The last place you'd expect to find malware — other than inside the supermassive black hole at the centre of the Milky Way — is the official Windows binaries for VLC, the free, ubiquitous media player. Yet, if you typed the name into Microsoft's Bing search engine a few days ago, you'd have been presented with a suspicious site warning. So, what went wrong?
The warning was first reported on November 28 by "Venkat" over on Techdows. Not only did a warning box appear when searching for VLC, but Bing's dedicated "Site Safety" tool flagged it as such as well.
Once made aware of the problem, VLC's Twitter account posted the following message:
Supposedly, @bing now consider vlc-3.0.4-win64.exe as a malware, which gives an annoying popup.
This appeared 2 days ago, and we have no clue how to fix it (yet).
We've checked, and the binary has not changed and is still correctly signed...
— VideoLAN (@videolan) November 27, 2018
You'd think Microsoft would have a system in place to submit corrections. Apparently not.
Fortunately, the mix-up has since been cleared up, with Bing now reporting the site as safe. The only conclusion is that it was a false positive, but one still has to wonder how it happened.
My guess? VLC is eating into Media Player's market share and something had to be done*.
* This is a joke.