Sometimes old news is funny news and this one falls into that category. On Friday the 30th of September a new malware definition database for Microsoft’s Security Essentials (that comes with almost every current version of Windows) began mistakenly (?) identifying Google’s Chrome Web Browser as a form of Malware known as Win32/Zbot. As a result it either blocked or removed Chrome from the “infected” system.
Now Win32/Zbot is a nasty little piece of malware that is known to steal passwords and other personal information. According to information about Zbot in the internet it is capable of grabbing FTP passwords, E-Mail passwords, lowering security on IE, FireFox and other browsers other malicious activities. Microsoft quickly released an updated signature database that corrects the false positive, but it is also worth mentioning that Google released an updated version of Chrome as well.
My question is this, if Chrome was not exhibiting any “unwanted” behaviors then why change it? After all Microsoft released an updated engine to prevent it from being removed unintentionally. Perhaps it has something to do with the way that Chrome scavenges user data and stores browsing history (even if the user tells it not to). Since its release there have been concerns over the way Chrome caches browsing history, passwords and other sensitive user information. In fact in the early releases we tracked the software writing to the System Volume Information folder and then sending this data back to Google serves. We have heard that this behavior is no longer happening but have not tested the latest versions.
Unless I have completely missed the mark I have a feeling that there is a little bit of truth to the accidental identification of Chrome as a Malware and that Google had to respond to prevent other Malware prevention software from finding the same thing. Meanwhile many IT departments still prohibit the use of Chrome for security reasons… you be the judge on this one.
Discuss this in our Forum