Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Chrome Google Microsoft Windows

Microsoft Says It Has Resolved an Issue With Bing Which Was Causing It To Push Malware When Users Searched for Chrome (howtogeek.com) 101

Chris Hoffman, writing for How To Geek: You launch Edge on your new PC, search for "download Chrome," and click the first result headed to "google.com" on Bing. You're now on a phishing website pushing malware, disguised to look like the Chrome download page. That's the story Gabriel Landau tells on Twitter. We were able to reproduce this problem, although it doesn't happen every time. Usually, you'll end up seeing an ad for "https://www.google.com". That goes to the real Chrome download page, and everything is fine. But, sometimes, you'll see an ad for "google.com". Guess what -- that doesn't actually go to Google.com. This ad was created by a scammer and goes elsewhere. Microsoft is apparently not verifying the web address the advertisement actually goes to. Bing is letting this advertisement to lie to people. Microsoft says it has resolved the issue.
This discussion has been archived. No new comments can be posted.

Microsoft Says It Has Resolved an Issue With Bing Which Was Causing It To Push Malware When Users Searched for Chrome

Comments Filter:
  • by Anonymous Coward

    Now if they would FIRST fix the issue where it gives you chrome while searching for malware.

  • by hcs_$reboot ( 1536101 ) on Monday October 29, 2018 @09:10AM (#57554783)
    Reading the title, my first thought was "fix the issue.. sure!". But it's actually not unlikely that Bing, being much less involved in Chrome than Google..., might render search results not in a way the user expects. Morale of the story: don't always click the first result - or at least check it!
  • by jfdavis668 ( 1414919 ) on Monday October 29, 2018 @09:10AM (#57554785)
    As the best web browser to use to download a better web browser.
    • by mark-t ( 151149 )
      Edge is, to be fair, is actually pretty decent, at least as far web browsers go. In terms of standards compliance, it's actually even currently ahead of Firefox (albeit by the smallest measurable amount... and Firefox will likely leapfrog ahead of Edge by a point or two in the next version). Only two browsers are seriously ahead of Edge in terms of standards compliance: Opera and Chrome, and at the rate things Edge has been improving, it may even be a serious competitor with those two leaders by sometim
  • by El Cubano ( 631386 ) on Monday October 29, 2018 @09:11AM (#57554795)

    Microsoft Says It Has Resolved an Issue With Bing Which Was Causing It To Push Malware When Users Searched for Chrome (emphasis added)

    Glad to see MS finally admitting the true nature of Edge.

    You know, after all, that the first step on the road to recovery is admitting you have a problem.

  • by jellomizer ( 103300 ) on Monday October 29, 2018 @09:13AM (#57554811)

    Sure Microsoft is in competition with Google for both its Search Engine and its browser. But having Bing go to a Malware site, which infects your Windows PC. Makes Windows, Edge, and Bing all look bad, as well as Microsoft for trying to be underhanded.

    With all the attention to prevent Google Chrome from taking more Edge share away I would expect Bings relationship with searching for a Google Product should be tightly controlled and managed, and mostly in a way to insure fairness and get good sets of data. I would expect the #1 result would be from Microsoft Telling you why Edge is So much better then chrome. But as #2 it should be googles download.

    • Competition is such a strong word to describe this "relationship". Perhaps, bing flounders uselessly before Google search? I mean bing isn't even worthy of being typed with a capitol letter, the very word is beneath other proper nouns. If bing where a hard drive, you would have to put the jumper on the drive to configure it in slav......., sorry in post 2018 vanacular, secondary mode! Dodged a bullet their, was gunna have Duckduckgo pissed at me. Tho Altavista wouldn't have minded.
    • by Tablizer ( 95088 )

      Microsoft for trying to be underhanded.

      Are you implying MS did it on purpose? More likely, they'd be guilty of not bothering to "get around to" fixing it even if they knew there was a problem.

      I've seen a lot of cases of MS seeming to neglect products, including compatibility with older versions of their own stuff, if they wanted it to just go away.

    • I helped a friend set up her brand new machine at a time when Windows 8.1 was current. We downloaded Firefox using Internet Explorer and the free 1-Month copy of McAfee started screaming. It was right - we had been directed to a malware-infested version of Firefox.
      A day or so later she installed a second virus scanner without removing McAfee and the system ended up reverting to a previous snapshot - before all of our installs - because it could not handle that any other way. Sigh.

  • #badtransitiveverbs

    (facepalm)

    • by tsqr ( 808554 )

      #badtransitiveverbs

      (facepalm)

      ...or maybe it's just bad punctuation: "Bing is letting this advertisement lie, people!

  • With all the crap it sends back to Google, Chrome almost qualifies as malware.

    • by Anonymous Coward

      Malware: "software designed to interfere with a computer's normal functioning".

      No, chrome doesn't almost qualify. You not liking something doesn't make it malware.

  • by GeLeTo ( 527660 ) on Monday October 29, 2018 @09:35AM (#57554965)
    ... is downloading Chrome. Oh, wait...
  • by gweihir ( 88907 ) on Monday October 29, 2018 @09:36AM (#57554975)

    Makes sense.

  • I wonder what actually allows the ad to claim to be www.google.com? Does Google have an open redirect URL somewhere? Is not specifying the final host a legitimate usage for an ad?
    • You can have different link text than the url it goes to. For example, you can have a link like this: Google.com [microsoft.com] In other words, someone put in an advertisement that looked like the actual Google advertisement, but changed the URL to their malware site set up to look like Google's.
  • by Anonymous Coward

    Visiting slashdot.org on my phone resulted in Chrome blocking 7 popups. One got through when I clicked on the story. Companies simply don't police their ads. It is shameful.

  • by Deathlizard ( 115856 ) on Monday October 29, 2018 @09:56AM (#57555115) Homepage Journal

    It's 2018. This crap has been going on for almost 8 years now. And it's not just Bing. Just about every search engine with ads has or has had this problem.

    If it's a popular app, and your search engine has ads. Guaranteed there's a Virus Inc. buying adwords for it.

    1) If someone is buying Adwords for any app, and it's NOT the company or group that maintains the software, ban it.
    2) If you can't verify #1, don't allow it until you can.
    3) It if sounds or feels shady in any way, don't allow it.
    4) If it's going to a aggregate site not directly affiliated to the company, ban it.
    5) If ANYONE auto redirects from the Adword link in any way. Legit or not. even after a minute. ban it.
    6) Every dropper malware I see only drops a payload once. If you see one drop. Ban it. In fact ban every ad with that domain for at least a month or more. Preferably for life.
    7) Since you're monitoring every click anyway, browse the link when it's clicked every time and make sure they are getting a clean page. If at any time, you're being redirected because it sees the traffic coming from you or the script is actually stupid enough to drop malware to your IP, ban it.
    8) Better yet, enforce and serve the complete ad site yourself and pull it cloudflare style. Check any links or files clicked or downloaded from the site. Guaranteed your IP's / crawlers are blacklisted so that a malware payload won't drop if you pull it. Best case is that it never drops a payload cause you're pulling it and sending it to the user. Worse case is it drops malware on your pull request, at that point, show the user the "Site has a problem" page and ban it.

  • Microsoft wants to kill Chrome just as much as Netscape, I woudnkt be surprised if some of Bing’s employees were in on the scam, in order to bypass security checks for ads.
  • So this means that scammers can just pay Microsoft to put their scam and viruses in their search results? So anybody using Bing can just stop using it right now and forever because this is just unacceptable.

    • by Greyfox ( 87712 )
      It's not just Microsoft. No one actually checks the contents of an ad, they just accept a large briefcase full of cash and serve whatever bytes you make available to them. If this specific case doesn't happen on Google as well as bing, it's just because google has their own adwords for their products.
  • The just facilitated a link to the REAL virus.
  • Maybe now Google can fix its problem with ad results for fake tech support scams when you type in [literally anything] + "support"

The 11 is for people with the pride of a 10 and the pocketbook of an 8. -- R.B. Greenberg [referring to PDPs?]

Working...