Google is actively working with trusted advertisers and partners to help prevent malware in ads. All publishers, ad networks and ad operations teams should follow security recommendations detailed at http://www.anti-malvertising.com.
Google has developed proprietary technology and malware detection tools to regularly check creatives. We also forbid fourth-party calls or sub-syndication to any advertisers or vendors we haven't certified. Our automated malware checker scans all creatives. Any ad that we detect distributing malware will be pulled to protect users from harm. Any Ad Exchange buyer whose creative is found to contain malware will be subject to a minimum three month suspension.
Find out more about how to avoid malware.