Microsoft's Live launches malware detection service for webmasters

Playing catch-up with Google's Safe Browsing diagnostic, Google's warnings for potentially hackable sites, and Yahoo's SearchScan introduced through their partnership with McAfee, Microsoft's Live Search has updated their Webmaster tools to offer detection for embedded malware. Moreover, as a late entrant they simply had to differentiate, and they did it in the form of providing outbound links check for whether or not the ongoing links have also been embedded with malware. What is the feature capable of anyway?

"As a site owner, having malware on your site, or even just linking to other sites whose pages contain malware, can harm your customers. At a minimum, this may prevent your customers from being able to access the content on your site from search results pages. With the updated Crawl Issues tool in Webmaster Center, you will be able to :

- Determine whether any malware has been detected on any of your webpages - Download offline-accessible reports detailing which webpages on your website are affected by the detected malware - Determine whether any malware has been detected on any of your outbound links - Download offline-accessible reports detailing which webpages on your website contain links to external pages containing detected malware"

Let's take the feature for a ride. Live Search's Webmaster tool correctly identified that Dental Clinic - India - Gurgaon - Allahabad has been embedded with malware (sahajdental .com/dentist.htm) where once deobfuscated the javascript obfuscation attempts to load sahajdental.com/a37f88e1b18c1a96 .axa3.cn and adwords.google.com.upload.main.update .kliauj.cn, where despite that the main indexes are returning "Account suspended" notices, the malware campaigns within the sites are still active. Google's Safe Browsing diagnostic and Yahoo's SearchScan didn't picked it up, which is a "good" sign in the sense that competition between these free services ultimately serves the webmaster and the average Internet user.

And while the tool delivers what it promises, one question remains unanswered. When are they going to integrate the feature within Live Search, considering that users of Microsoft's search engine have always been exposed to malicious sites served through black hat search engine optimization? Hopefully soon, as pitching it as a service for webmasters naively assumes that a huge percentage of them are going to take care of the security of their own sites. Factual evidence in the form of the millions of SQL injected sites during the outbreaks from the last couple of months proved that the self-auditing mentality has a long way to go. In its current form, the service is handy, and in combination with other freely available tools for webmasters keeping an eye on their sites, it's prone to make an impact.

However, Microsoft's web properties remain heavily abused by malicious attackers directly breaking Microsoft's CAPTCHA -- again again and again -- or outsourcing the bogus account registration process so efficiently that hundreds of thousands of bogus Live spaces act as infection vectors and redirectors to malware serving sites. The most recent example was the systematic syndication of popular Google Trends keywords, where the syndicated keywords (download a complete list of the Windows Live Spaces participating) were automatically appearing at Windows Live Spaces and redirecting to fake codecs (Zlob malware variants).

In short - the best benchmark for its actual applicability on a large scale would be its integrating within Live Search, next to running it internally across all of Microsoft's web properties, Live Spaces in particular.