Microsoft Apologizes for Serving Malware

dark_15 writes "Microsoft has apologized for serving malware via its websites and Windows Live Messenger software. APC reader Jackie Murphy reported the problem: 'With Microsoft launching Vista along with their Defender software to protect users from viruses and spyware, it seems therefore to be an oxymoron that they have started to putting paid changing banner advertisements for malware, on the popular MSN groups servers.'"

Say what?

[Anonymous Coward]

Started to putting?

Does anyone proofread anything anymore?

Re:

[basic0]

What are you is talking about? Of course nto!

Re:

[smittyoneeach]

Candidate for a Pullet Surprise [jir.com]

SystemDoctor 2006??

[Intron]

What fool would be taken in by this?

Personally, I'm downloading SystemDoctor 2007.

Re:SystemDoctor 2006??

[texaport]

"4 out of 5 dentists surveyed, recommend sugarless gum for patients who chew gum"
really meant that 20% of dentists wanted you chewing the stuff that rots your teeth ...

If you polled system utilities firms, I'm not sure whether they WANT you to buy Vista,
or run an old rotten O/S that turned AV from a cottage industry to a major profit center.

Re:

[MS-06FZ]

"4 out of 5 dentists surveyed, recommend sugarless gum for patients who chew gum"

really meant that 20% of dentists wanted you chewing the stuff that rots your teeth ...

No, it could also have meant that those 20% preferred to tell their patients "don't chew gum" - or "chew whatever gum you want, but brush your teeth afterwards" or "sugarless gum really doesn't have any significant benefit compared to normal gum." The phrase doesn't say anything about what that 1 out of 5 recommend with regard to gum - if anything at all. It just says that when dealing with a patient who chews gum, 4 out of 5 recommend sugarless.

5 dentists isn't a very large sample group anyway...

Re:SystemDoctor 2006??

[BrokenHalo]

5 dentists isn't a very large sample group anyway...

OK, how about this:

35% of all road accidents are caused by drunk drivers. Therefore, 65% must be caused by sober drivers. Therefore, you're safer driving drunk than sober. :-P

Re:

[StikyPad]

Hate to be the bearer of wikiality, but AV software has been a major industry since well before XP. By December 1990 the market had matured to the point of nineteen separate antivirus products being on sale including Norton AntiVirus and ViruScan from McAfee. [wikipedia.org]

And don't worry, Vista is hardly the sugarless gum of operating systems.

Re:

[kestasjk]

Recently gaim-2.0.0-beta5 started crashing constantly, so I checked out MSN Live Messenger. I couldn't believe that people actually use it for an extended period of time.

There are these incredibly irritating ads that are always about what some celebrity has done (as if anyone cares) or some American football game. Then there's the window's skin, which is blue and shiny and stands out from everything else; if you thought GTK+ on Windows would look bad and out of place compared to something MS comes up wit

Somebody else said it ...

[Ralconte]

... on the FA comments section. Microsoft is going to kill Google someday. Some stooge at Microsoft knew this was a malware company, and they took the money and ran the advert anyway. Would have gotten away with it too, if it wasn't for those meddling kids.

Just one question ...

[spellraiser]

Even if this were true, how does proliferating malware on Windows hurt Google?

In Soviet Russia...

[192939495969798999]

ISR, Microsoft serves malware to ... uh... you serve malware to microsoft!

Re:

[Brian Gordon]

Microsoft serves malware

Steve Ballmer for one welcomes his new malware overlords.

Re:In Soviet Russia...

[Aqua_boy17]

Just imagine a beowulf cluster of MS Malware. Oh, wait...I just described Vista.

I kid, I kid.

Re:In Soviet Russia...

[Opportunist]

Considering the amount of malware coming out of former Soviet Russia countries, that even holds true after the fall of the communism.

Re:

[curecollector]

...Microsoft serves you to malware.

Re:

[trianglman]

EDIT:
ISR, malware serves you to Microsoft.

Please choose one

[smooth wombat]

it seems therefore to be an oxymoron that they have started to putting paid changing banner advertisements for malware, on the popular MSN groups servers.'

1) it seems therefore to be an oxymoron that they have started to put paid changing banner advertisements for malware, on the popular MSN groups servers.

2) it seems therefore to be an oxymoron that they have started putting paid changing banner advertisements for malware, on the popular MSN groups servers.

3) it seems therefore to be an oxymor

Re:

[$RANDOMLUSER]

And what, exactly, does "paid changing banner advertisements" mean?
Either way, it's not the /. editor this time, it's a direct cut n' paste from TFA.

Re:

[smooth wombat]

I know. Which is why it's so disconcerting.

If it was the editors, we could chalk it up to laziness. But this is coming from a supposedly reputable source with paid editors and other bells and whistles.

Re:

[zlogic]

wait, it's
4) it seems therefore to be an oxy*HEAD EXPLODES*

Re:

[Damastus the WizLiz]

Its not even an oxymoron. An oxymoron is two words put together with opposet meanings, like: Dodge Ram, Bitter Sweet, or Windows Stability. The correct term here would be hypocricy.

Re:

[Nimey]

Contrast to a tautology, such as "Slashdot-reading virgin".

Cor, I'm getting nasty in my old age.

Re:

[Darby]

Cor, I'm getting nasty in my old age.

You're that old and still a virgin? No wonder you're cranky ;-)

Re:

[duguk]

> Its not even an oxymoron. An oxymoron is two words put together with opposet meanings, like: Dodge Ram, Bitter Sweet, or Windows Stability. Microsoft Works.

Re:

[hotdiggitydawg]

Its not even an oxymoron. An oxymoron is two words put together with opposet meanings, like: Dodge Ram, Bitter Sweet, or Windows Stability.

or Military Intelligence...
or Bush Administration...
or Microsoft Works...
etc...

Re:

[kinglink]

I thought in this case it's business as usual for Micrsoft? Malware and software to stop malware? 98, essentially a patch to 95. The Xbox 360, so different from the Xbox it's like two 180s in a row!

Re:

[RealSurreal]

Maybe the article was dictated to a Windows machine.

"Dear aunt, let's set so double the killer delete select all."

Re:

[PhxBlue]

What, no CowboyNeal option?

No Conspiracy But Still Stupid

[govtpiggy]

SystemDoctor2006 has made an appearance over the past few days, coming complete with pop-up windows to trap and then cause horrific damage to the computers of unaware users -- causing them to then rush out to purchase Microsoft Defender?

The implication from the article that Microsoft is trying to infect your system so you "buy" the free to download Microsoft Defender is ridiculous.

Regardless, this is a really stupid oversight on Microsoft's part. Reminds me of the p2plawsuits.com thing [wired.com]. Shouldn't a person knowledgeable about ads be approving these beforehand (at least in Microsoft's case)?

Re:

[dedazo]

I find it amusing that this is being spinned this way here of all places - I remember CmdrTaco saying they "had no control whatsoever" over the advertisements that run on Slashdot - specifically the ones for Microsoft.

I believe that was followed by the usual "deal with it, it's no big deal".

Re:

[Opportunist]

That conspiracy has been flying low since the advent of AV software, there are still many people out there beliving that AV vendors write malware themselves to have a selling point.

Fu.., if I wrote password stealing trojans, I'd grab the money and wouldn't be sitting here anymore! Even I can survive on 900k for a while!

Re:

[rtb61]

Oh fine, their trying to sell M$ Live one care(less). M$ has pulled a lot of anti customer stuff in the past, would they do it and see if they could get away with it and then if they get caught lie and blame the 'new guy', we are talking about M$, they would do it in a second.

Is M$ going to be prosecuted, are any of the executives going to jail, so what was the downside for this whole smarmy marketing scheme. M$ has a whole extensive track record of pursuing the dollars first and then letting their un-war

Slashdot is the worst malware

[microbee]

Each time I click a link from it, the browser freezes.

