This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Anti-virus vendors sympathise with McAfee over false positive problems, as warnings made of searches for a fix

Share this article:

Vendors of anti-virus products have commented on the false positive problems incurred by McAfee over the past 12 hours.

Mel Morris, CEO at Prevx, claimed that the flawed update is ‘another symptom of the increasing sophistication of malware writers and will be a problem that will continue to escalate over time'.

Sympathising with McAfee, he said: “Criminals are essentially either hijacking or mimicking core Operating System components by giving malware the same name as many of these components. This not only makes it much harder for research labs to spot attacks, but also increases the chances of a false positive whereby something is wrongly identified as a piece of malware.

“In the pressure to act quickly and get a cure out, vendors will inadvertently remove critical OS components and disable millions of PCs in one go. What many of these vendors need is technology that can more effectively identify these types of malware attacks by tracking them in real-time and automating the process of detection.”

David Harley, director of malware intelligence at ESET, claimed that the company was not going to capitalise on McAfee's unfortunate false positive problem as such problems can arise for any anti-virus vendor.

He said: “It's an inevitable risk when you're trying to walk the line between the best possible detection of threats and avoidance of false detections. Fortunately, most false positives don't have such public consequences, and McAfee deserves more credit than they've received for their prompt response and attempts at remediation. Again, I wouldn't expect less of a reputable vendor.”

Graham Cluley, senior technology consultant for Sophos, warned that hackers are exploiting the problem with blackhat SEO (search engine optimisation) techniques to create web pages stuffed with content which appears to be related to McAfee's false alarm problem. These are on the front page of Google results if users search for phrases associated with McAfee's false positive.

Cluley said: “It's bad enough if many of the computers in your company are out of action because of a faulty security update, but it's even worse if you infect your network by Googling for a fix.

“The hackers know that users turn to search engines when they are looking for the latest news on a breaking story, and are lying in wait to infect the unwary.”

Finally, Sunbelt Software moved to offer McAfee enterprise customers, who may be unhappy with recent events, six months of free maintenance added to any new order placed before 30th June 2010.

Jim Moise, senior vice president of sales and marketing for Sunbelt Software, said: “Based on recent events, we are seeing record numbers of McAfee enterprise customers looking for an alternative solution for endpoint security. In order to make the transition to VIPRE easier, we are offering them a simple financial incentive to move to our endpoint security solution.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more

More in News

NCA wants security pros to become cybercrime fighters

NCA wants security pros to become cybercrime fighters

The UK's National Crime Agency is on the hunt for cyber security professionals to "join the fight against some of the world's most significant cyber criminals" on salaries ranging from ...

GCHQ head says agency was 'never involved in mass surveillance'

GCHQ head says agency was 'never involved in ...

Sir Iain Lobban says GCHQ staff "are normal decent human beings who watch EastEnders and Spooks".

Apple Mac OS criticised for sending search results to third parties

Apple Mac OS criticised for sending search results ...

Apple is under pressure to make changes to the Spotlight feature on the new Mac OS X Yosemite 10.10, which tracks location and sends data back to the firm and ...