The Register® — Biting the hand that feeds IT

Feeds

Dodgy Avast update classifies multiple legit files as malign

Initiates needless Chicken Little-style panic

By John Leyden, 7th December 2009
  • print
  • alert

Regcast training : Hyper-V 3.0, VM high availability and disaster recovery

Popular free of charge anti-virus scanner Avast went berserk late last week and began classifying legitimate files as infected.

Legitimate products were wrongly classified as harbouring the Dell-MZG Trojan or other strains of malware and whisked off to quarantine following the publication of a dodgy update. Avast has published a new update that eliminates the wrongful classification glitch. However, that still leaves users who applied the earlier update with borked systems.

False positives are a well known shortcoming of anti-malware scanners. Avast's snafu last Thursday was only unusual because it classified a large number of legitimate programmes as malign. Software from Adobe, Realtek sound card drivers and various media players were all affected.

Avast has published an apology for the cock-up and advice on restoring systems in a blog post (here) and its forum (here).

The anti-virus firm blamed "human error" for the mix-up. ®

Agentless Backup is Not a Myth

COMMENTS

House Rules Send Corrections
All Reader Comments (11)
Highly Rated
frymaster

stop talking mince

whatever kind of privilege separation exists, your virus scanner will be running at "most privileged" and "allowed to do anything it wants" levels or it's pointless

furthermore, virus definition files are neither source nor compiled, they're data files

3
0
Martin Gregorie

Wot no testing?

'The anti-virus firm blamed "human error" for the mix-up.'

So thats human error as in "We don't need to test it" then?

1
0
A J Stiles
Reply Icon

No, go deeper

I think you are misunderstanding something.

If people used operating systems with proper privilege separation, one process couldn't just go stomping over another process's files willy-nilly.

And if programmers didn't act as though their Source Code was allergic to daylight or something, but shared it around with other programmers, then there would be fewer schoolboy errors doing the rounds.

0
0

More from The Register

breaking news
NSA PRISM snoop-gate: Won't someone think of the children, wails Apple
10,000 things probed, mostly about missing kids, Alzheimer patients, we're told
96
breaking news
NSA PRISM-gate: Relax, GCHQ spooks 'keep us safe', says Cameron
Whatever they are up to, it's all above board, we're told
90
PRISM snitch claims NSA hacked Chinese targets since 2009
Snowden suddenly looks safer in Hong Kong after revelations
33
breaking news
US chief spook: Look, we only want to spy on 6.66 BEELLLION of you
Americans assured they are not in the NSA's sights
68
Speech-to-text drives motorists to distraction
Will talking to you mean I crash into that car up ahead, Siri?
30
DHS warns of vulns in hospital medical equipment
Has your doctor's anasthesia machine been hacked?
17
breaking news
'BadNews is malware' says outfit that found it
Google says code harmless but Lookout says code base is evolving
15
Panda-peddlers cuffed for chess gambling gambit
More porridge on the menu for Chinese coders after second offence
13
breaking news
Yes, maybe we should keep hackers in the clink for YEARS, mulls EU
Watch out black hats, they just might throw away the key
39
Internet fraud still stings suckers
Australians twice as gullible as Americans
35