Microsoft Pushes EU BCS Software on 28M Windows 7 SP1 PCs, After EU's Complaint - Offers Tips to Keep Microsoft Account Secure

In a press release, Microsoft stated that they fixed a technical error that prevented the Browser Choice Screen (BCS) from displaying on roughly 28 million PCs running Windows 7 SP1 in Europe where Internet Explorer is the default browser."Sinc 2009, under a agreement with EU, Microsoft is required to display a "Browser Choice Screen" (BCS) […]

In a press release, Microsoft stated that they fixed a technical error that prevented the Browser Choice Screen (BCS) from displaying on roughly 28 million PCs running Windows 7 SP1 in Europe where Internet Explorer is the default browser.

"Sinc 2009, under a agreement with EU, Microsoft is required to display a "Browser Choice Screen" (BCS) on Windows PCs in Europe where Internet Explorer is the default browser."

Microsoft said that the EC notified them of about reports that the "BCS was not being displayed on some PCs. Upon investigating the matter, we learned of the error."

"We have fallen short in our responsibility to do this. Due to a technical error, we missed delivering the BCS software to PCs that came with the service pack 1 update to Windows 7.

The BCS software has been delivered as it should have been to PCs running the original version of Windows 7, as well as the relevant versions of Windows XP and Windows Vista.

However, while we believed when we filed our most recent compliance report in December 2011 that we were distributing the BCS software to all relevant PCs as required, we learned recently that we've missed serving the BCS software to the roughly 28 million PCs running Windows 7 SP1," Microsoft wrote.

Microsoft Fixes Browser Choice Screen (BCS) Issue on 28 million Windows 7 SP 1 PCs in Europe

The company says, we promptly notified the Commission of what we had found and took the following steps to remedy this problem:

  • "Distributed the BCS: Within one business day of discovering the problem we developed a software fix and began testing it. This was on July 2. The next day we began distributing the BCS software to the PCs running Windows 7 SP1 which we had missed, and we ensured it is available for all new PCs with Windows 7 SP1. We expect to substantially complete distribution of the BCS software to the PCs we initially missed by the end of the week.
  • Outside Investigation: We retained experienced outside counsel to conduct a formal investigation of precisely how the technical error occurred and to make suggestions to avoid any such compliance problems in the future. They have already interviewed Microsoft employees and are now following up with document review. They will continue to have access to all of our employees and documents and we have asked them to prepare a full report when their work is complete. They will provide this report to the European Commission.
  • Offered to Extend our Compliance Period: Since we have fallen short in our responsibility to display the BCS, we have offered to extend the time during which we are obliged to do so by an additional 15 months. We understand that the Commission will review this matter and determine whether this is an appropriate step for Microsoft to take. We understand that the Commission may decide to impose other sanctions," Microsoft explained.

In a blog post, Microsoft stated that, "as criminals have become increasingly sophisticated about taking a list of usernames and passwords from one service and then "replaying" that list against other major account systems" -- and offered several tips and safety suggestions to ensure its users information doesn't get to the wrong hands:

  • "Always choose strong, unique passwords
  • Add security proofs to your account, and check them regularly to ensure they are up to date. You can add a phone, email address, or trusted PC as a proof, and these are used to recover your account if you ever lose access
  • Be careful using your account in public places, and especially on shared PCs. Shared PCs like those in hotels and Internet cafes are notoriously insecure, and often have malicious software installed that will steal your password. If you have to use one, sign in with a single-use code instead of your normal password
  • Be careful sharing personal information - passwords, email addresses, physical addresses, credit card info -these pieces of info can all be used to attempt to access your account
  • Install protection against viruses, spyware, and malware on your computer, and keep it up to date. There are many excellent choices available, including Microsoft Security Essentials, which is free
  • Make sure your browser phishing filters are active. For IE, click the Tools icon on the toolbar, point to Safety, and then click Turn on SmartScreen Filter. For other browsers, check your help files for instructions
  • Ensure you are on the correct site before entering personal info. Beware of websites that seem too good to be true (offering amazing deals) and always check the address bar to ensure it's the right URL," Microsoft informs.

In addition to aforementioned tips, Microsoft also noted, that they will never ask you for your password or other security information via an email. "Any email asking for this information is always a phishing scam designed to lure you into disclosing your password or other account information."