It was an Ed Bott article which got me to thinking, “just how many anti-virus false positives have I dealt with over the years?”. Six. A false positive is when your anti-virus product flags a non-virus file as being virus-infected.
Number of false positive virus updates which impacted my customers? | 6 |
Number of virus outbreaks which occurred, which the AV products missed? | 3 |
Number of virus outbreaks actually prevented by an AV product? | 0 |
I’ve often thought that enterprise customers should pilot AV updates before inflecting them on their wider user community. I mean, what’s the point of having an AV product which effectively does more damage than an actual outbreak?
Here is the list of anti-virus updates I’ve seen which have caused some havoc for customers. It was longer than I thought it would be.
AV product | Date | Product it killed | Customer impact |
McAfee AV | April 2010 | Windows | Minor. We stopped it in time. |
CA eTrust | September 2008 | Spybot S&D | Couldn’t use SpyBot as eTrust deleted the .exe |
CA Pest Patrol | March 2005 | IBM SameTime | 20,000+ computers unable to use instant messaging product. |
CA eTrust | January 2004 | Windows | Stopped Windows booting in two countries. |
CA eTrust | December 2003 | WiseScript created utilities | Broke a number of software installations, and caused a logon error on 1,000+ computers. |
Symantec Norton AV | November 2001 | InstallShield created software installs. | When trying to install a particular VPN product, Symantec said the install was “NIMBA”. Stopped a country-wide deployment for a week. |
The anti-virus product I use at home? Microsoft Security Essentials.
Comments are closed.