June 17, 2015 By Shane Schick 2 min read

Long before the emergence of Google or Bing, it was the search engine known as Ask Jeeves, but a recent move by Microsoft led many in the security sector to believe it was labeling the Ask toolbar as malware with its Security Essentials product.

In a post published on Microsoft’s TechNet blog, the software company said its Security Essentials will now detect “search protection code,” which ultimately makes it recognize certain versions of the Ask toolbar as malware. Using the toolbar can affect the default search engine in a browser, restrict users from modifying their default search preferences and cause pages to load more slowly.

Initial reports suggested Microsoft was taking a shot at Oracle, which bundles the search product in the Windows version of Java, by classifying it as malware. However, WinBeta, among other sites, quickly updated their stories once Microsoft posted a clarification that Security Essentials does not consider the latest version of the Ask toolbar a piece of malware. Instead, the software giant said it was referring to an outdated version that 99 percent of users don’t have installed.

As they become outdated, products like the Ask toolbar are sometimes described by Microsoft and others as “unwanted software” or potentially unwanted programs. Usually designed to serve online ads or other content for commercial purposes, Infosecurity Magazine noted that these programs are increasingly viewed as an IT risk. A recent case in point is Superfish, the adware that was pre-installed on many Lenovo machines that caused a scandal for the way it was potentially harming users.

Even without Microsoft’s intervention, removing something like the Ask toolbar is something any computer user can do at any time. The problem, as The Register pointed out, is that the request to install it can come up every time someone updates Java, so it takes some discipline to remember and not agree.

Whether or not the latest version of the Ask toolbar is compliant with Microsoft policies, the whole issue raises some questions about how malware should really be defined. If it’s something that doesn’t infect your computer and steal data but simply changes default settings in a browser, a writer on SlashGear argued, there may be a need to educate older or less tech-savvy users so they can be aware of the issues and their potential consequences. Now that Microsoft has made this move, Apple’s Mac OS users may start looking more carefully at what they’re installing, too.

More from

Change Healthcare discloses $22M ransomware payment

3 min read - UnitedHealth Group CEO Andrew Witty found himself answering questions in front of Congress on May 1 regarding the Change Healthcare ransomware attack that occurred in February. During the hearing, he admitted that his organization paid the attacker's ransomware request. It has been reported that the hacker organization BlackCat, also known as ALPHV, received a payment of $22 million via Bitcoin.Even though they made the ransomware payment, Witty shared that Change Healthcare did not get its data back. This is a…

Phishing kit trends and the top 10 spoofed brands of 2023

4 min read -  The 2024 IBM X-Force Threat Intelligence Index reported that phishing was one of the top initial access vectors observed last year, accounting for 30% of incidents. To carry out their phishing campaigns, attackers often use phishing kits: a collection of tools, resources and scripts that are designed and assembled to ease deployment. Each phishing kit deployment corresponds to a single phishing attack, and a kit could be redeployed many times during a phishing campaign. IBM X-Force has analyzed thousands of…

How I got started: AI security researcher

4 min read - For the enterprise, there’s no escape from deploying AI in some form. Careers focused on AI are proliferating, but one you may not be familiar with is AI security researcher. These AI specialists are cybersecurity professionals who focus on the unique vulnerabilities and threats that arise from the use of AI and machine learning (ML) systems. Their responsibilities vary, but key roles include identifying and analyzing potential security flaws in AI models and developing and testing methods malicious actors could…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today