[+] Wayc0de's Blog[+]

02/10/11

Microsoft security update treats Chrome as malware

Redmond releases same-day correction, but not before Windows Security purges Chrome from user systems

Microsoft security update treats Chrome as malware
Microsoft issued today an update to its security software that wrongly identified Google Chrome as malware and purged it from users' systems accordingly. The Redmond giant has since fixed the mistake, but it has left Google with the task of dealing with the fallout.

Coincidentally (of course), the faux pas comes on the heels of news from StatCounter that Chrome is poised to overtake Firefox this year as the No. 2 most-popular browser in the world.

"Google Chrome has been incorrectly marked as malware by Microsoft security software. Please update your Microsoft security software to version 1.113.672.0, which resolves this issue," according to an alert over at the over at the Google Chrome forums.

Microsoft, meanwhile, posted a somewhat vague alert of its own, starting that it had released a security update today with "an incorrect detection for PWS:Win32/Zbot," a password-stealing Trojan that monitors for visits to certain websites. However, Microsoft neglected to specify in its update just what impact this "incorrect detection" had; the update doesn't even mention Chrome. Evidently, Microsoft would prefer to let Chrome users and Google deal with figuring why, exactly, Microsoft Security Center suddenly started deeming Chrome a security threat and purging it from users' systems.

To Microsoft's credit, it did issue a second update the same day that addresses the error: Signature versions 1.113.672.0 and higher include this update.

One affected Chrome user, with the screen name chasd.harris, started a thread on the Google Chrome forums to report his experience. "I have been using Chrome on my office PC for over a year. This morning, after I started up the PC, a Windows Security box popped up and said I had a security problem that needed to be removed," he wrote. "I clicked the Details button and saw that it was 'PWS:Win32/Zbot.' I clicked the Remove button and restarted my PC. Now I do not have Chrome. It has been removed or uninstalled. The Chrome.exe file is gone. Was there really a problem, or is this just a way for Microsoft to stick it to Google?"

Google reps also provided instructions as to how to go about re-installing Chrome.
  1. Check that Chrome has been uninstalled.
  2. Go to Microsoft Security Essentials (MSE) and update, then verify that the version has a signature of 1.113.672.0 of higher.
  3. Reinstall Chrome.
  4. Perform a full scan of MSE again.

 

Tidak ada komentar:

Posting Komentar