the problem:
“With Microsoft launching Vista along with their Defender software to protect users from viruses and spyware it seems therefore to be an oxymoron that they have started to putting paid changing banner advertisements for malware on the popular MSN groups servers.
“SystemDoctor2006 has made an appearance over the past few days coming complete with pop-up windows to trap and then cause horrific damage to the computers of unaware users — causing them to then rush out to purchase Microsoft Defender?
Murphy supplied screenshots of the scam in action:
SystemDoctor 2006 is described by many websites as being a “rogue antispyware/malware application installed by malware”.
A Microsoft Australia spokesperson confirmed the malware vendor had slipped through its ad booking processes.
“We have learned that Microsoft was notified of malware that was being served through ads placed in Windows Live Messenger banners. As a result of this notification Microsoft immediately investigated the reports and removed the offending ads as this is a violation of Microsoft’s ad serving policy. Microsoft can confirm that the ads are no longer being served by any Microsoft system.
“Microsoft apologizes for the inconvenience and is reviewing Microsoft’s ad approval process to reduce the chance of an occurrence such as this happening again. To help customers protect their PCs from malware threats Microsoft recommends customers follow our Protect your PC guidance at www.microsoft.com/protect.”