Google malware warning system alerts users about infections

Hillary O’Rourke, Contributor

Published: 21 Jul 2011

Google is instituting a new malware warning system to alert users that their computer may be infected with malware.  

We hope that by taking steps to notify users ... we can help them update their antivirus software and remove the infections

Damien Menscher, Google security engineer.

The new feature was implemented after Google detected an issue on its servers related to multiple malware infections.The new Google malware system displays a message to users at the top of the Google search results page when it detects possible issue.

The search engine giant decided to take action after discovering unusual search traffic while performing routine maintenance on one of their data centers, according to Damien Menscher, a Google security engineer.

“This particular malware causes infected computers to send traffic to Google through a small number of intermediary servers called ‘proxies,’” Menscher wrote in a blog post announcing the new Google malware warning feature.

The malware only affects computers running Microsoft Windows. When detected by Google’s system, it is likely that the computer is, or was previously, infected with the malicious software, Menscher wrote.

Some malware may alter the victim’s computer settings, redirect some traffic to a malicious server controlled by the attacker and can taint search results, according to Menscher. Tainted search results can lead people to malicious webpages and trick users into downloading rogue antivirus software.

The move is reportedly the first time Google is taking proactive measures to detect and warn users about malware infections. Microsoft is advocating a plan to get ISPs to be more proactive in scanning and alerting users to infections.

Trustworthy Computing Vice President  Scott Charney advocated for more proactive measures at his RSA Conference keynote in March. In his keynote he said ISPs should use more aggressive network access control measures for inspecting and cleaning computers before allowing them onto the Internet.

Google will not block infected users from accessing its search function. The company will provide recommendations to users for scanning systems for malware, how to remove infections, and information about why the victim may have been infected in a Google Help Center document.

 “We hope that by taking steps to notify users whose traffic is coming through these proxies, we can help them update their antivirus software and remove the infections,” Menscher wrote.

Source URl:-http://searchsecurity.techtarget.com/news/2240038758/Google-malware-warning-system-alerts-users-about-infections?asrc=EM_NLN_14500439&track=NL-102&ad=841386&

Republised By:-

TheSSLstore.com is the platinum partner authority of major SSL certificates such as VeriSign, GeoTrust, RapidSSL, and Thawte on Global Scale. Being Pioneer in SSL security certificate solutions for Standard SSL Certificates, High Assurance Certificates, Wildcard SSL Certificates, SAN Certificates, SGC Certificates, EV SSL Certificates, and Code Signing Certificates, TheSSLstore provides RapidSSL Wildcard, Thawte SSL123, and GeoTrust QuickSSL Premium SSL Certificates at the lowest price to secure ecommerce Community globally.

Improving SSL: Extended Validation (EV) SSL Certificates

Hi, I’m Kelvin Yiu, a program manager with the Windows Crypto team, and I’m very excited to be posting today on the IE blog, announcing plans to make Extended Validation SSL OR EV SSL Certificates available in January 2007.

For over a year, we’ve been working on shaping the form of the next generation SSL (Secure Socket Layer) Certificates, so that they not only provide encryption but also a standard for identity on the Internet. For that purpose we teamed up with many Certification Authorities (CAs) and Internet Browsers to create the CA/Browser forum, tasked with the creation of these next-generation Certificates, called EV SSL Certificates.

The CA/Browser forum has provided a great service, and has helped evolve the EV SSL guidelines to their current Draft 11. We feel very strongly that the current version of the EV SSL guidelines provides tremendous value to help protect consumers from phishing, while maintaining compatibility with existing browsers.

Recently, we invited all the members of the CA/Browser forum to join us in supporting EV SSL Certificates based on the current guidelines, and at this time I wish to extend the invitation to all CAs interested in participating. The industry response has been very strong, and many CAs such as Verisign (including Thawte and GeoTrust), CyberTrust, Entrust, GoDaddy, QuoVadis, XRamp, SecureTrust and DigiCert have already expressed their intention to support EV SSL Certificates now, while other CAs such as Wells Fargo have expressed strong support for our efforts to drive EV Draft 11 forward. Browsers, such as KDE and Opera, are also planning to add support for EV Draft 11 in future versions of their software.

Starting at the end of January 2007, we will make the necessary updates to Windows, so that IE7 will recognize EV Certificates and modify the display accordingly (with a green background for the address bar, as well as embedded identify info, as shown in Figures 1 and 2, from Rob’s earlier post). This will mean that businesses can now assertively establish their online identity and make it visible to consumers who transact with them. Additionally, consumers will now have a new level of trust in their online transactions, because visible feedback on the identity of the business they are transacting with is readily available.

Fig 1: IE7 address bar for a site with a Extended Validation SSL certificate
(showing the identity of the site from the SSL Certificate)

Fig 2: IE7 address bar for a site with a Extended Validation SSL certificate(alternating in the name of the Certification Authority who identified the site)

We do not expect EV SSL Certificates to eradicate the phishing problem, but we are convinced that it is a significant step forward in protecting consumers. EV SSL Certificates provide tremendous value to Internet users today, and the industry will keep evolving the guidelines to keep pace with the changing Internet landscape.

Source URL:-http://blogs.msdn.com/b/ie/archive/2006/11/07/improving-ssl-extended-validation-ev-ssl-certificates-coming-in-january.aspx