Microsoft AntiSpyware is Spyware?

6 comments
Thread Title:
Is Microsoft a Home Page Hijacker?
Thread Description:

A couple of weeks back, we reported on a sneaky M$ patch that was reseting users homepages to MSN.com as well as fixing bugs...

Now, Preston Gralla at O'Reilly points out that Microsofts AntiSpyware software does much the same thing, every time it blocks a homepage hijack!

How does it do this? In a devilishly simple and exceedingly misleading manner. When it detects that a hijacker is trying to reset your home page, it warns you and then asks whether you want to block the hijacker. When you answer yes, Microsoft AntiSpyware promptly blocks the hijacker. But it then does a hijack of its own and resets your home page to MSN.com.

If you dig deep enough, you can defeat AntiSpyware's home page hijacking. Choose Advanced Tools-->Browser Hijack Restore, and highlight Start Page. Click "Change restore settings to a new URL," type in your normal home page, then click OK. From now on, when Microsoft blocks a home page hijacking, it will let you keep your own home page, and won't do a hijacking on its own.

Quite astonishing....

Comments

How ballsy can they get?

WOW I can hardly believe my eyes.
It is almost like MSN got out of bed, read about what Google where doing and thought 'we can top that one'.

next thing they'll be blocking spam email at hotmail and letting you know

'You are receiving this email because Hotmail just block a SPAM email. If you are interested in discount Viagra we recommend http://viagra.msn.com

A Bit Misleading

Preston's comments are a bit misleading. During the first run of MS Antispyware app, you are asked to verify your Internet settings for the protection and restore functions. At that time it pulls up all the different settings and you verify if they are the correct ones you want (ie not already hijacked and changed by spyware) and it allows you to modify what is there to your correct settings if wrong. If you don't do this process then it will use IE's default settings as the restore information. For the default Start Page setting in IE, this is msn.com.

It sounds like Preston did not do this step prior to turning on the protection feature. So when a hijack attempt was detected and blocked it restored to msn.com. Why would they use potentially hijacked settings for restore information if a sysem is potentially infected?

I went into my copy of MS Antispyware under the Advanced Tools as quoted above. As I did the verify process when prompted initially, my correct start page was listed there (about:blank).

Besides

I believe all it can reset is the home page for IE, and who still uses that pile of feces?

A Bit Misleading

At the risk of a good kicking from the management, I would agree with that remark that its a bit misleading.

It would be wrong to try to draw too much of a parallel with the Toolbar Battle.

At best you never have the problem when installing M$ Anti Spyware (I installed it weeks ago, and honestly never recall having any problem - my start page is still about:blank too)

At worst you have to alter your start page back to what it was, and its a once off action - not the same as having your web traffic stolen in perpetuity by Google

Having read Querty's comment above, I am using Firefox, so that may well be why I never noticed it!

Thanks

for that Kellie-Ms B, it looks like this guy didn't do a thorough job eh?

Welcome to TW, do introduce yourself here:
http://www.threadwatch.org/node/1692

Nick

They're all at it

Just downloaded and installed Firefox update (1.01?) - unless you deselect a box at the end of the install, Firefox homepage becomes your homepage. Not sinister, not underhand, just daft.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.