Norton AV update rings false alarm bells

Victims are very cross

Two security software houses have rounded on Symantec, after their products were wrongly said to be infected with Nimda.

The false alarms rang for Installshield and F-Prot Antivirus for Windows, and were caused by poorly written virus definition updates to Symantec's Norton Anti-Virus.

Frisk Software, the Icelandic developer of F-Prot Antivirus, has responded to the false implication that its product was infected by W32.Nimda.enc(dr) with a terse statement criticising Symantec's quality assurance.

Erlendur Thorsteinsson, product manager for F-Prot, told us the problem arose because of faulty definitions issued by Symantec on November 9.

The latest virus definition files, which came out on November 12, are free from the problem and Symantec users are been encouraged to update their protection.

Earlier this month over-sensitivity in the automatic detection of viruses (or heuristics) included within Norton Anti-Virus resulted in a false alert that the MSN.co.uk Web site was infected with a Trojan. ®

External links

InstallShield advisory on the issue (which gives advice to users on what to do if key files have been quarantined or deleted in response to the false alert)
Frisk Software's advisory

Related stories

MSN.co.uk virus alert is false alarm
Sophos rebuffs virus-spreading charge
Symantec users risk redirection to hacker sites
Firms hit in Nimda mutant outbreak
Nimda worm tails off
Teenage Mutant Nimda email rides the Code Red worm

Sponsored: Network DDoS protection