Faulty Microsoft Security Essentials update removes Chrome from Windows

By Tom Warren, on 30th Sep 11 4:57 pm with 62 Comments

Microsoft's Security Essentials nuked some Google Chrome installations

A false-positive update for Microsoft’ Security Essentials software has removed Google’s Chrome browser from hundreds of Windows desktops.

Reports of problems originally started at Google’s support forums on Friday. A support thread with 200 comments includes a number of users reporting that Microsoft Security Essentials identified Google’s Chrome browser as a “severe” threat and removed the software. Some users reported that the threat was PWS:Win32/Zbot, a variant of the Zeus (Zbot) malware.

Microsoft acknowledged the mix up on Friday and addressed the problems by releasing a new definition file update for Microsoft Security Essentials. ZDNet reports that the software giant updated its Malware protection center listing for the Win32/Zbot listing with the following:

“On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified. On September 30th, 2011, Microsoft released an update that addresses the issue. Signature versions 1.113.672.0 and higher include this update.

PWS:Win32/Zbot is a password-stealing trojan that monitors for visits to certain Web sites. It allows limited backdoor access and control and may terminate certain security-related processes.”

Microsoft’s Windows chief, Steven Sinofsky, introduced Internet Explorer 10 in Windows 8 Metro style earlier this month at the company’s BUILD conference. Sinofsky joked: “I don’t think anything is better than a Chrome-less browsing experience.” Perhaps he’s more of a visionary than we first thought.

  • http://twitter.com/jgmis Joshua Greene

    Even though I use Chrome over IE the vast majority of the time, I can’t help but find this hilarious.

  • Anonymous

    Oh woops! Sorry about that Google! We’ll um, fix that right away.

    • Guest

      it’s just a reminder to Google about who’s house they’re playing in

    • Anonymous

      Stay tuned next week when Google retaliates. All Microsoft URLs accidentally filtered as malicious sites!

    • Guest

      you think they’ll refrain from whining on Twitter that long?

  • Alique Williams

    LMAO!

  • Anonymous

    Ha though this was an honest mistake, when it comes to uninstalling Chrome from a PC, it sort of act’s like malware by leaving traces of itself as well as screwing up the browser association’s with various applications and such. 

    Either way, I am more of a IE9+Opera+Maxthon user myself. 

  • Xpxp2002

    I don’t see the problem. MSE is suppose to remove spyware and malware. Isn’t it but doing its job?

    • Xpxp2002

      Soft keyboard seems to have obliterated my comment.

      I don’t see the problem. MSE is supposed to remove spyware and malware. Isn’t it just doing its job?

    • Anonymous

      This is too funny.  Reading the description of what the ZBot does, I can understand why MSE classified Chrome as such.

    • Jinge

      Chrome… The software installing in the AppData folder instead of program files…….. “Upgrading” every 3 weeks, and keeping all installation files in its folder?
      Yes the one I have cleaned 3 months ago, and which already takes 1.5GB (I use it just sometime, but it upgrades every time, I have now 12 different versions in the folder since June, all more than 100MB).If you use chrome, think about cleaning it OFTEN!

      I really don’t like how they work, and MSE is doing its job there!

    • Anonymous

      What the F***, your right!  I just checked my work laptop with Chrome and low and behold the Google folder under AppData is almost an entire gigabyte.  And just why the hell are they hiding under AppData instead of Program Files like all the legitimate programs use?

    • GP007

      That has to be some of the stupidest thing i’ve ever heard of a program doing.  If it’s upgrading why does it keep all the old stuff anyways?  1GB folder for what’s suppose to be a small and light browser?  Stupid Google, good thing I don’t use that crap.

    • Jinge

      It is just to avoid the UAC confirmation when it wants to upgrade… Just against MS security rules.

    • rsgx

      @39d4ebc81fcda1f2c9985ad684939762:disqus Why am I not surprised.

    • phil jay

      Well in some way it makes sense.. Auto update keeps the browser up to date and secure, if the user gets prompted first, he might just cancel…

    • http://www.creepinjesus.net CreepinJesus

      @39d4ebc81fcda1f2c9985ad684939762:disqus Problem is, it also avoids any UAC prompt when anything else (i.e., malware) wants to change Chrome’s files, meaning pretty much anything can modify the files.

    • Leon Kernan

      Woha, thanks for pointing that out.  I had no idea chrome was using over 2gb on my machine!

    • Guest

      And of course the person who should be making a big deal about it, MS, hasn’t even mentioned it.

    • http://www.facebook.com/people/Pedro-Roque/100000194503830 Pedro Roque

      The first thing I do after setting up a new domain, is implementing GPO to block Chrome.

    • Anonymous

      It’s still a pain to block via GPO though as it’s not installing like a normal program. How do you do it?

    • Avatar Roku

      The software correctly identified a Google trojan.

  • http://www.facebook.com/people/Viki-Maverick/100002523433166 Viki Maverick

    Ha Ha. Google is not going to like this. How about an update that replaces IE 9.0 on all Windows machines with Chrome.

    • GP007

      Why downgrade your browser?

  • Guest

    I almost sprayed my screen with my morning coffee…
    This is hilarious!!!!

  • Anonymous

    Sounds to me like SE is working just fine.

  • Fabio Figueiredo

    … Another fail for MS.

    • Brad

      Hardly a fail.  VICTORY!!!!!!  Kill spyware!!!!!

  • Anonymous

    What’s the Problem? Isn’t MSE suppose to remove spyware and trackware

    • Anonymous

      The problem is that other AV programs are failing to catch Chrome.

    • Raj Malhotra

      Yeah, that’s a serious problem. Other AV vendors need to act fast.

  • Tuxplorer

    Another proof how good a antispyware MSE really is :)

  • Anonymous

    While I find this ironic and hilarious, I’m dreading having to deal with this at work (Head of IT) since we let everyone pick their own browser, and we have lots of Chrome users. :(

    • Morgan

      You use SE on work computers? I thought SE was more from the home user.

    • Anonymous

      It’s a small company, and sadly I’m can’t purchase software without authorization, including Anti-Virus. Trust me, I’d like to get something better, but my boss (the owner of the company) thinks that SE is enough.

      And Yes to Grs_dev. Our policies aren’t strict at all. (Though if you ask the sales team they’d tell you differently. :P)

    • Grs_dev

      and you must not have that strict of a policy or large of a user base if you let the users choose which browser they want to use. I doubt it’s a real problem though! SE might ship on some of the machines your may have purchased but unless you’re relying on it for commerical AV needs you have nothing to worry about.

  • http://twitter.com/trukhinyuri Trukhin Yuri

    “I don’t see the problem. MSE is suppose to remove spyware and malware. Isn’t it but doing its job?” LOL

  • http://twitter.com/OldCongress Gamer

    No surprise, because Google uses exploits to install/uninstall or execute chrome.
    For example, you are able to install Chrome even without Administrator priviledge in office/ public area.

    • Raj Malhotra

      They don’t use ‘exploits’ to install. Chrome installs in AppData folder of the specific user and not in Program Files. This is why it doesn’t require UAC prompts or admin privileges – a concern for IT heads.

      Even Opera can do so – if you select an installation option – but it asks you how to install (system wide or specific user) unlike Chrome.

  • Guest

    I’m sure Drummond will be whining about this shortly.

  • Anonymous

    Hahahaha! Microsoft strikes again!

  • http://www.facebook.com/andreirlopes Andrei R. Lopes

    And I’m wondering “how is possible the existance of HUNDRED pcs with shit-chrome?”. It’s a half tragic.

  • Josh T.

    Ha. You all are so bias. :P

  • http://www.facebook.com/ben.joynes Ben Joynes

    Delicious…

  • Emi Cyberschreiber

    it doesnt affected me! oh yeah i dont use chrome browser!

    some AVs have deleted my mmorpg launcher sometimes… or some file, even though i still send its a false positve… they never fix it. so its not and wont be the first time. of course when a AV deletes a launcher or something by mistake… there wont be any news about it because Microsoft and google isnt in the sentence :)

  • http://twitter.com/RobertCFP Robert Wade

    LOL, that’s because Chrome IS a trojan….it’s malware disguised as a useful browser ;)

    Die, Google, Die-Die-Die

  • Morgan

    This isnt a bug… it’s a feature. I stopped using other browsers long ago anyway since IE has come so far. I have had people tell me they continue using FF and others because of the security holes. I have been using IE for years and have had no issues. I just don’t see the point anymore.

  • luke516

    Oh god MS is trolling hard!

  • Delta470

    Google is the new Big Brother.

  • Raj Malhotra

    Well I am sure it must be an honest mistake but it really came at a wrong time (MS-Samsung deal and Google crying foul).

    Prepare for another ‘waah’ response from the nerds at Google.

  • Potato

    What a circlejerk.
    -_-

  • Amaneyden

    So whats the point here, what’s the problem. Anti-virüses delete malware , MSE is doing it right.

  • BigChiefSmokem

    I lawl’d

    Windows is now literally Chrome-less!!

    BTW I switched back to Firefox about two weeks ago, Chrome was great while it lastest but rushed updates have made it terribly unstable on my system. Oh Firefox Add-ons how I have missed thee… =D

    • phil jay

      FF is too much chrome for me… I’d love an chrome less chrome actually! But ultimatively IE9 and its pinning made me not look back too much, because it’s simple, fast and it works(im only missing css3 transitions).

    • http://twitter.com/kid_jenius Daniel Paulino

      if you customize it properly, FF can be almost chromeless. here’s a screen shot of my firefox http://imageshack.us/photo/my-images/28/firefoxsample.png/

    • phil jay

      I’m sure it’s possible, but for me it’s not the same, the costumization always has the one or the other drawback. But I like your version ;) I prefer integrated experience on the whole stack(Well that sure is possible with a bunch of FF addons, but then again you are running lots of third party code with your browser, which won’t help with stability).

  • http://www.mainstreetchatham.com/ JimmyFal

    Google everything is probably the #1 piece of software that I ask my customers about whether or not they installed it, and the ALWAYS tell me they don’t know how it got there. Google has been using scumbag deceptive tactics to get there “products” onto unsuspecting and not savvy users for YEARS. THANK YOU MS for pointing out the obvious. I freaking love the reaction to this story here, more than the story itself. THAT IS the story!

  • Anonymous

    So that’s what he mean by Chrome-less browsing.

  • Anonymous

    Look at all the MS fangirls! I was surprised that the “PC” didn’t BSOD while booting. Maybe MS should first start writing a stable code before doing anything for security. Clearly they are not doing anything to get back the lost market share in everything.

    • http://www.searingarrow.com AlienSix

      Your PC BSOD? In 2011? You need to get off XP and stop bitching.

  • http://twitter.com/abdhoms Abdulla Moh. Saeed

    I am using Microsoft Security Essentials.. Yeyyyy!!!
    Microsoft > Google :D

  • http://twitter.com/abdhoms Abdulla Moh. Saeed

    Good kill Microsoft. Good kill! :)