Re:Slashdot is the worst malware

[$RANDOMLUSER]

It's much worse than that. Each time you click a link, somewhere, a server dies.

Re:

[DavidTC]

That's a known Mozilla bug. Instead of crashing when clicking on a link, the browser attempts to open the URL listed in the href of the A tag, and will actually do so if the server is reachable and returns a page.

This is technically correct according to HTTP and HTML specifications, but unexpected behavior with users used to IE's 'crash feature'. As a workaround, instead of clicking on a link, you can press Alt+F4 or click on the X in the upper-right corner of the browser window, which will close your brow

Another reason to rush out and buy Vista?

[CodeShark]

Nasty mal-ware -- pops up on my new computer system, tells me to buy yet another package I need to have an absolutely wonderfully great and safe experience while I am working... Oh wait.... I was referring to the MS-Office tools requiring an OS upgrade and visa versa, and none of the above are really secure at all because the marketing droids need another way to make money and security still takes second place....

AKA microsoft doing business as usual, is it not? Which is why in my book Vista et. al will be

System Doctor

[mdboyd]

Malware or Malpractice?

Re:

[Opportunist]

Maybe just malice.

We are also very sorry for...

[Anonymous Coward]

... building an "OS" that allows anyone else who wants to place malware on your computer the ability to do it without your knowledge. Please click "OK" if you would like to accept this Apoligy.

Intriguing.

[EveryNickIsTaken]

With Microsoft recently purchasing a company that specializes in in-game advertising, I wonder how long it is until Malware gets a hold of my Xbox 360?

Re:Intriguing.

[HerrEkberg]

Just stop injecting medkits you find lying around in some random alley and you will be fine.

Windows.Vista malware

[atomic777]

Name: Windows.Vista

Risk Impact: High
Systems Potentially Affected: All PCs

Behavior:
Windows.vista is malware that gobbles up all resources on a machine and renders it unusable. Suggested solution is to visit the following malware cleansing site : http://fedora.redhat.com/ [redhat.com]

Re:Windows.Vista malware

[Opportunist]

Spreading behaviour: Disguises as an operating system and lures people into installing it.
Known side effects: Steals personal data, installs backdoors, downloads code from the internet, has the ability to infect further files to prevent their use on different PCs.
Protection: None
Removal: Install a clean OS.

Re:

[Lehk228]

Name: Windows.Vista
Risk Impact: High
Systems Potentially Affected: All PCs^H^H^H^H^H^H^HPC's with vast amounts of RAM

Re:

[mgiuca]

Systems Potentially Affected: All PCs

Fortunately this isn't true. Only a small percentage of machines are susceptible to this malicious attack. Everyone else is kindly asked to buy a brand new machine (all of which come with the virus pre-installed).

In other News

[ehaggis]

Gator apologized for advertising Windows Vista. "Obviously this sort of malware slipped through our screening process, " they quipped.

Symantec on SystemDoctor: Pot, meet kettle...

[dpbsmith]

Symantec says [symantec.com] "SystemDoctor is a Security Risk that may give exaggerated reports of threats on the computer. The program then prompts the user to purchase a registered version of the software in order to remove the reported threats."

I completed the unpleasant task of helping my wife get started with a new HP computer, preloaded with Windows XP Home and a plethora of shovelware. We spent hours watching dialogs pop up suggesting that we download this, register that, and update the other.

Practically the first thing that happened was that Norton Internet Security popped up a huge scary dialog warning us that we hadn't turned it on. The next thing was a huge scary dialog saying that it had found a security risk in her system. The problem it had found was that it apparently ships with no virus definitions at all, and required about twenty minutes over broadband to download and install some seventeen thousand of them. The next thing was a huge scary dialog saying that we needed to register with Symantec (presumably so that it can give us a huge scary warning at the end of the free 60-day trial).

The next thing was a huge scary warning that we needed to turn off Windows Firewall, which to Microsoft's credit is apparently preinstalled turned on and functioning, so that we could use Norton Internet Security's firewall instead.

The next thing was a huge scary warning that we had attempted to change Internet Explorer's home page from an AOL signup offer to my wife's existing "my Yahoo" page.

Every time she launched an application a little yellow flag would rise up from the taskbar to tell her that Norton Internet Security noticed that she had launched an application.

And from time to time it puts up a message box with no apparent purpose other than to tell her that Norton Internet Security is running properly. "Exaggerated reports of threats on the computer?" "Prompts the user to purchase a registered version of the software in order to remove the reported threats?" To be fair, although it did prompt her to register, I don't believe it will prompt her for a purchase until the end of the sixty days.

But the thing is the most intrusive, obnoxious, offensive piece of crap I've ever seen. It makes Clippy look adorable by comparison.

Presumably she needs more than just an antivirus program (ClamAV). If anyone has any recommendations on a well-behaved, friendly security program for Windows XP that isn't in your face all the time, I'd love to hear it.

P. S. The reason we bought a machine with XP is that my wife has been stalling on a much-needed upgrade for about three years now, and what she read about Vista was what convinced her that we needed to run out immediately while we could still get a machine preloaded with XP. Do you think she is being included in these statistics that show that Vista has boosted PC sales...

Re:Symantec on SystemDoctor: Pot, meet kettle...

[Sefert]

The corporate edition of Symantec AV is nice and quiet. I stay away from any 'security packages' type of products because they generally include total crap that is just alarmist and irritating. I'd take a hot poker in the hand before I'd have Norton Internet Security on my system. McAfee's is just as bad (in fact, often worse, as some web browsing problems still exist even when the a/v and firewall are off).

I'm also a big fan of Kaspersky antivirus. It seems to only call your attention to something when it really needs it, and has intelligent things to say, rather than seeming to act like it's trying to justify being there. Stick to just A/V (that picks up spyware like Kaspersky does) and a little hardware firewall - it'll generally do the trick very nicely.

Re:Symantec on SystemDoctor: Pot, meet kettle...

[StikyPad]

I've found Kaspersky to be a resource hog. My personal favorite is NOD32 [eset.com]. The interface takes some getting used to, but it works well, has all the features you'd expect without trying to sell you on a firewall/"internet security" suite. It scores among the best in hit % (typically 2nd, sometimest 1st), and it was the fastest scanner in several tests. They also have "bulk" discounts, which is great if you're running more than one system.

Recent review here [biosmagazine.co.uk] and when searching for reviews just now (never seen a bad one), I just discovered it's user rating [cnet.com] blows away that of Kaspersky [cnet.com].. rightly so, IMHO. This is a nerd's AV if ever there was one.

Re:

[gardyloo]

I would second the recommendation of Kaspersky (if you want to pay for an all-in-one system scanner and software firewall). If you want to go for the free stuff, Avast and AVG have both proven to be fine for me, along with a ZoneAlarm or Comodo firewall.

The other poster in this thread level said that Kaspersky was a resource hog. I've never found that (except that big downloads on broadband can be made slower by Kaspersky doing its scanning during the download). Plus, its definitions a

Re:

[sporkme]

Symantec AV often lags behind in protection and definitions. The worst recent example that comes to mind is the spread of hacktool.rootkit (aka about a million things), which was implemented in countless malware releases. Symantec was AFAIK the only mainstream antivirus program that missed detecting it as it was installed. My flavors of choice are:
AVG Free antivirus [grisoft.com]
LavaSoft Adaware [lavasoftusa.com]
and Spybot Search and Destroy [safer-networking.org].

Very little can get by this trifecta. When I suspect that a machine has received an inf

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[sporkme]

My guess: so elitists like us can complain. I hear ya, brother. AVG is ugly as a gorilla, too.
I gladly trade beauty for quality.

