Pandemonium as Microsoft AV nukes Chrome browser Users of Google's Chrome browser are in an uproar after antivirus software from Microsoft classified it as virulent piece of malware that should be deleted immediately. On Friday, a faulty signature update for both Microsoft Security Essentials and Microsoft Forefront incorrectly detected the Chrome executable file for Windows …
An accident just waiting to happen, just happened.
Every time someone pushes the button to rollout an update, they have to pray that it'll only take out intended targets - killing Chrome is a huge FU.
Don't they have an in-house representative test bed of a selection of typical user setups before going wild?
"Chrome users that do not send usage statistics to Google are unaffected"
Admittedly, such an in-house test bed would probably not be sending usage statistics to Google, so how could they have known the scale of the impact?
I feel sorry for the affected users and whoever's ass is going to get kicked to Mars for this...
"An accident just waiting to happen, just happened."
It hasn't been waiting, it's happened several times already. AV updates have hammered legit software more than once in the past. And the fact that it's happened before in a way makes it even worse each time it happens.
But this should be a lesson to everybody to set their AV software the prompt for an action for every positive. And for every IT department to test updates before they roll out.
Chrome **IS** a malware. Every AV should detect and obliterate it.
Even Android phones are a piece of malware, as friends of mine who have it have sent Google all my contact data (phone numbers, addresses, email address, date of birth, etc. etc.) without asking **MY** permission.
Yes because its way over-complicated so the chances of getting it configured properly are lower. Also Windows is installed with settings that are by default insecure. So you have a ton of work ahead of you even if you understand all that stuff.
The whole Windows model is fundamentally insecure, partly as a result of Microsoft software architects getting away with making stupid design decisions, and partly because windows was originally never meant to be an OS itself, let alone a professional multi-user environment. Consequently it still has many stupid legacy issues in its design.
Such as, mechanisms like the registry and the fact that when you install apps they can and usually do put stuff into the Win32 directory, No 'proper' OS would have a model where just installing user applications extends the Operating System itself.
// presumably you mean by having a tiny install base that's not worth targetting...
Exactly, if instead of one huge target we had a number of smaller ones, then these problems would all be far less serious... Why do you think browser exploits are less common now that no browser commands 90% marketshare, and the most common attacks now target software which still has a huge market share.
>>Exactly, if instead of one huge target we had a number of smaller ones, then these problems would all be far less serious... <<
Incompatible hardware. Incompatible software. More tightly bound together than OSX and the Mac are now.
There are no economies of scale.
Prices remain high, market penetration remains low. The introductory price of the C-64 was $1326, adjusted for inflation.
Companies enter and exit the business at a bewildering pace, leaving you high and dry. You had a computer.
Now you own a souvenir paperweight.
>> Its impossible to prevent virusses on the OS level these days.
You're very wrong. Especially if you're talking about virusses that get in through the browser.
Windows especially sucks at security. Consider running a browser in a sandbox under an OS that properly implements permissions like Linux. . Even the most virulent website wouldn't have a hope of being able to infect your OS.
Don't recall the first two, but I wouldn't be surprised by them. But when an AV signature kills a couple of hundred programs in an office, even a decent backup process won't fix it in minutes. The McAfee one was particularly bad. Most systems we were able to repair, but a few of them wouldn't let us get in even as a local admin. No local admin, no backup.
Yeah, I have to support McAfee, but not by my choice.
You ain't kidding.
The fact that apparently only users who send usage stats back to Google should give these people a clue. Chrome behaves in some respects like a trojan. It just happens to be that the users have asked it to behave like that.
I've been warned before that certain software is exhibiting behaviour like a particular trojan. Could it be that MS are too keen to shoot first and ask questions later.
"Chrome's beta version is unaffected, making it a suitable substitute until Microsoft can correct the error"
Until you try and go back on release ver and it tells you your profile has been upgraded beyond that version.
As for the false poz, it happens, but the clients were configured to quarantine (and thus able to restore after new defs downloaded) not delete... right?
...who are not a bit quirky themselves. I am quirky myself and tried opera several times over the years but simply could not live with it, although I can understand why some people do like it, especially with very fine grained control over individual site security etc.
Since firefox changed to the awful 4+ i have bizarrely started to use IE9. I have not used IE of my own free volition ever, I even preferred Netscape when there were only the 2 choices, but now IE9 is very safe if on limited rights account and MS are doing a much better job that Google and others at identifying and blocking malicious sites.
I recently carried out my own tests and the MS solution was surpisingly effective, and together with the blocking from Malwarebytes Pro it has stopped almost all of the really nasty things that I threw at it, and the rest was stopped by PrivateFirewall HIPS. MS Essentials is also there to check only downloads and incoming files onto the system as an extra condom, just in case.
Back to the point, MS are doing a much better job these days,apart from the very rare false-positive mentioned here, and in some cases are better than the competition, strange as it seems to me, but my own tests have proven it. Professional tests have shown that MS actually have one of the most impressive fals-positive rseults of any AV, but Google definitely behaves like a trojan and so they deserve it.
I do use Opera at home, not configured the remote bookmarks which I think I will do when I return home then if it does occur reinstall login and download.
I was pretty sure Chrome and Firefox had this feature as well if linked to a Google/Mozilla account? Probably looks like a much more useful feature today.
It may come as a shock to some, but there are people in the world who evaluate products on the basis of usefulness rather than which company released them. Accordingly, large numbers of people use MSE and its corporate cousin for antivirus while also using non-MS web browsers (around here, usually Firefox, with a few Opera holdouts and one or two Safari nuts. No Chrome users to my knowledge, though, and if there are any, they undoubtedly will have turned that Trojan-like 'report to the Chocolate Factory' setting off.)
What I find interesting is that persons allegedly working in IT who haven't figured out how to set the automatic actions in MSE. (Hint: it's really difficult, as it involves going to the 'Settings' screen and unchecking a checkbox, actions which should require at least a MCSE.)
Both Avast and AVG, and most of the other free antivirus products, are tending towards graphics-heavy interfaces with lots of "pay for our full version" popups.
Many users of Chrome and Opera use those browsers because the minimal *ahem* chrome that gets in the way. MSE is the free AV equivalent to that, at least for now.
Ah for the good-old days, and F-PROT for DOS...
it installs the browser binary in your appdata.. (which isn't for executable binaries but from application data... duh) to bypass the security of windows, so it doesn't need elevation to install loads of spyware on unexpecting victims from its browser.
it shows every behavior a virus has.. So I don't see why a virus checker should get a slap on the wrist for detecting it as such.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
