Microsoft Security Software Says Chrome is Malware

October 1, 2011

Traditionally, users of PCs running Microsoft’s Windows operating system have been strongly encouraged (for good reason!)  to install an anti-virus package on their machines; the packages were supplied, not by Microsoft, but by independent software vendors like McAfee, Norton, and F-Secure.  More recently, Microsoft has been taking a more active role in security; in particular, it has introduced a free anti-malware package called Security Essentials, intended for personal and small business (up to 10 PCs) use.  Like other anti-malware programs, a key component of Security Essentials’ detection logic is a regularly-updated database of malware “signatures”: specific bit patterns that occur in a given piece of malicious code.

Yesterday, a number of Security Essentials users experienced problems with Google’s Chrome browser as a result of an error in Microsoft’s signature update, according to an article at Wired..  With the updated signatures, Security Essentials flagged Chrome as a variant of the Zeus family of trojans, specifically PWS:Win32:Zbot; in consequence, Chrome was blocked from working and in some cases actually removed from the user’s system.  Microsoft was, I am sure, considerably embarrassed; and, to its credit,  released a corrected signature update within a few hours of the first problem reports.   (This did not deter some folks from perceiving a sneaky Microsoft “dirty tricks” effort, but I feel fairly sure that a dumb mistake was the root cause.)  Windows users who are running Security Essentials should update their installation; Microsoft says that signature versions 1.113.672.0 and higher include the correction.

Google also has an explanatory post on the official Chrome Blog, including instructions for fixing the problem manually.  That post also promises an updated Chrome version that will automatically repair Chrome if it has been affected.  That new version, 14.0.835.187, has now been released, and should be available via the normal update channels.


%d bloggers like this: