Bing warns that VLC site may be dangerous - gHacks Tech News

Bing warns that VLC site may be dangerous

Microsoft's Bing search engine classifies the official site of the media player VLC as a site that might be dangerous currently.

While you may type https://www.videolan.org/vlc/ directly to open the site in your browser of choice, many users use search engines for that. It is understandable in the case of VLC Media Player as the URL of the project is not https://www.videolan.org/ and that is somewhat harder to remember.

A search for VLC on Bing returns the official VLC Media Player project website as the first result; while that is great, hovering over the link without clicking on it throws a warning overlay.

Bing states that the "site might be dangerous" and that continuing on to the site could lead users to malicious software that could harm the devices they use.

bing vlc site is dangerous

The report comes from Bing Site Safety, a security feature that Microsoft added to Bing to check sites in the index regularly.

Note: Bing won't display the safety notification if the width in the browser is small; that's quite the issue in itself.

The Bing Site Safety Report for the Videolan website provides details: the "URL is currently classified as suspicious due to the following detection types: Indications of malicious activity."

Microsoft's scanned the site on November 27, 2018 for the last time and detected suspicious content during that scan.

Bing does not provide additional information on the indicators of malicious activity that it detected.

A quick scan of the URL on Virustotal returned only clean readings from all major antivirus engines. A download of the latest VLC Media Player for Windows, VLC 3.0.4 64-bit, went through without issues; Windows Defender did not block the program from being downloaded to the local system.

A scan of the installer on Virustotal returned one hit -- Yandex -- out of 62 engines. It is unclear whether that is related to the warning or if the installer itself made Bing flag the site or something else.

The most likely explanation is a false positive. VideoLAN checked the binary and it has not changed and is still signed correctly.

Now You: What is your take on this? (via Born)

Summary
Bing warns that VLC site may be dangerous
Article Name
Bing warns that VLC site may be dangerous
Description
Microsoft's Bing search engine classifies the official site of the media player VLC as a site that might be dangerous currently.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

We need your help

Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats or subscription fees.

If you like our content, and would like to help, please consider making a contribution:


Previous Post: «
Next Post: »

Comments

  1. foolishgrunt said on November 29, 2018 at 7:10 pm
    Reply

    It’s dangerous to Microsoft. The more people who download VLC, the fewer stay on Windows Media Player.

    1. Anonymous said on November 30, 2018 at 10:58 pm
      Reply

      True, as with LibreOffice and Gimp. On those one has to temporarily disable folder protection of windows defender just to install without a hassle.

    2. clake said on November 30, 2018 at 11:14 pm
      Reply

      True, as with LibreOffice and Gimp. On those one has to temporarily disable folder protection of windows defender just to install without a hassle. Seems like ongoing subtle coersion sometimes.

  2. Yuliya said on November 29, 2018 at 7:16 pm
    Reply

    Don’t use VLC! Pay ten buck$ on Microsoft® Windows™ Store© to play DVD on your Windows™ 10™ PC!!! >:(

  3. James T. said on November 29, 2018 at 7:30 pm
    Reply

    Microsoft used Bing to show a link to malware-to filled Chrome last month

    1. gwacks said on November 30, 2018 at 5:07 am
      Reply

      The most funny and ridiculous thing happened recently is that people are so mad at the Goolag’s censored Chinese search engine project named *Dragonfly* witch compromises with the CCP government. They don’t say a word about or they just even don’t know what M$ and Bing search have already done:

      https://en.wikipedia.org/wiki/Bing_(search_engine)#Censorship

      I think this is because the M$ has already been EVIL enough that nobody has any expectations for them, which becomes kind of *advantages* in their PR instead the Goolag and Mozilla so suck from.

      So for everybody, cherish your life, stay away from M$.

  4. Anonymous said on November 29, 2018 at 7:37 pm
    Reply

    VLC is the most overrated software ever. Such a bad player. People go for it just because it have a “cute” icon and a famous name. MediaPlayerClassic still kicking!

