Microsoft gave an award to a vendor whose software is labeled as a threat by Microsoft's own security scanner, security pros say.
A developer who was recently awarded Microsoft's MVP status distributes adware with the software he creates, security professionals said Friday. Microsoft's own malwarescanner pegs the MVP's software as a threat.
Cyril Paciullo, the creator of Messenger Plus -- an add-on to Microsoft's Windows Messenger/Windows Live IM client -- announced in a blog entry Thursday that he'd been given an MVP Award (Most Valuable Professional). Microsoft's MVP program honors developers and others who Microsoft believes made significant contributions to users in the past year.
But according to Chris Boyd, the director of malware research at FaceTime Communications, and Alex Eckelberry, chief executive of Sunbelt Software, Paciullo's Messenger Plus also installs LOP, an adware program that changes IE and Firefox settings, and produce pop-ups on users' desktops.
Fellow-MVP Boyd took exception to Microsoft crowning an adware distributor. "Microsoft is rewarding someone that has an active involvement with one of the most maligned names in PC hijacking. If that isn't booberific, I don't know what is," Boyd wrote on his blog. He hasn't decided whether to ask Microsoft to take him off the MVP list. "As for my own MVP status, my first knee jerk reaction is telling me to tell [Microsoft] to shove it. My second knee jerk reaction [to] jumping ship is [that would] basically give the boobs of the world a green-light to hijack the program."
Nor did Eckelberry pull punches. After noticing that Messenger Plus' installation process dropped several new icons on the desktop, including one labeled "My Antivirus Update," he said "What a misleading icon, because this crap is what you actually get: A fake McAfee-looking page doing the age-old scam of 'click here to test your CD-ROM Drive'."
Paciullo did not reply to an e-mailed request for comment.
5 Top Federal Initiatives For 2015As InformationWeek Government readers were busy firming up their fiscal year 2015 budgets, we asked them to rate more than 30 IT initiatives in terms of importance and current leadership focus. No surprise, among more than 30 options, security is No. 1. After that, things get less predictable.