Re:

[PitaBred]

I just had to remove that Norton shit from my aunt's computer because it would take 30-60 seconds to scan any MS Office document that was opened, when it was opened. Doesn't matter if it just scanned it, that it was on the local machine, and it didn't seem to even try to cache definitions in memory or anything. It just got the Word window border open, and "Scanning for viruses..." in the status bar for the next minute. I replaced it with the free version of AVG, and it started behaving like the brand new

Re:

[Brickwall]

Yes, on a friend's recommendation, I removed Symantec/Norton from my home system and installed AVG. Seems to work fine. However, when I tried to uninstall Symantec, I used their "uninstaller", but still found some of their apps running in background. So I went to the command prompt, and tried "del *.*" in the Symantec subdirectory. Guess what? Even though I'm running as admin, there are a couple of files it will not let me delete. I've tried killing every process through the task manager, but I can't get th

Re:

[PitaBred]

http://www.softwarepatch.com/tips/howto-delete-xp. html [softwarepatch.com] That should solve it :) It uses a standard Windows mechanism, but gives you access to it.

Re:

[PitaBred]

Actually, ignore the above. I didn't realize it was pay-for crapware. Try the sysinternals utilities:

http://www.microsoft.com/technet/sysinternals/File AndDisk/pendmoves.mspx [microsoft.com]

Re:

[Phroggy]

SymNRT [symantec.com] (download [symantec.com]) will remove all the remaining bits and pieces of whatever Symantec/Norton crap is still there.

Re:

[compro01]

Even though I'm running as admin, there are a couple of files it will not let me delete

boot to safe mode command prompt? or boot off the windows CD and use the recovery console?

Re:

[darkonc]

boot with knoppix [knopper.net] (or any other live Linux CD that allows NTFS writes), then mount your windows partition and delete the files.

Then, (if you're really brave, or just stupid), boot back into Windows.

At that point You may also have to delete references to symantec from the registry. (but hopefully not)

Re:

[McDutchie]

You've had good responses but none so far have mentioned the most effective security measure you can take on a Windows XP system: don't let the user run under an Administrator account! Make an additional "restricted" user account for her under which she does the normal work, logging in to the admin one only as needed.

Programs that seem to require admin rights to run can often be beat into submission by adjusting the Access Control Lists of the files it needs to write to, or by using "Run As" (which I th

THANKS for the helpful replies.

[dpbsmith]

One last question.

What are the chances that Norton Internet Security will uninstall itself gracefully via the Add/Remove Programs control panel? (I certainly plan to set a System Restore checkpoint before trying it!)

Re:

[Phroggy]

One last question.

What are the chances that Norton Internet Security will uninstall itself gracefully via the Add/Remove Programs control panel? (I certainly plan to set a System Restore checkpoint before trying it!)

Try that first, but if it doesn't work, SymNRT [symantec.com] (download [symantec.com]) is the answer.

Re:

[thejynxed]

It doesn't play nice with uninstallation at all.

Even after uninstalling, you need to download and use a special cleaning tool to get rid of all of the files and registry entries that piece of crap software leaves behind.

http://service1.symantec.com/SUPPORT/tsgeninfo.nsf /docid/2005033108162039/ [symantec.com] (Skip all of the instructions for reinstallation of Norton, just run the tool.)

Alternatively, get it here:
http://www.majorgeeks.com/Norton_Removal_Tool_SymN RT_d4749.html [majorgeeks.com]

Uninstalling Norton has been known to hose sys

Re:

[radish]

I use NOD32, it's very fast, has a reasonably small footprint and is very discreet. It even has "silent mode" where it won't show itself unless it _really_ needs you to make a decision (like "I found a virus - clean or delete?"). I have it setup on all our machines with silent mode on my GF's, and have it email me with any notifications. Works very well and she loves it compared to Mcaffee which used to bug her every day just to tell her it had downloaded an update.

Re:

[Phroggy]

ClamWin doesn't scan files in real-time as they come in; you can set it to run a full scan every night or something, but that's not really ideal.

