“It looks like Microsoft tried to get a little benefit for itself when it repaired a serious security flaw,” Stephen H. Wildstrom reports for BusinessWeek. In early February, “Microsoft released a patch for a ‘critical’ vulnerability in MSN Messenger [that] went a bit further than was strictly necessary. During the course of installing of the update, the user is offered several options unrelated to security, one of which is ‘Make MSN My Home Page.’ It is checked by default. So if you don’t pay close attention — and you should always pay close attention to these options when doing any sort of installation — the next time you start IE, your home page will have changed. This is perilously close to the browser hijacking that’s a characteristic of many spyware programs.”
“Microsoft should be ashamed of itself for trying to turn its own security flaw to its commercial gain. There’s no reason to believe that customers installing a mandatory security fix also want to change their browser home page to an MSN portal, and there’s even less excuse for trying to spring a change on the unwary,” Wildstrom reports. “Interestingly, the test version of Microsoft’s new AntiSpyware program does something similar. When it detects a browser hijacking, it attempts to change the home page to MSN rather than to a blank page or a page of the user’s choosing, in effect, hijacking the already hijacked page. It’s Microsoft’s privilege to set MSN as the default home page for Internet Explorer, but if the customer decides to change the setting, Microsoft should respect the choice and stop looking for sneaky ways to change it back.”
Full article here.
MacDailyNews Take: Anyone on Earth surprised?
Beep Beep!!
On Jupiter, we’re not surprised either.
P.S. When are Apple going to open iTMS Callisto?
Beep Beep!!
MDN Magic Word “Attack”.
The chanc-es of any-thing com-ing from Mars….areamilliontoone he seeeeed.
Do you remember when Microsoft use to weld the MSN icon to the Windows desktop? My old Win95 PC had that problem. It was when I downloaded Internet Explorer 4 and installed (back in the ’90s of course) and it installed that MSN (Orange and White) icon to the desktop that you couldn’t delete, you actually had to go into the Registry to get rid of it.
It seems that Microsoft’s tactics haven’t changed.
I swear, I HATE Microsoft. The deviant behavior is going to ultimately be its demise.
I will give them one thing. i was glad to see them have an option in their antispyware to turn it back to MSN as the homepage. Sure it was a problem them made in the first place. But when I run the Microsoft Antispyware on all the computers at work I am glad that it gives as option to return all the defaults to MSN and Microsoft stuff. It really saves the hijacked Explorers
(Yes, I know that this is a whole different matter. As for the topic at hand? I think it’s poo poo.)
Yeah but he didn’t think Mars had any water
All your homepage are belong to us . . .
I’m not up on the lastest legislation, but isn’t there anti-spyware legislation in place whereby spyware authors can be charged?
If so, Microsoft should be charged – this is beyond shameful.
Why is it that aggressive, rip the meat off the bones lawyers become completely chicken when it comes to Microsoft?
magic word: amount – what amount of money is needed to get lawyers to do the right thing here? Have you checked m$’s bank balance?
(uncanny how applicable these magic words often are)
You know, I like to look at how a CEO looks, I think that the way they take care of themselves is a reflection on how they take care of their company.
Steve Jobs looks in great shape, he is slim, tall, and during almost all of every keynote I have ever seen him do, he was standing and walking around the whole time. He is a vegetarian, something that requires a lot of work to maintain (I know, I’ve tried). When you look at him, you get this sense that you are really going to like him.
Bill Gates is thin, pale, and has almost no muscle on his body. During his keynote, he was sitting down, slouched over, pointing at things and making all of his gestures in the small bubble around his face (a good indication that someone is lying).
What can I say – TYPICAL MICROSOFT!
And they wonder why they get sued!
A classic example of their covert way of taking over market share – Google should sue their ass over this!!!
Just made me remember why I have always used macs!!
Who cares…
Everybody buys Macs today. Nobody buys PC´s.
The sole purpose of this is to take away market share away from Googles search technology.
Surprise, surprise – guess what is at the top of the MSN homepage… yep you guessed it – MICROSOFTS NEW SEARCH OPTION!
So is this part of MS’s new branding program…they need a new agency. The ads running on TV to change are way so lame. Now they want to change you without knowing it. Brother Gates is the Orwellian character me thinks.
Ths is AWESOME! It shows that MS hasn’t learned anythying and the ship will continue to sink. By the time they learn the lesson, Apple will have 30-40 percent marketshare..
Microsoft being sneaky and unscrupulous. So what’s new?
Who is this Microsoft that everyone is talking about? They must be in the computer business, right? Oh wait, they make that second rate media player I deleted from my Mac the other day. I wonder why I installed that to begin with?
Well…
In their defense, keep in mind what the situation is. The browser has been hijacked–the home page points somewhere it shouldn’t. You certainly do not want the browser to keep pointing at that page because it’s likely that it will re-infect the machine. You don’t want it to point at an empty page because that will confuse people who are used to the page coming up with at least some data. (Tech support call: “I ran your clean-up program and now I can’t get data off the internet. When I run Internet Explorer, a blank page comes up.”)
It should come up with a page that can be assured of not re-infecting the machine. That’s MSN.com.
This crap from MS just takes the cake. And they are still getting away with it. Dumb-ass users seriously don’t give a @!#$ obviously. They just put up with it. I don’t know how many times I’ve been nearly screwed over by such tactics when I install MS stuff.
The fact that MS has to resort to such tactics suggests an inferiority complex.
I hope Apple doesn’t start doing this crap (haven’t noticed in the past and there’s no reason to assume they will in future). I do remember a long time ago Apple tying you into their stuff…e.g. you needed their keyboards etc, but things have certainly changed on that front. However, with the amount of software they are producing lately, it seems Apple made products are the way to go anywya (but this is hardly something to complain about – if software from the likes of Microsoft, Adobe, Macromedia etc. won’t improve their products, who’s fault is that??)
Aren’t they also trying to profit from their lack of OS security? Apple doesn’t make anti-virus or anti-spyware because their OS needs no such things. Microsoft on the other hand are releasing what are pretty much third party applications to fix the wholes in Windows from the outside….
For the fun of it, I just did a Microsoft Search for my name. It showed some photo awards I won, some news pages with my photos, even my SETI statistics. But unlike every other search engine that put it on top, it made NO mention of my .mac photo pages.
This is not a criticism, it did find some cool new stuff, I just thought it was interesting.
I hate to say but I agree with Peter on this one.
A blank page would have most users (not all of course) thinking the “internet” is turned off some how. Most users only know how to log on and do the few tasks they need to do. Nothing more.
And MSN is the only site that M$ can direct to that they control the content. Why would they direct users to someone else’s wares.
If apple.com is down for maintenance, they don’t direct users to Alienware.
LOL Guy from Finland
” width=”19″ height=”19″ alt=”LOL” style=”border:0;” />
I agree with username about the condition of the CEO and the state of the company – SJ looks good, Steve Ballmer looks like a heart attack waiting to happen.
Anyway, like someone said above, no one buys PC’s anymore, everybody buys Macs.
Jerry T and Peter:
What are you talking about? This is an MSN Messenger patch for an exploitation that has nothing whatsoever to do with Internet Explorer. There is no good reason to change the IE homepage setting, other than for a cheap marketing ploy to get people to accidently try their search engine and to take advantage of the unwary who don’t know how to change these sorts of settings back. I think it’s horrendous, but fortunately since BusinessWeek picked it up it may backfire on them.
ED-
My apologies, I miss read. I thought this was some kind of IE “and” messenger spyware fix.
My statement above only applies to “hijacked” browser fixes.
No company, even M$ can be expected to direct people to a competitor.