Antivirus Classifies Itself as Malware

Friday, September 21, 2012 @ 03:09 PM gHale


The antivirus firm, Sophos, released an update that classified itself and any other update utility as a virus.

As a result PCs running the application generated false positives reporting SSH/Updater-B malware. System administrators were getting automated alerts by email about the problem. The issue ended up resolved with a functional update later shortly thereafter.

RELATED STORIES
Warning: Google Alert Contains Trojan
Malware Disguised as Security Software
Intuit Spam Comes Back
Malware Targeting BlackBerry Users

The problems just don’t end there, however, as endpoints and corporate networks hit by the false positive ended up left with systems that can no longer update themselves properly because the required functionality is in quarantine.

There is a way around the issue and Sophos has details on how to resolve the problem.

False positives hitting antivirus updates have affected all vendors from time to time. The consequent problems are at their worst when Windows operating system files end up falsely classified as potentially malware and quarantined, resulting in unstable or unusable Windows boxes.



Leave a Reply

You must be logged in to post a comment.