Has Microsoft Live Search Detected Malware On Your Site?

Recently, Microsoft Live Search added malware warnings to their search results. If a searcher clicks a result that Microsoft has detected contains malware, a popup warns then not to proceed to the site. As Matt noted yesterday, Google and Yahoo! also provide malware warnings to searchers.

How can you find out if Microsoft has flagged your site for malware and how can you let them know you’ve fixed the problem? As part of this update, Microsoft Live Search also launched an update to their Webmaster Center that added alerts about malware. You can generate a report of all pages on your site that have malware on them, see if you link to any external pages that contain malware, and submit a review request once you’ve fixed any issues.

Find out if your site has been flagged

To find out if your site has been flagged for malware, log in to the Webmaster Center (you have to verify site ownership) and access the Crawl Issues tab. Select the Malware Infected issue type and click Search. You’ll see a list of any flagged pages on your site that you can download for offline processing.

The Malware Infected report has been added to the existing crawl errors reports in the tool (File Not Found, Block by REP, Long Dynamic URLs, and Unsupported Content Types).

Request review

If you find that any pages are infected, you can request review once you fix the problem. Microsoft says the reinclusion  process should “take days, not weeks”.  Once they’ve determined that the pages are no longer infected, they’ll remove alert from the search results.

Find out if you’re linking to malware

The webmaster tools also include a new Outbound Links report that lists any external malware-infected pages that your site links to. This is important information to have, as you don’t want to send your customers to infected sites. To generate this report, simply access the Outbound Links tab, choose Show All Outbound Links, and select the Show only outbound links to malware option.

Learn more about malware and how to prevent it

Microsoft has added information to their help center that provides details on what malware is, how to protect your site from it, and steps to take if your site has been infected. This document notes the importance of fixing any security holes in your website that enabled the malware infection.

What about Yahoo! and Google?

Both Google and Yahoo also offer methods for requesting evaluation once malware issues have been fixed, but neither provide the robust reporting that Microsoft now offers.

Google alerts you to malware issues on the summary page of the site in webmaster tools and provides a sample list of URLs. Microsoft’s report may contain a more complete list of infected pages. However, once you fix the problem and request review, Google will let you know of any remaining pages with issues. Google has also published several blogs about what to do if your site’s been hacked and a how to prevent it.

Yahoo! doesn’t provide this type of alert or reporting in Site Explorer. When I asked about this earlier in the year when they launched “SearchScan Alerts”, they told me:

If your site shows up in that experience, but not in the SearchScan On mode, (all other options such as SafeSearch remaining same) then you can believe that it is due to exploit rating on your site.

Note, to make this work, you should ensure that you keep all other elements of the search experience constant between the test with SearchScan off and on. That is

a) make sure you don’t change any other preferences

b) make sure you don’t change the computer you are searching from in case source IP or other changes affect the query routing

c) make sure you use the same Y! search destination – .com, co.uk etc. because sometimes there are regional rules which cause filtering (for example, france has stricter rules around nazi memorabilia sites etc.)

d) check multiple times across a couple of days. This is important because sometimes there is some localized maintenance going on which might temporarily affect what you see.

Use Yahoo’s SearchScan form (linked to in the search results alert) to request review once you’ve fixed any issues.

Ultimately, search engines want to provide the best possible experience for searchers and don’t want to send searchers to sites that will infect their computers. By providing site owners with detailed information about pages on their sites that are infected, external links to malware, and how to prevent infection, Microsoft is going a step further beyond just alerting searchers to infected sites by helping keep the results free of malware in the first place.