Users need to apply signature versions 1.113.672.0 by refreshing MSE

Oct 3, 2011 11:31 GMT  ·  By

Microsoft Security Essentials 2.1 has been updated in order to resolve a false positive involving Google’s open source browser, Chrome. At the end of September 2011, MSE 2.1 began incorrectly detecting Chrome as malware, notifying users that they were infected with PWS:Win32/Zbot.

Microsoft Security Essentials 2.1 recommended that users remove the newly identified piece of malicious code, and deleted Chrome for those that agreed to get rid of PWS:Win32/Zbot.

Furthermore, the Redmond company’s free security solution for Windows also blocked installations of Chrome, warning users that their machines were at risk of infection from PWS:Win32/Zbot.

Once users began complaining about the issues they were coming across with Microsoft Security Essentials and Chrome, the software giant confirmed the problem and reacted quickly to resolve it.

The signatures of Microsoft Security Essentials were updated, and provided that the refresh is installed, Chrome is no longer detected as PWS:Win32/Zbot.

“On September 30th, 2011, an incorrect detection for PWS:Win32/Zbot was identified and as a result, Google Chrome was inadvertently blocked and in some cases removed. Within a few hours, Microsoft released an update that addresses the issue,” the company said.

“Signature versions 1.113.672.0 and higher include this update. Affected customers should manually update Microsoft Security Essentials with the latest signatures. After updating the definitions, reinstall Google Chrome. We apologize for the inconvenience this may have caused our customers.”

It sounds like this was simply a case of false positive due to incorrect virus signatures. According to AV-Test, Microsoft Security Essentials is one of the top security solutions worldwide efficiency-wise.

This means that MSE usually has a very low number of false positives, false warnings and false blockings, zero in fact, the vast majority of the time.

Here is what MSE 2.1 was thinking it was detecting instead of Chrome: “PWS:Win32/Zbot is a password-stealing trojan that monitors for visits to certain websites. It allows limited backdoor access and control and may terminate certain security-related processes,” Microsoft said.

Microsoft Security Essentials (MSE) 2.1 is available for download here.