by Martin Brinkmann on November 29, 2018 in Internet – 20 comments
Microsoft’s Bing search engine classifies the official site of the media player VLC as a site that might be dangerous currently.
While you may type https://www.videolan.org/vlc/ directly to open the site in your browser of choice, many users use search engines for that. It is understandable in the case of VLC Media Player as the URL of the project is not https://www.videolan.org/ and that is somewhat harder to remember.
A search for VLC on Bing returns the official VLC Media Player project website as the first result; while that is great, hovering over the link without clicking on it throws a warning overlay.
Bing states that the “site might be dangerous” and that continuing on to the site could lead users to malicious software that could harm the devices they use.
The report comes from Bing Site Safety, a security feature that Microsoft added to Bing to check sites in the index regularly.
Note: Bing won’t display the safety notification if the width in the browser is small; that’s quite the issue in itself.
The Bing Site Safety Report for the Videolan website provides details: the “URL is currently classified as suspicious due to the following detection types: Indications of malicious activity.”
Microsoft’s scanned the site on November 27, 2018 for the last time and detected suspicious content during that scan.
Bing does not provide additional information on the indicators of malicious activity that it detected.
A quick scan of the URL on Virustotal returned only clean readings from all major antivirus engines. A download of the latest VLC Media Player for Windows, VLC 3.0.4 64-bit, went through without issues; Windows Defender did not block the program from being downloaded to the local system.
A scan of the installer on Virustotal returned one hit — Yandex — out of 62 engines. It is unclear whether that is related to the warning or if the installer itself made Bing flag the site or something else.
The most likely explanation is a false positive. VideoLAN checked the binary and it has not changed and is still signed correctly.
Now You: What is your take on this? (via Born)