    1. Yuliya said on November 29, 2018 at 8:18 pm
      Reply

      I always go for it because it works. Perfectly. On quite a large number of PCs I’ve tried it. And phones as well. And because whenever I had problems with it, simply reporting issues to their forums got it fixed within days/hours. And because it has a cute icon which wears a Santa hat once a year which I find to be quite a nice touch ;)
      VideoLAN is a great organization and a good example of how free and open source software should be like.

      1. stefann said on November 29, 2018 at 10:20 pm
        Reply

        @Yuliya : I say the same as You ! + MediaPlayerClassic overrated trash…

    2. Kwasiarz said on November 29, 2018 at 9:09 pm
      Reply

      How exactly is it bad?

    3. Kino said on November 29, 2018 at 9:23 pm
      Reply

      Lol, VLC is very much a great player (and last time I checked cross platform) so I think I’ll stick with VLC

    4. Agent Smith said on November 29, 2018 at 10:06 pm
      Reply

      I can second that. I use MPC-BE (Black Edition)

    5. Victor Ignatius said on November 29, 2018 at 10:14 pm
      Reply

      SMPlayer FTW!

    6. Alex said on November 30, 2018 at 12:18 am
      Reply

      PotPlayer represent

      1. Rush said on November 30, 2018 at 3:04 pm
        Reply

        @Alex

        I will say this, as a user of Media Player Classic…what seems like over ten years. I don’t believe it has had much Dev support the last two. But, it obviously was my go to player.

        I came across a Pot Player recommendation by a user here on GHacks…after a VirusTotal check, I installed it.

        I then watched an MPEG-4 media file (animated feature) X1080
        I observed a stunning improvement visually, and the audio was much more solid.

        My Intel(R) Graphic 520 Display Adapter lit up like a Christmas Tree.

        Pot player is my new number one. Although the UI is a bit clunky for me. I love MPC, and I still use it intermittently.

        One has to be open for change. Better is just that.

    7. Peter said on November 30, 2018 at 12:37 am
      Reply

      MPC-BE is the best player for most video extensions. VLC for the rest.

    8. AAA said on November 30, 2018 at 2:14 am
      Reply

      I use Real media player, mIRC, ICQ, AOL chat…. and all that on Win98. Beat that! 😀

    9. spook said on November 30, 2018 at 12:31 pm
      Reply

      MPC is my goto for movies and sometimes flac. VLC’s strength is accessing network streamed video, for instance monitoring surveillance cameras within your network. Once you get the cameras network address right, monitoring the stream feed is cake and you can record with VLC too. If MPC can do that, I’ve yet to discover how.

    10. Clairvaux said on November 30, 2018 at 12:33 pm
      Reply

      Is it possible to remove this supposedly “cute” icon ? So ugly, so offensive. Don’t you prefer it when things around you are beautiful, including software ?

    11. Anonee said on November 30, 2018 at 3:44 pm
      Reply

      Agreed, VLC is garbage – it still doesn’t even support keyframes!
      I always used KMPlayer but then the dev sold it to some company and joined the development team of PotPlayer, so I’ve been using that ever since and it is unbeatable!

  5. John Fenderson said on November 29, 2018 at 7:41 pm
    Reply

    “Indications of malicious activity”

    Talk about a uselessly vague explanation! That’s pretty much the same as saying “URL is currently classified as suspicious due to the following detection types: suspicious site.”

  6. Anonymous said on November 29, 2018 at 8:23 pm
    Reply

    The only thing that is dangerous is Microsoft and Bing.

  7. Tom Hawack said on November 29, 2018 at 8:28 pm
    Reply

    Bing, Bang, Bong. Boom. I never understood the pertinence of this search engine unless as a dedicated Microsoft toy for the company to have it’s own. Irrelevant IMO. I never used it and I doubt I ever will.

  8. Ayy said on November 29, 2018 at 8:57 pm
    Reply

    Bing, the site that has REPEATEDLY served malware ads as the first result for innocuous things like chrome, or printer drivers, or just about anything you would come to need downloading, is telling you that legit software is a virus… that’s rich.

