Google has released a new version of Chrome after Microsoft’s antivirus software flagged the browser as malware and removed it from about 3,000 people’s computers on Friday.
Microsoft apologized for the problem and updated its virus definition file to correct the false-positive problem, according to a post from Ryan Naraine at ZDNet.
But not before the damage was done. Even though the problem directly affected only a relatively tiny fraction of Chrome users, Google decided to spin up and distribute updated beta and stable versions of Chrome.
“Earlier today, we learned that the Microsoft Security Essentials tool began falsely identifying Google Chrome as a piece of malware (“PWS:Win32/Zbot”) and removing it from people’s computers,” said Mark Larson, Chrome engineering manager, in a blog post Friday. “We are releasing an update that will automatically repair Chrome for affected users over the course of the next 24 hours.”
Win32/Zbot is a trojan horse that lets attacker steal passwords and gain access to a victim’s computer–not the sort of product anyone would want associated with their Web browser.
Microsoft had this statement about the mistake:
Information about incorrect detection of Google Chrome as PWS:Win32/Zbot
On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified and as a result, Google Chrome was inadvertently blocked and in some cases removed. Within a few hours, Microsoft released an update that addresses the issue. Signature versions 1.113.672.0 and higher include this update. Affected customers should manually update Microsoft Security Essentials with the latest signatures. After updating the definitions, reinstall Google Chrome. We apologize for the inconvenience this may have caused our customers.
To get the latest definitions, simply launch Microsoft Security Essentials, go to the update tab and click the Update button. The definitions can be updated manually by visiting the following Microsoft Knowledge Base article:
http://support.microsoft.com/kb/971606
PWS:Win32/Zbot is a password-stealing trojan that monitors for visits to certain websites. It allows limited backdoor access and control and may terminate certain security-related processes.
Google also provided detailed instructions on how to update the Microsoft Security Essential virus definition file and to reinstall Chrome. It’s good that both companies worked to tidy this problem up swiftly, but perhaps Microsoft should have included Google, not just its customers, in its apology.
Article source: http://news.cnet.com/8301-30685_3-20114600-264/microsoft-falsely-labels-chrome-as-malware/?part=test-cnet&subj=software&tag=title
View full post on National Cyber Security » Virus/Malware/Worms
