Trend Micro AV nukes innocent Sharepoint code, admins despair
Trend Micro's antivirus software has flagged benign Sharepoint code as potentially malign and nuked the files, causing the Microsoft package to fall over.
Aggrieved admins have aired their frustration on Reddit.
More than a full day after our initial inquiries, Trend Micro confirmed on Thursday that there was a problem and that a misfiring update – which it has since pulled – was to blame.
False positives are a well-known Achilles’ heel of anti-malware packages. All vendors trip over the issue from time to time.
Trend said the NEMUCOD ransomware family uses "aggressive methods of obfuscation" in trying to avoid detection by traditional security, so the firm used an "unconventional method of detection" to tackle it.
Trend said it was still analysing the issue and will modify QA testing "to try and prevent a similar issue from occurring again in the future if possible". ®