For a few days since last week, the rogue software known as WinFixer was being served to Windows Live Messenger and MSN Groups users by MSN’s advertising service at rad.msn.com.
Internet Explorer MVP Sandi Hardmeier investigated the reports of the spyware being in Windows Live Messenger, which has also plagued Messenger Plus! Live’s sponsor and social networking Web site MySpace.
Microsoft later apologized for incident issuing the following statement:
Microsoft was notified of malware that was being served through ads placed in Windows Live Messenger banners. As a result of this notification we immediately investigated the reports and removed the offending ads, as this is a violation of our ad serving policy. We can confirm that the ads are no longer being served by any Microsoft system. We apologize for the inconvenience and are reviewing our ad approval process to reduce the chance of an occurrence such as this happening again. To help customers protect their PCs from malware threats, Microsoft recommends customers follow our Protect your PC guidance at www.microsoft.com/protect.
The best way to avoid being infected by software like this is to disregard advertisements that contain:
- Free offers
- Anti-virus
- Firewalls
- PC scans
- PC optimization
- Screen savers
- Warnings or threats
Warnings or threats in advertisements may include claims of your computer being infected, or a report of the number of viruses on your computer. The reality is, advertisements like this cannot scan your computer from a Web page like it claims, they are purely psychological - to get you to click the ad and install the software.
The safest way out of a popup or dialog is to simply click the X close button at the top right, never click OK or any similar buttons inside the window. Clicking OK will almost always result in you getting nasties on your computer.
As Sandi recommends in her article, download and install Mike Burgess’s HOSTS file to block out dodgy ads.
