Malware authors are hoping to cash in on the interest consumers have about the newly-released Microsoft Security Essentials (MSE) software from beta. As a result, they have used Search Engine Optimization (SEO) techniques to poison the search results for MSE. Websense Security Labs™ published the following alert:
“Microsoft Security Essentials SEO Poisoning
Threat Type: Malicious Web Site/Malicious Code
Malware authors have used Search Engine Optimization (SEO) techniques to mix rogue search results in with legitimate results. For example, one of the rogue links is directly under a MSDN blog entry discussing Microsoft Security Essentials. The rogue redirects are hosted on compromised Web sites, including a Canadian publisher's Web site and the British Travel Health Association.”
Play it safe. Carefully check the links in search results. Always go to the vendor source for software. MSE can be downloaded directly from the dedicated Microsoft web site at http://www.microsoft.com/security essentials
Use Protected Mode with IE7 and IE8. With protected Mode on both Windows Vista and Windows 7, neither user nor system files and settings can be modified without user consent. With Protected Mode any activity that tries to put something on your machine or start another program requires you to confirm.
Websense Security Labs™: Microsoft Security Essentials SEO Poisoning