February 13, 2006 2:37 PM PST

Microsoft flagged Symantec software as spyware

Microsoft has corrected a mistake in its anti-spyware product that flagged some Symantec security tools as malicious software.

The problem occurred after Microsoft pushed out an update for Windows AntiSpyware last Thursday night. The updated software identified a Windows registry key set by the Symantec products as belonging to password stealing malicious software known as Bancos, Microsoft and Symantec said in a joint statement Monday.

On detection of the registry keys, Windows AntiSpyware alerted the user and suggested deletion of the keys. "The deletion of these registry keys will cause all versions of the SAV (Symantec AntiVirus) and SCS (Symantec Client Security) software to stop operating correctly," Microsoft and Symantec said in the statement.

The issue affects users of Microsoft's Windows AntiSpyware Beta 1 and various versions of the Symantec security software for corporate users, the companies said. Users of Symantec's Norton-branded consumer products are not affected. Symantec and Microsoft believe only a small number of customers were affected.

Microsoft released a new update for its product on Friday morning to fix the problem. Symantec and Microsoft have prepared a tool to repair installations of Symantec's software that were affected. The tool is available at no charge from Symantec's support department, the companies said.

Though still in beta, Windows AntiSpyware is one of the most popular downloads from Microsoft's Web site and is widely used. The software has been downloaded about 25 million times, according to Microsoft.

This is not the first problem with Windows AntiSpyware. Last year Microsoft publicly apologized and compensated Dutch Web directory Startpagina.nl, one of MSN's main competitors in the Netherlands, after the software giant's anti-spyware product incorrectly flagged the site as malicious.

Windows AntiSpyware is designed to protect PCs against malicious software, including spyware, which is software that's installed on a system to watch the user's activity without his or her knowledge.

Windows AntiSpyware was renamed Windows Defender last year. The product will bear that name when the second beta version ships, which is expected soon. Windows Defender already exists in the latest preview release of Windows Vista, the successor to Windows XP due out later this year.

See more CNET content tagged:
Symantec Corp., malicious software, anti-spyware, Microsoft Corp., spyware

12 comments

Join the conversation!
Add your comment
FUD
This isn't news. This is FUD and nothing more. Just looking at the headline screams that Cnet has run out of interesting stories (or talented writers). This is a problem with a BETA product that most likely would only have encounted Symantec's corporate software on a corporate test setup, if at all. Obviously this affected only a tiny number of users. It was then fixed immediately followed by a joint statement by both companies explaining the mixup. Not news. FUD!!!!
Posted by mortis9 (370 comments )
Reply Link Flag
well
it could have been worse. I experience problems with symantec and mcafee products daily as those programs cause lots of problems with Outlook, Outlook express, thunderbird, and other email client programs.
Posted by techguy83 (295 comments )
Link Flag
it IS news
Reporting on flaws of beta or early-version software or electronic products *is* news. It's only FUD if the news is false, and in this case, it is not.

Your claim of it affecting a "tiny number of users" is unsubstantiated and likely untrue given that 25 million people have downloaded the beta. Symantec and Microsoft said a "small" number of users was affected, and to a corporation seeking to spin a bad PR situation, "small" could be tens of thousands. Especially since they didn't give an actual figure.
Posted by NickEP (11 comments )
Link Flag
Ben Schwartz = ......
M$ fanboy!!!! What, Billybob got you by the member?

F - fear of Microsoft is healthy
U - uncertainty is what you get by using their products
D - doubt the notion that they have your interests in mind

Nothing is FUD when it comes to questioning this company!!!!!!
Posted by (57 comments )
Link Flag
Speaking of FUD
The fact is (even if you don't like it) that a MS product (even in beta) is falsely reporting a legitimate product as spyware. I don't think it can become more FUD-dier.

One could think it can be a mere mistake, but given the track record of MS, I wouldn't be so sure of it.
Posted by Steven N (487 comments )
Link Flag
not unsurprising, horses for courses!
not unsurprising or unexpected, since symantec, took far too long to react to Sony's deliberate cyber terrorism attack on all pc's with xcp's hidden rootkit , RANDOM BSoD of '05 affair , and were among the last to react, due to their own hidden rootkit's!

well at least M$, is at least trying root out the rootkit people! , so as to speak, for now!

Symantec's A-V, is not the cutting edge it could be, and seems to be of one where the customer is always last!

horses for courses!
Posted by heystoopid (691 comments )
Reply Link Flag
link to fix?
on Microsoft and Symantec sites I cannot find the fix for this. Where is the tool?
Posted by ChazzMatt (169 comments )
Reply Link Flag
Corrected
I like to hear that microsoft has to correct a mistake in its anti-spyware product that flagged some Symantec security tools as malicious software.
<a class="jive-link-external" href="http://www.referate-romana.com/referate/Marin-Preda/page1.php" target="_newWindow">http://www.referate-romana.com/referate/Marin-Preda/page1.php</a>
<a class="jive-link-external" href="http://www.referate-romana.com/referate/George-Bacovia/page2.php" target="_newWindow">http://www.referate-romana.com/referate/George-Bacovia/page2.php</a>
Posted by mess487 (5 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.