To be fair, Microsoft doesn't know. Malware authors tend to have ads that link to non-malware sites at first, and change to malware after the ads have been vetted. They know how to detect when Google/Microsoft/etc checks up on them and serve innocent data at those times.
There are ways to detect this, and ways to avoid the detection; it's an arms race. Google is better at this than Microsoft, so studies have shown that you are safer on Google than on Bing. But nothing is 100%, and sometimes people slip malware past Google too.
So it's not malice on Microsoft's part, as you seem to imply. Less competence maybe, or a lack of resources thrown at the problem, or a lack of corporate will; I don't know.