Bing Questions Study That Claimed It Delivers 5x More Malware Than Google, Says It Blocks 94% Of Clicks To Malicious Sites

Last week, a study by German antivirus testing company AV-Test claimed that Microsoft’s Bing delivered “five times as many websites containing malware as Google.” Unsurprisingly, Microsoft does not agree with these findings and today, the company released a full rebuttal of AV-Test’s study. The researchers, Bing argues, used its API to execute queries instead of performing its searches directly on However, this methodology, Microsoft claims, bypassed Bing’s malware warning system.

Microsoft’s senior program manager for Bing David Felstead notes in his response that Bing “actually does prevent customers from clicking on malware infected sites by disabling the link on the results page and showing the below message to stop people from going to the site.” Microsoft does not explicitly remove potentially malicious sites from its index, he writes, “because most are legitimate sites that normally don’t host malware but have been hacked.” Instead, it pops up a warning when users click on these links.


The reason for this, Felstead says, is that when users search for a site – even if it’s a known malware vector – they do expect the site to appear in Bing’s index and would think Bing’s directory is incomplete if it didn’t show up on the search results page.

Overall, Bing says it shows results with malware warnings for about 0.04 percent of searches. Felstead also claims that Bing’s warning system blocks “94% of clicks to malicious sites.”

Despite the fact that the competition between Google and Bing has been somewhat heated lately, Felstead does note that detecting malware on websites is a very complex problem and that “no engine will be perfect 100% of the time.” But he also argues that Microsoft does show these malware warnings on its site instead of removing the links from its index in order to protect users who may otherwise go to Google and “then click on it (because Google may not have detected it as malware) their machine could be put at risk.”

Here are the original results from AV-Test: