Banner advertisements for a security application said to report false or inflated threats appeared for at least a few days on Microsoft’s instant-messaging (IM) program, prompting warnings from security analysts.Microsoft appears to have removed the ads, which were displayed in the contacts panel for its IM program, Windows Live Messenger, said SandiHardmeier, a Microsoft Most Valued Professional, a designation the company gives to people who have expertise with its products.The program, known as Winfixer, falsely warns a computer has been infected with malicious software, to Symantec. It asks users to buy a program to remove the unwanted software. “Quite often, it reports files that are perfectly safe,” Hardmeier said. “It uses a lot of false positives. Basically, it’s a rip-off.”Other security companies, such as Sophos and McAfee, classify Winfixer as a “potentially unwanted application.” Hardmeier, who notified Microsoft of the problem, said the ads that appeared on Windows Live Messenger tried two ways to get users to install Winfixer on their machines.The first was via a pop-up window offering to scan the computer for problems, she wrote. Depending on the version of Internet Explorer used, Winfixer would try to download itself through an Active X control, she said.The second way was through a banner advertisement that a user would have to click before being taken to a website offering Free PC-Secure, a program that is detected as Winfixer by most security software, she said. Winfixer goes by several different names, including ErrorSafe and DriveCleaner.Microsoft had done well preventing spyware programs from being advertised in banner ads on Windows Live Messenger, formerly known as MSN Messenger, Hardmeier wrote on her blog, Spyware Sucks.But Winfixer has proven a tricky foe. Advertising networks have had trouble with Winfixer ads suddenly being served up by their networks despite no affiliation with its creators, Hardmeier said.The suspicion is that organizations have falsely registered with the networks and substituted Winfixer ads—hosted on their own servers—instead of the advertisements they agreed to supply, she said. Microsoft officials contacted in London on Monday morning could not immediately comment.-Jeremy Kirk, IDG News Service Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe