Microsoft's Antivirus Briefly Flags Google.com As Malicious 123
tsu doh nimh writes "Computers running Microsoft's antivirus and security software may be flagging google.com — the world's most-visited Web site — as malicious, apparently due to a faulty Valentine's Day security update shipped by Microsoft. For several hours on Tuesday, PC users browsing with Internet Explorer on a machine equipped with Microsoft Security Essentials or Forefront saw warnings that Google.com was serving up a 'severe' threat – Exploit:JS/Blacole.BW — basically that google.com was supposedly infected with a Blackhole exploit kit. The warning prompted users to 'delete' the threat, although accepting the default action appeared to cause no ill result. The episode is more embarrassing than harmful, given that Microsoft is expected to ship antivirus technology with the next version of Windows."
Everything's dangerous! (Score:2, Insightful)
Since anti-malware programs largely work by looking for known patterns and fingerprints, and the databases of these patterns and fingerprints keep growing steadily, when will we have reached the point where basically every software ever written will fit one of the patterns? :)
AV is not really mature yet (Score:4, Insightful)
I like MS bashing just as much as the next slashdot-poster, but I think here the blame is minimal. AV software based on signatures has a very high probability of doing things like that and testing all common possibilities is very hard or impossible, while at the same time new signatures need to be pushed fast in order for them to be effective.
That also shows that AV software is, at best, a temporary measure. IMO the future is better OS security (and here MS is to blame), better application security (which is a budgetary and an education/knowledge problem).
Re:AV is not really mature yet (Score:4, Insightful)
AV software based on signatures has a very high probability of doing things like that and testing all common possibilities is very hard or impossible
No basic automated testing of say the top 500 websites and 100 applications to see if they get a false positive is too hard or time consuming. Say they managed to block some local news site that uses some site that uses shitty java-script with adds is a mistake.
That also shows that AV software is, at best, a temporary measure. IMO the future is better OS security (and here MS is to blame), better application security
No this incident is does not prove anything like this, just that software needs decent quality testing.
Re:Needs sanity checks. (Score:4, Insightful)
You act like this has only happened once. [google.com]
Antivirus has detected system files as viruses since the DOS days.
Re:And here I thought Windows was the real virus.. (Score:5, Insightful)
It's no different than when they "accidentally" (note the word) flagged chrome as a virus before.
Expect these accidents to become more frequent as microsoft panics about google competition.
Apparently this has to happen more than 50 times before people accept that it's not just some magic "mistake".
see http://chrome.blogspot.com/2011/09/problems-with-microsoft-security.html [blogspot.com]
Re:first! (Score:2, Insightful)