My personal recommendation, which others will certainly disagree with, is to run Norton AntiVirus without any of the other Symantec/Norton crap. Google makes a 6-month trial of NAV available as part of Google Pack. I suggest that after your current 6-month trial expires, you uninstall all your Symantec/Norton software, re-enable the Windows Firewall, and use Goog

Re:

[svunt]

I had exactly the same experience buying a notebook for a non-techy friend. It was a pre-configured HP, and a week later he called me to tell me that he 'had a virus, or some ad program' which kept giving him 'popups and windows that interrupt me all the time' and wanted me to clean the infection. That infection was indeed Norton Internet Security.

Amazing how different their corporate versions are to their 'clueless sucker' versions.

Re:

[Tim C]

To be fair, although it did prompt her to register, I don't believe it will prompt her for a purchase until the end of the sixty days.

In my admittedly (and blessedly) limited experience, it'll start nagging her to purchase from 2-4 weeks before the end of the period. That's based on my parents' installation of the full version, which started nagging from around the 28 days to go mark.

Presumably she needs more than just an antivirus program (ClamAV). If anyone has any recommendations on a well-behaved, frien

Re:

[mgiuca]

It's all true. Norton Internet Security is the most annoying malware I've yet seen on my computer. I really need to get a popup blocker to block its annoying yellow popups.

The most frustrating thing is every day I turn on my Windows machine (fortunately that isn't often), Norton cheerfully pops up to tell me "I am not protected from 1 rapidly spreading threat" (the implication being that I need to re-subscribe, since my subscription wore off). It tells me this every freaking day. What is this threat?

It's a

Re:

[PopeRatzo]

I'm pretty impressed with NOD32. It's so good that I can work in my DAW software without it causing audio drop-outs or additional latency. I would normally turn off any AV software when doing music, but I've forgotten a few times and NOD32 has stayed out of my way.

For all I know, however, it's doing absolutely nothing to prevent viruses, but for now I'll trust their hype. I figure any program that's this polite is worth my money.

Tagging data missing?

[Sefert]

Along with the useless 'haha' tag, doesn't some wank normally add a 'defectivebydesign' tag whenever Microsoft is mentioned?

Too bad there's no flamebait moderation option for the twits who apply pointless tags.

Re: defectivebydesign

[giafly]

Along with the useless 'haha' tag, doesn't some wank normally add a 'defectivebydesign' tag whenever Microsoft is mentioned?

The 'defectivebydesign' tag is for DRM, because it is. Unfortunately, unlike Vista itself the malware wasn't written by Microsoft, so it's effectivebydesign.

Re:

[smash]

Given the number of issues in Microsoft's operating systems, and basic single-user-hacked-to-multiple-user/insecure-by-d e fault design philosphy, the "defectivebydesign" tag applies most of the time Microsoft are mentioned. And no, i'm not the one tagging it.

If you can show me a single microsoft software product that was released without showstopping MAJOR bugs being revealed within the first 6 months (ie, it was defective by design), I'd be very interested to see what you come up with.

yes, but...

[Mr 44]

DefectiveByDesign is referring to a campaign to end DRM. It's pointless and out-of-place on the non-drm related articles that get tagged with it, which I think is the grandparent's point. [defectivebydesign.org]

Re:

[smash]

Who says it's referring to that? Defectivebydesign can mean that, or it can mean that the products they make are actually defective, by design :)

UserFriendly

[VEGETA_GT]

Reminds me of a UserFriendly comic

http://ars.userfriendly.org/cartoons/?id=20050130 [userfriendly.org]

Standard Operating Procedure

[mpapet]

The current method of influencing voters/consumers when it comes to issues that slow the acceptance of an public servant/company is to make a public apology to effectively put the issue behind them.

It's important to note that in most cases, it doesn't change anything.

[shrugs]

Message to managers

[Opportunist]

Especially to those who always claim "You have to buy from a big company, that's better than free software where there is no company that you can hold responsible".

Here's what you get: "Whoopsie. Sorry, our bad"

Re:

[account_deleted]

Comment removed based on user account deletion

Sensationalist?

