Enterprise Software being flagged as Spyware

[Lisa]

Hello,

I work for a company whose Enterprise Management Software
is being flagged by MS Antispyware as spyware. I have
filed a Vendor Dispute (we are a MS Certified Product)
about two weeks ago and have not gotten a reponse. I
cannot find a contact email address or telephone number to
follow up on this matter.

Can anyone supply me with the proper contact information
so I can I continue working toward getting this matter
resolved?

I did read in the Release Notes that the active agent does
inadvertantly flag Enterprise Management Software but we
have customers using this and calling our support asking
why we are getting flagged as Spyware. Asking them to
turn off their MS Antispyware Active Agent is not a viable
solution.

Thanks in advance,

Lisa

 

[Bill Sanderson]

Some management software is likely to continue to be flagged, no matter how
scrupulously designed, I'm afraid--based on the criteria published at
www.spynet.com.

However, you should expect the flag to describe the software accurately and
have an appropriate disposition--i.e. ignore, perhaps.

I would expect that a managed version of Microsoft Antispyware will have
further control over such flags.

I don't have further contact information for this purpose--I'd suggest
another contact via the form--explaining that you haven't had any response
to the first submission.

 

[Lisa]

Bill,

thank you for the information.

You mention that you "expect that a managed version of
Microsoft Antispyware will have further control over such
flags." By this do you mean that there is somewhere
within MS Antispyare that our customers can add a global
setting that certain services can be ingored or is this
something they would have to set per desktop? Or is it
possible that there is a custom configuration file that
they could push down to each workstation?
A workstation by workstation solution is not a feasible
workaround as we have customers with very large
enterprises.

I know that as our service is being installed, the active
agent does describe our software accurately and if
previously chosen to allow, it will allow (although it
still pops the informational message everytime our
software is upgraded). I can't seem to get the ignore to
work because we are NOT detected as spyware during the
spyware scan - we only get flagged by the active agent.
It hits us for 2 reasons - first, because we run as a
service and second, because the customer can configure our
software to track URLs which requires us to load a BHO.

Any information on how to configure MS Antispyware so that
the active agent doesn't flag us would be much
appreciated. At least then we could supply our customers
with a workaround until we get an answer from the vendor
dispute.

I will take your advice to send a second vendor dispute
since we haven't heard anything yet.

Thanks again.

-L

 

[plun]

Bill,

A workstation by workstation solution is not a feasible
workaround as we have customers with very large
enterprises.

I will take your advice to send a second vendor dispute
since we haven't heard anything yet.

Hi

I must say that to use a Beta version within corporate
production environments
can´t be something wich can be advised. It sounds desperat
and it´s plenty of time
until final version.

http://www.cert.org/security-improvement/

 

[Ron Chamberlin]

Hi Lisa,

You mention that you "expect that a managed version of Microsoft
Antispyware will have further control over such flags." >

There will be an enterprise version of a MS Antispyware coming out at some
point in time. This is probably not coincidental with the purchase of Sybari
by MS.


Ron Chamberlin
MS-MVP



By this do you mean that there is somewhere

 

[Bill Sanderson]

The features that I posited, and that you request, seem likely to be
included in an enterprise product.

This beta is not such a product.

Microsoft has announced that there will be such a product, but no further
details have yet been announced--so I can't satisfy your needs.

I do wonder at the wisdom of allowing a beta product, clearly stated as
being unsuitable for use on production equipment, to be installed in a
managed environment, when the release notes clearly advise of exactly the
kind of difficulty you mention:

http://support.microsoft.com/kb/892375 End users may be prompted to allow or
block administrative actions that originate from a central management tool
after they install Windows AntiSpyware (Beta) on a computer that is managed
by Systems Management Server 2003

I realize that you don't manage your customers networks, but it won't hurt
to remind them of the reality of the situation.

 

[Guest]

Thanks to all of you for this very helpful information!

Lisa