madison
Home / News & Blogs

Microsoft to fix Bing spam bug

Elinor Mills CNET News | October 22, 2009 5:04 AM PDT

Summary

Microsoft announced that it is fixing a bug in Bing that previously allowed spammers to bypass spam filters and distribute malicious links.

Topics

Spammer, Webroot Software Inc., Spam Filter, Microsoft Corp., Security, Spam And Phishing, Microsoft, spam, Bing, Elinor Mills CNET News
Microsoft announced on Wednesday that it is fixing a bug in Bing that previously allowed spammers to bypass spam filters and distribute malicious links.

Researchers at Webroot Software discovered a spam campaign earlier this week that used the search engine's own redirection mechanism and a link-shrinking technique to send people to spam web pages, according to a post on the Webroot threat blog.

The problem stems from how Bing formats links in RSS feeds. The redirect from Bing to the spam site is not obfuscated, which has allowed scammers to append anything to the end of the Bing redirect URL and thus trick spam filters, said Andrew Brandt, a threat researcher at Webroot.

For more, read "Microsoft fixing Bing bug that aided spammers" from CNET News.

Talkback Most Recent of 13 Talkback(s)

  • MS hauls in exploits ...
    Nothing but bad things stem from using anything
    related to this company.
    ZDNet Gravatar
    Christian_<><
    22nd Oct 2009
  • Narrow minded.....
    Ok..... Fact: it produces the worlds most popular OS software

    Reason: usability


    I guess the billions of users who want an OS/software that is easy to use/install have made some catastrophic mistake.....
    ZDNet Gravatar
    jonesyx2
    23rd Oct 2009
  • Narrower minded..
    ..you do know that there are much easier to use
    OSs out there, don't you?
    ZDNet Gravatar
    AzuMao
    26th Oct 2009
  • Fact
    Ok..... Fact: it produces the worlds most popular OS software

    Reason: Almost zero competition for 25 years maintained by cushy deals with OEMs preventing any other O/S being available pre-loaded for consumers to choose from.
    ZDNet Gravatar
    AndyPagin
    27th Oct 2009
  • RE: Microsoft to fix Bing spam bug
    @Christian_ Bing.com is Spam. I use an email account with hotmail, I can't stand the fact it defaults to msn.com/ Bing.com Either way, I can't use their site. Bing.com is Spam.
    ZDNet Gravatar
    ryanfillmore
    7th Jan 2011
  • Write news stories on all the bugs I'll fix toady
    please!
    ZDNet Gravatar
    HollywoodDog
    22nd Oct 2009
  • You will fix toady?
    Oh is that like Toadstool from the Super Mario Bros. game?
    ZDNet Gravatar
    Loverock Davidson
    22nd Oct 2009
  • No it's..
    ..TOADY GRAHAMS!
    http://www.wackypackages2007.com/images/ANS3/2-
    toady-grahams.jpg
    ZDNet Gravatar
    AzuMao
    27th Oct 2009
  • RE: Microsoft to fix Bing spam bug
    No problem, Microsoft is aware and will fix the issue. Now that is customer service from a company that cares. Try having the leading competitor do that, you will get absolutely no response from them.
    ZDNet Gravatar
    Loverock Davidson
    22nd Oct 2009
  • Where is there any mention
    of a competitor? Is this like how every product advertises that they outperform the leading national brand but no one seems to know who that is?

    You have to give more details than "the leading competitor" or it is just empty marketing retoric that avoids substantiating claims. You would never be guilty of that would you?

    Still, shouldn't MS, the most powerful and resource rick IT company in the world, be called to task for such a bug or is this something that only anyone but MS should be called to task for?
    ZDNet Gravatar
    Viva la crank dodo
    22nd Oct 2009
  • With MS's vast resources,
    how come this continually happens? They release
    a new app/os to the world and it invariably has
    security holes. If Bing was a car, they would
    be forced to recall every last one of that
    model to fix it, and would likely get heavily
    fined as well.

    They release a new app and within weeks, if not
    days, some bored teenager finds a security hole
    that has somehow been missed by their own
    highly paid and supposedly highly skilled
    programmers and testing staff. Every *******
    time.

    And I'm not writing this as a nix or mac
    fanboy. I use both Linux and Windows, and
    Windows 7 is tempting me away from Linux as my
    main desktop os.

    So why are MS allowed to sell a new os, say
    thanks very much for your $200, and by the way,
    as soon as you install it and go live, someone
    is going to hack in, steal your identity or add
    you to a botnet, but don't worry, we'll fix it
    on tuesday month?
    ZDNet Gravatar
    aspir8or
    26th Oct 2009
  • History
    MS started building OS's at a time when security wasn't an issue, so security has always been a layer bolted on top on a non-secure foundation. The only way to make windows/apps secure would be to start from scratch with a new secure OS & filing system. Unfortunately this would probably break countless thousands of existing apps. 'Having a tiger by the tail' is the expression that comes to mind.
    ZDNet Gravatar
    AndyPagin
    27th Oct 2009
  • They already broke countless apps. It was called "vista".
    ZDNet Gravatar
    AzuMao
    27th Oct 2009

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity