On Tuesday, Valentine's Day, Microsoft shipped security updates to Microsoft Forefront and Microsoft Security Essentials, which showed Google as being infected with the Blackhole exploit kit, confirms a ZDNet report. On detecting that they could not access Google.com, several users took to Microsoft forums with similar issues. One user said, “I am having the same issue, but with google.com. Every time I do a search, MSE flags a file (search.htm, google_com.htm, etc) in my temp internet directory as Blacole.BW. And only since today's (2/14) updates (I can't say it's the definition update for sure, as there were also other Windows security updates released today)“.
The message users got when they tried to access Google.com
While Microsoft has now fixed the error, and has confirmed it as well; it was not before several users across the U.S, Middle East, Australia, New Zealand and Denmark began complaining of not having access to Google.com, after an update to Microsoft Forefront. Describing the Blackhole exploit kit, itself, the post quotes security company, Kaspersky, as saying, “like a Swiss Army knives [sic] for launching web based attacks from compromised web pages.” The post, further describes the kit as the one that “attempts various exploits against computers visiting infected websites, in order to upload malware.”
The report further adds that, “Security organisation Sans Institute said that Microsoft fixed the issue on Tuesday in Forefront update 1.119.1986.0 and higher. “As of 20:11 GMT-5 Feb 14 2012, we received confirmation from Microsoft stating that this problem is a false positive and will be corrected in the update 1.119.1986.0 or higher for the antivirus.“