Microsoft tries to turn its own security flaw into commercial gain

“It looks like Microsoft tried to get a little benefit for itself when it repaired a serious security flaw,” Stephen H. Wildstrom reports for BusinessWeek. In early February, “Microsoft released a patch for a ‘critical’ vulnerability in MSN Messenger [that] went a bit further than was strictly necessary. During the course of installing of the update, the user is offered several options unrelated to security, one of which is ‘Make MSN My Home Page.’ It is checked by default. So if you don’t pay close attention — and you should always pay close attention to these options when doing any sort of installation — the next time you start IE, your home page will have changed. This is perilously close to the browser hijacking that’s a characteristic of many spyware programs.”

“Microsoft should be ashamed of itself for trying to turn its own security flaw to its commercial gain. There’s no reason to believe that customers installing a mandatory security fix also want to change their browser home page to an MSN portal, and there’s even less excuse for trying to spring a change on the unwary,” Wildstrom reports. “Interestingly, the test version of Microsoft’s new AntiSpyware program does something similar. When it detects a browser hijacking, it attempts to change the home page to MSN rather than to a blank page or a page of the user’s choosing, in effect, hijacking the already hijacked page. It’s Microsoft’s privilege to set MSN as the default home page for Internet Explorer, but if the customer decides to change the setting, Microsoft should respect the choice and stop looking for sneaky ways to change it back.”

Full article here.

MacDailyNews Take: Anyone on Earth surprised?

29 Comments

  1. Beep Beep!!

    On Jupiter, we’re not surprised either.

    P.S. When are Apple going to open iTMS Callisto?

    Beep Beep!!

    MDN Magic Word “Attack”.

    The chanc-es of any-thing com-ing from Mars….areamilliontoone he seeeeed.

  2. Do you remember when Microsoft use to weld the MSN icon to the Windows desktop? My old Win95 PC had that problem. It was when I downloaded Internet Explorer 4 and installed (back in the ’90s of course) and it installed that MSN (Orange and White) icon to the desktop that you couldn’t delete, you actually had to go into the Registry to get rid of it.

    It seems that Microsoft’s tactics haven’t changed.

  3. I will give them one thing. i was glad to see them have an option in their antispyware to turn it back to MSN as the homepage. Sure it was a problem them made in the first place. But when I run the Microsoft Antispyware on all the computers at work I am glad that it gives as option to return all the defaults to MSN and Microsoft stuff. It really saves the hijacked Explorers

    (Yes, I know that this is a whole different matter. As for the topic at hand? I think it’s poo poo.)

  4. I’m not up on the lastest legislation, but isn’t there anti-spyware legislation in place whereby spyware authors can be charged?

    If so, Microsoft should be charged – this is beyond shameful.

    Why is it that aggressive, rip the meat off the bones lawyers become completely chicken when it comes to Microsoft?

    magic word: amount – what amount of money is needed to get lawyers to do the right thing here? Have you checked m$’s bank balance?

    (uncanny how applicable these magic words often are)

  5. You know, I like to look at how a CEO looks, I think that the way they take care of themselves is a reflection on how they take care of their company.

    Steve Jobs looks in great shape, he is slim, tall, and during almost all of every keynote I have ever seen him do, he was standing and walking around the whole time. He is a vegetarian, something that requires a lot of work to maintain (I know, I’ve tried). When you look at him, you get this sense that you are really going to like him.

    Bill Gates is thin, pale, and has almost no muscle on his body. During his keynote, he was sitting down, slouched over, pointing at things and making all of his gestures in the small bubble around his face (a good indication that someone is lying).

  6. What can I say – TYPICAL MICROSOFT!

    And they wonder why they get sued!

    A classic example of their covert way of taking over market share – Google should sue their ass over this!!!

    Just made me remember why I have always used macs!!

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.