In an development first reported by Ryan Naraine, the free antivirus and anti-malware program Microsoft Security Essentials (MSE) has been deleting the popular Google Chrome browser claiming that it was a piece of malware from the Zeus family of trojans. The Chrome help forum logged over 289 comments in less than 2 hours on this issue. Affected users all reported that MSE advised them that they had a malware attack, and asked if they wanted MSE to remove it. If the user said yes, (and who would not?) then the “malware” was removed by MSE. As part of the removal process the user was asked to restart the affected machine. Once rebooted, Chrome was gone.
The Zeus Trojan has been responsible for over $70 million USD in losses to banks and businesses, according to the American Federal Bureau of Investigation. There are reports that the Zeus source code has been recently released into the public domain, making it a serious risk for businesses. Also, as business IT departments look for more ways to save deployment costs, Chrome and MSE are being seen on more and more desktops in businesses, not just home computers.
Microsoft was quick to respond to the issue and has issued a fix for the problem. Apparently, MSE saw the Zeus Trojan file PWS:Win32/Zbot in the chrome.exe file. Microsoft asks that MSE (and Microsoft Forefront as well since it uses the same anti-malware engine) users do the following:
Microsoft recommends that you download the latest definitions to get protected.
Detection last updated:
Definition: 1.113.631.0
Released: Sep 30, 2011
Microsoft also issued a press release that stated as follows:
"On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified and as a result, Google Chrome was inadvertently blocked and in some cases removed from customers' PCs. We have already fixed the issue -- we released an updated signature (1.113.672.0) at 9:57 a.m. PDT -- but approximately 3,000 customers were impacted. Affected customers should manually update Microsoft Security Essentials (MSE) with the latest signatures. To do this, simply launch MSE, go to the update tab and click the Update button, and then reinstall Google Chrome. We apologize for the inconvenience this may have caused our customers."
Because the Microsoft Terms of use specifically preclude any user of MSE from suing or otherwise seeking compensation for any losses, such as the time those who do not back up their extensions and bookmarks will spend rebuilding their browser and installing it, this is all you can expect from Microsoft. But then again it’s free after all.
The take away for users is first be sure you set up syncing for your bookmarks in Google Chrome. Second, never assume your computer is smarter than you are, and always review what it is going to do to itself before you click that button.
Comments
Well, it's not THAT bad...
Well, it's not THAT bad... Nothing compared to what AVG did a few times.
Yes, but does smell a bit
Yes, but does smell a bit when you also make a competing browser.
Add new comment