MSN showing malware ads

I was setting up a new machine on Friday and I started Edge to download some applications that were needed.

It showed the MSN start page, as usual. I accidentally clicked on one of the stories on the MSN page (remote control with Teamviewer lagged) and it opened up the story, which was dominated with an “ad” showing a Windows 10 dialogbox style image, saying that Windows 10 was damaged and needed resetting and an OK button.

I quickly pressed Ctrl+W until all browser windows were closed and the AV scan afterwards showed now infection.

But WTF? Why is Microsoft’s default homepage pushing malware at its users?

Conversation 12 comments

  • Piras

    20 January, 2019 - 7:00 am

    <p>Exact same thing happened to me yesterday!</p>

  • Paul Thurrott

    Premium Member
    20 January, 2019 - 8:30 am

    <p>Weird. You mean ads have a downside? :)</p>

  • TheJoeFin

    Premium Member
    20 January, 2019 - 9:39 am

    <p>Whoa that is a big flaw. Is it possible it was a Man-In-The-Middle attack?</p>

    • wright_is

      Premium Member
      20 January, 2019 - 3:34 pm

      <blockquote><em><a href="#398227">In reply to TheJoeFin:</a></em></blockquote><p>Very unlikey. Corporate network with modern firewalls and an https connection. </p>

  • jimchamplin

    Premium Member
    20 January, 2019 - 10:55 am

    <p>Rather frightening.</p>

  • infloop

    Premium Member
    20 January, 2019 - 6:01 pm

    <p>A likely case is that the ad server was compromised, therefore pushing it out to any browser that loads ads from it. Which means that big name sites like MSN end up with them on the page as well.</p><p><br></p><p>Also, curious, are there not Group Policy settings available to control these features in Edge on Windows 10? I would think that corporate IT would want to set them to turn these off.</p>

    • wright_is

      Premium Member
      21 January, 2019 - 12:14 am

      <blockquote><em><a href="#398270">In reply to infloop:</a></em></blockquote><p>This was during initial set-up, before it was added to the domain. </p><p>But what Group Policy setting stops a website from loading ads from a legitimate source?</p><p>The problem is, either the ad server was compromised, or, more likely, the ad-vetting is so lax that someone just paid for an ad to display the malware download link.</p><p>Google had a go at cleaning this up last year (I used to get such ads from Google, but for Windows XP).</p>

      • infloop

        Premium Member
        21 January, 2019 - 12:49 am

        <blockquote><em><a href="#398319">In reply to wright_is:</a></em></blockquote><p><br></p><p>Ah, I see, prior to adding to the domain.</p><p><br></p><p>I meant Group Policy settings to change the home page or to turn off the stuff that is being thrown on the new tab page on browsers these days. Maybe it's just me but I always found those annoying and turned them off whenever I could. Homepage is set to about:blank or selecting Blank Page in the preferences, depending on the browser.</p>

        • wright_is

          Premium Member
          21 January, 2019 - 2:59 am

          <blockquote><em><a href="#398322">In reply to infloop:</a></em></blockquote><p>Once in the domain, it gets the company's intranet as the homepage.</p><p>But it still doesn't alter the fact that Microsoft was serving up ads for malware.</p>

  • waethorn

    20 January, 2019 - 7:53 pm

    <p>Absolutely no surprise. After all, Windows 10 is turning into an advertisers paradise what with Microsoft selling out the platform to Amazon.</p>

  • James Burns

    20 January, 2019 - 10:05 pm

    <p>Get a real browser and stay away from MSN. It's been crap for several years now.</p>

  • karlinhigh

    Premium Member
    21 January, 2019 - 6:01 am

    <p>With all the hype about Big Data, Artificial Intelligence, Machine Learning, etc… WHY ON EARTH can't ad networks or browser makers block these things? Surely recognizing common pop-up methods with references to "support" for major tech companies isn't much harder than the ad-targeting work being done.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC