Wednesday, September 30, 2009

Microsoft Security Essentials SEO Poisoning

Malware authors are hoping to cash in on the interest consumers have about the newly-released Microsoft Security Essentials (MSE) software from beta. As a result, they have used Search Engine Optimization (SEO) techniques to poison the search results for MSE. Websense Security Labs™ published the following alert:

“Microsoft Security Essentials SEO Poisoning
Date:09.30.2009
Threat Type: Malicious Web Site/Malicious Code

Malware authors have used Search Engine Optimization (SEO) techniques to mix rogue search results in with legitimate results. For example, one of the rogue links is directly under a MSDN blog entry discussing Microsoft Security Essentials. The rogue redirects are hosted on compromised Web sites, including a Canadian publisher's Web site and the British Travel Health Association.”

Play it safe. Carefully check the links in search results. Always go to the vendor source for software. MSE can be downloaded directly from the dedicated Microsoft web site at http://www.microsoft.com/security essentials

Use Protected Mode with IE7 and IE8. With protected Mode on both Windows Vista and Windows 7, neither user nor system files and settings can be modified without user consent. With Protected Mode any activity that tries to put something on your machine or start another program requires you to confirm.

Reference:

Websense Security Labs™: Microsoft Security Essentials SEO Poisoning


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

No comments: