Microsoft tweaks antivirus after Chrome blocking

Microsoft has updated Security Essentials, Forefront and Defender after the antivirus software falsely identified Google's Chrome browser as Zeus banking malware.

The business and consumer products had been removing the web browser after tagging it as a variant of the Zeus banking Trojan. On Friday, Microsoft said the removal and blocking of its chief competitor's browsing software was a mistake.

"On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified and as a result, Google Chrome was inadvertently blocked and in some cases removed," Microsoft said in an advisory on Friday. "Within a few hours, Microsoft released an update that addresses the issue."

Millions of people have installed Security Essentials, according to Microsoft. The Chrome browser is gaining in market share — it has over 16 percent of the global market — while Microsoft's Internet Explorer is losing ground. Hundreds of commentators on Chrome blogs and user forums complained about Microsoft's removal of Chrome on Friday.

Initially, Microsoft said it believed 3,000 people had been affected by the glitch. On Monday, however, it told ZDNet UK that it expects to revise that figure.

Manual update

People need to manually update their Microsoft security software to prevent the Chrome blocking, and they can do so by visiting the Malware Protection Center. Microsoft's security updates with the signature 1.113.672.0 and higher will apply the fix, the company said.

For its part, Google also updated the stable version of Chrome, to version 14.0.835.187, on Saturday. "These updates should help repair Chrome installs that were broken due to the issue with Microsoft Security Essentials," Google Chrome programme manager Jason Kersey said in a blog post.

On its official Google Chrome blog, the company gave a detailed description of how to update Microsoft Security Essentials signature files.

'JackyH', a Chrome help forum moderator, advised people to be cautious about allowing exceptions for Zeus in Microsoft security software, given that Zeus is an active data-stealing Trojan.

Some IT teams reacted promptly to the false identification of Chrome as a Trojan. For example, the staff at European physics research centre Cern deployed the corrected Forefront signatures within five hours of their release on Friday.