  9. Cigologic said on November 29, 2018 at 9:17 pm
    Reply

    Related security analysis of: https://www.videolan.org/vlc

    1) ImmuniWeb WebScan: https://www.htbridge.com/websec/?id=kprIsj2L
    → Check web server’s security hardening, implementation of Content Security Policy & other HTTP security headers, as well as 3rd-party content security

    Final Grade: C (29 Nov 2018, 7:20 pm GMT)

    MISCONFIGURATIONS OR WEAKNESSES:
    • Some HTTP headers related to security & privacy are missing or misconfigured.

    • Some potentially insecure HTTP methods supported by web server require the webmaster’s attention.

    SERVER:
    • Web server discloses its version. This may allow attackers to use known vulnerabilities & conduct further attacks against it.

    X-FRAME-OPTIONS:
    • Header not sent by server.

    X-XSS-PROTECTION:
    • Header not sent by server, enabling XSS exploitation (if not restricted by user’s browser).

    X-CONTENT-TYPE-OPTIONS:
    • Header not sent by server.

    CONTENT-SECURITY-POLICY:
    • Header not sent by server.

    2) ImmuniWeb SSLScan: https://www.htbridge.com/ssl/?id=tA3yxKlX
    → Check website’s SSL/TLS security, as well as implementation for compliance with PCI DSS, HIPAA & NIST guidelines
    → Note: The scan tests the main domain, ie. http://www.videolan.org

    Final Grade: A+ (29 Nov 2018, 7:41 pm GMT)

    NON-COMPLIANT WITH NIST & HIPAA:
    • Server supports cipher suites that are not approved by NIST & HIPAA guidelines.

    SERVER CERTIFICATES SIGNED WITH WRONG ALGORITHM:
    • The ECDSA certificate supplied has not been signed using the proper algorithm according to HIPAA & NIST guidelines.

    SOME SUPPORTED PROTOCOLS NON-COMPLIANT WITH PCI DSS REQUIREMENTS:
    • Server has TLS v1.0 enabled — which is non-compliant with PCI DSS 3.2.1 since 30 June 2018.

    NO SUPPORT FOR TLS V1.3:
    • Server does not support TLS v1.3 — which is the only version of TLS with currently no known flaws or exploitable weaknesses.

    HTTP SITE DOES NOT REDIRECT:
    • HTTP version of website does not automatically redirect to HTTPS version (unless forced by user’s browser).

    SERVER DOES NOT PROVIDE HPKP:
    • Server does not enforce HTTP Public Key Pinning that helps prevent man-in-the-middle attacks.

    1. AnorKnee Merce said on November 29, 2018 at 11:15 pm
      Reply

      @ cigologic

      Same test for wwwdotmicrosoftdotcom/en-us/software-download/windows10ISO

      Final Grade C

      Some HTTP headers related to security and privacy are missing or misconfigured.
      Misconfiguration or weakness

      Some cookies have missing secure flags or attributes.
      Misconfiguration or weakness

      X-XSS-Protection
      The header was not sent by the server, enabling XSS exploitation if not restricted by the client’s browser.
      Misconfiguration or weakness

      X-Content-Type-Options
      The header was not sent by the server.
      Misconfiguration or weakness

      Content-Security-Policy
      The header was not sent by the server.
      Misconfiguration or weakness
      .
      .

      Same test for microsoftdotcom

      Final Grade B

      Some HTTP headers related to security and privacy are missing or misconfigured.
      Misconfiguration or weakness

      Some cookies have missing secure flags or attributes.
      Misconfiguration or weakness

      Content-Security-Policy
      The header was not sent by the server.
      Misconfiguration or weakness

    2. AnorKnee Merce said on November 30, 2018 at 8:56 am
      Reply

      @ Cigologic

      Seems, sites like htbridgedotcom(ImmuniWeb) use FUD to sell their security software to gullible website owners.

      M$ also uses FUD to scare Win 7/8.1 users into buying Win 10.

      In this case, M$-Bing is using FUD against the very popular videolan/VLC website to scare Win 10 users into buying Windows DVD Player from M$ Store for US$15. Win 10 does not play DVD natively, ie no more Windows Media Center.

      OTOH, criticisms against Win 10 forced auto-updates and Telemetry collection are often ignored by M$ and her sheepie-fans as FUD.

    3. JustCheckin said on December 2, 2018 at 2:48 am
      Reply

      VLC on SSL Labs, it’s a mixed bag.

      http://www.videolan.org IP4 (88.191.250.2)
      https://www.ssllabs.com/ssltest/analyze.html?d=www.videolan.org&s=88.191.250.2
      Rating: A+

      http://www.videolan.org IP6 (2a01:e0d:1:3:58bf:fa02:c0de:5)
      https://www.ssllabs.com/ssltest/analyze.html?d=www.videolan.org&s=2a01%3ae0d%3a1%3a3%3a58bf%3afa02%3ac0de%3a5
      Rating: A+

      addons.videolan.org (46.101.238.240)
      https://www.ssllabs.com/ssltest/analyze.html?d=addons.videolan.org
      Rating: C (The weakness relates in particular to the key exchange)
      * This server is vulnerable to the POODLE attack. If possible, disable SSL 3 to mitigate. Grade capped to C.
      * This server accepts RC4 cipher, but only with older protocols. Grade capped to B.
      * This server does not support Forward Secrecy with the reference browsers. Grade capped to B.

      For the following site wiki.videolan.org SSL Labs gave rated it as good while HT Bridge was of different opinion, not sure what exactly causes the differences.

      wiki.videolan.org IP4 (88.191.250.2)
      https://www.ssllabs.com/ssltest/analyze.html?d=wiki.videolan.org&s=88.191.250.2
      Rating: A+

      wiki.videolan.org IP6 (2a01:e0d:1:3:58bf:fa02:c0de:5)
      https://www.ssllabs.com/ssltest/analyze.html?d=wiki.videolan.org&s=2a01%3ae0d%3a1%3a3%3a58bf%3afa02%3ac0de%3a5
      Rating: A+

  10. Thorky said on November 29, 2018 at 9:31 pm
    Reply

    Anyone using … BING? 🤔

    1. Apparition said on November 29, 2018 at 9:36 pm
      Reply

      To be fair, Bing Maps is very good.

    2. Dave said on November 30, 2018 at 4:11 pm
      Reply

      Google started requiring me to complete a captcha every single time I tried to use it while connected through my VPN.

      Bing doesn’t do this so, I use it as my main search engine now.

  11. Cigologic said on November 29, 2018 at 9:52 pm
    Reply

    Registrar & Domain Security Results for videolan.org (29 Nov 2018, 8:28 pm GMT):
    https://www.cloudflare.com/domain-security-check/#videolan.org
    → Result: Failed 3 out of 4 Tests

    1) REGISTRAR LOCK TEST FAILED
    • Issue: Whois is missing below fields:
    Status: clientUpdateProhibited
    Status: clientDeleteProhibited

    • Risk: Susceptible to domain hijacking via Auth Codes. ie. attackers can steal domain name by intercepting Auth Code (eg. by hacking email account, snooping on insecure internet connection, or compromising registrar itself).

    2) DOMAIN EXPIRATION TEST FAILED
    • Issue: Domain expires in 65 days (2019-02-03 T01:48:44Z), ie. less than the 6-month expiration window recommended for high-profile domains

    • Risk: Potential accidental domain loss, due to lack of time leeway to deal with contingencies (eg. officer who maintains the domain registration leaves the company).

    3) DNSSEC TEST FAILED
    • Issue: Domain not using DNSSEC to authenticate all DNS queries with cryptographic signatures

    • Risk: Domain is susceptible to DNS cache poisoning, ie. when an attacker tricks a recursive DNS server into caching a fake DNS record, thus silently redirecting website visitors to the attacker’s chosen web server.

  12. stefann said on November 29, 2018 at 10:17 pm
    Reply

    Just as Google and other large spying corporations sites Microsoft is blocked on my computers….. Bing is a load of BS !

  13. Davis said on November 29, 2018 at 10:29 pm
    Reply

    This coming from Microsoft…

  14. pHROZEN gHOST said on November 30, 2018 at 12:11 am
    Reply

    “Indications of malicious activity”

    That describes Microsoft to a T when it comes to Windows 10 updates.

  15. Deo-et-PStroe said on November 30, 2018 at 12:30 am
    Reply

    If Microsoft says it’s malicisious then it is malicisious. I just uninstllaed it

    1. asa said on December 1, 2018 at 12:09 pm
      Reply

      lol, you’re a rube.

  16. Peter said on November 30, 2018 at 12:42 am
    Reply
  17. AAA said on November 30, 2018 at 2:18 am
    Reply

    This is why I still use yellowpages, library, phonebook, and newspaper n stuff when I want to search something. It helps me leave no footprints… 🌚

  18. slater said on November 30, 2018 at 3:45 am
    Reply

    They’ve always hated free an open source software. Funny because in almost all cases, free and open source software developed by small independent devs puts microsoft’s software to shame.

  19. Anonymous said on November 30, 2018 at 3:46 am
    Reply

    Windows is the biggest malware on the planet. Obvious. Hey, how about that $480 million contract Microsoft just got from the US military? That should answer your question why Microsoft and Google can do anything they want.

  20. Supergirl said on November 30, 2018 at 4:42 am
    Reply

    I have never used the Microsoft virus known as Windows 10.
    I have never used the spyware known as Bing.
    the last time I used Malware W7 was when I purchased this computer @ 3 months ago.

    the seller had to walk me though how to see the hardware/components as I had forgotten
    how to find that in windows.
    My fave video viewer is VLC that came installed on my MX-17.
    If there website is compromised, I wouldnt know as I never go there.

    But…
    If I did ….
    Im 99.999% safe as its unlikely any malware could DO anything to my set-up.

    I have never loved my computer or the internet more since I switched over to Linux.

    Thank you to Martin & all of the Wise, wise poster here who have taught me so much.

  21. spook said on November 30, 2018 at 12:36 pm
    Reply

    This coming from the creator of the largest botnet on the planet? Say it isn’t so.

  22. Gerard said on November 30, 2018 at 1:51 pm
    Reply

    Most security and privacy protection software can occasionally produce false positives. That’s at least my experience.
    VLC is a great cross-platform media player, so is SMPlayer in my experience. MPC-BE/MPC-HC are also very good (for MS Windows systems). I prefer to use a separate audio player though.

  23. xax said on November 30, 2018 at 2:56 pm
    Reply

    I wonder what it will say about Microsoft.com.

  24. Marcin said on November 30, 2018 at 5:08 pm
    Reply

    I have just tried myself to search “vlc” with bing, and I have no warning overlay…

    Was this an error which is now fixed, or could you still see that now ?

  25. ULBoom said on November 30, 2018 at 5:23 pm
    Reply

    “URL is currently classified as suspicious due to the following detection types: Indications of malicious activity.”

    Means “It bad because it bad.” Typical head up your butt tech drivel.

    How do I get bing out of the new Thunderbird? I don’t want to search something and find it it’s really my search engine and it loads TBird with junk cookies even though Startpage appears in about:config and bing does not.

    I see Claws in my future.

  26. Dave said on November 30, 2018 at 6:01 pm
    Reply

    It appears Bing is paranoid. If you do a search and select images for the result and start stepping through the images you will eventually get one that gets the Bing warning.

  27. Jozsef said on December 1, 2018 at 12:39 am
    Reply

    My feeling is that Microsoft is always right except when they’re not. I also think the company is in disarray but stumbled into huge profits and now consider themselves gods. On that basis, I’m not holding my breath for any positive changes that would show any respect for their customers.

    This VLC thing may be a trial balloon to gauge the reaction to what is just an attack on a leading piece of free software.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

Please note that your comment may not appear immediately after you post it.