[DavidD_CA]

More like, "Microsoft appologizes because a spyware company bought advertising from them, violating their policy, and the ad was shown to people in Messenger until it was reported and removed.".

Re:

[DavidD_CA]

Can we really expect Microsoft's advertising division to have anything to do with their OS Security division?

While a company did get through the cracks here, this is not a "security violation" that we typically ream Microsoft for.

Keep in mind that I can just as easily go to Google and search for "remove spyware" and be served Sponsored Links that will proport to remove my spyware for me, while actually installing more. Why aren't we bashing Google for this?

I don't run Microsoft Operating systems but...

[JustNiz]

can anyone tell me if their ad blocking software prevents the user from blocking ads on Microsoft sites?

Re:

[Software]

What ad-blocking software from Microsoft? As far as Google [google.com] knows [microsoft.com], Microsoft offers no such thing:

As for ad blocking, it's something we're mulling over but it's not natively in IE7. I'm sure there are add-ins you can get for IE that will block ads.

I use EverythingIsn't hosts file to block ads [everythingisnt.com], plus AdBlock in Firefox.

Re:

[Virak]

You don't.

Is a good start...

[gmuslera]

Hope soon we will see the "Microsoft Apologizes for Selling Malware" headline.

Gee

[BCW2]

I thought everything from M$ after Win 3.11 was malware!

Re:

[BCW2]

Once I learned how to tweek it I liked it, ran it on a 386 and a 486. Now 3.0 was such a joke that it couldn't be malware. 2k is still the best that M$ has ever done so my original post was off a touch.

Putting Paid

[Frequency Domain]

Putting paid [thefreedictionary.com] is a British/Australian idiom for disrupting somebody's plans or intentions.

Re:

[treeves]

Interesting tidbit, but I don't think it explains the poorly worded sentence in the summary. If I'm wrong, please explain.

Serving malware? Nothing new ...

[ScrewMaster]

they've been serving up Windows Genuine Advantage for some time now.

Re:

[Brian Gordon]

Which is free to download [microsoft.com] by the way.

Re:Motive?

[petermgreen]

and btw i've heared it works on 2K if you edit the installer file to make it let you.

Re:Motive?

[govtpiggy]

Windows Defender is supported by XP and is a free download. You don't need to buy Vista to get or use it.

Re:

[Mex]

You're giving them too much credit. This is a case of plain old stupidity.

Re:Motive?

[Phisbut]

You're giving them too much credit. This is a case of plain old stupidity.

Plus, their apology and recommendations aren't any less stupid. From TFA : Microsoft recommends customers follow our Protect your PC guidance at www.microsoft.com/protect.

Let's have a look at their guidance: Protect your computer in 4 steps [microsoft.com] :

Step 1. Keep your firewall turned on
A firewall is useless in this situation. The user manually downloaded and executed a piece of software.

Step 2. Keep your operating system up-to-date
See step 1.

Step 3. Use updated antivirus software
That's exactly what the user is trying to do. The message lets the user believe he needs to use this software as a protection against viruses, spyware and whatnot. Plus, it's on a Microsoft.com page. You gotta trust Microsoft.

Step 4. Use updated antispyware technology
See step 3.

Re:

[db32]

Uhm...and why wouldn't they suggest that. Given that they are getting paid for the advertisement it stands to reason that every time a user get suckered in by it that MS makes money on the deal. Sure it makes them looks bad, but now they get to make their little apology speech, everything is A OK again, and they still got paid through the deal. People who like windows are few and far between these days, almost every average joe user I have dealt with despises them, but knows no other reasonable option.

Step 5

[darkonc]

Stop using Windows... (it says "How to protect your PC, not "how to protect your Windows box").

Actually, now that I think of it, that should probably be step 3.

Re:

[Nimey]

Step 1. Keep your firewall turned on

But how do you sexually arouse a firewall? "Baby, you're *so* hot!"?

Re:

[Nimey]

I think one of my users got bit by this on 14 Feb, and no, Defender didn't stop it.