World of Warcraft
World of Warcraft fans using Norton Anti-Virus had a nasty surprise last week: a false positive which broke the game.
might be an addictive time-sink, but would you class it as malware? If you work for Symantec, the answer might be yes - albeit unintentionally.
As reported over on Computeractive
, the security software vendor responsible for Norton Anti-Virus admitted late last week that a bad definition update had been sent out which caused files required by the overwhelmingly popular World of Warcraft
massively multiplayer online role-playing game to be detected as malware - and quarantined or deleted accordingly, making the game unplayable.
Blaming "a human analyst
" who "made a mistake, [looking at the files] in isolation
," Symantec was alerted to the issue on its product forums - and quickly repaired the update, pushing out a fixed version which removed the false positive.
Interestingly, product manager Kevin Haley used a statement to press regarding the issue to admit what users of signature-based anti-virus packages have long known: false positives are extremely
common, with Norton Anti-Virus suffering between "ten to forty
" such events every single month, but as the majority of them affect rare or unpopular software users are not often inconvenienced. Nevertheless, the company is said to review every single case of false positives "at a vice-presidential level.
Haley was quick to point fingers at his company's competitors, claiming that while the WoW
gaffe was embarrassing it paled into insignificance compared to rival McAfee's recent blunder
which saw the important Windows system file svchost.exe
detected as a virus and quarantined - leaving users' PCs in an unbootable state.
While losing the ability to play a game may only seem like a complete disaster if you're totally
addicted, it's still an embarrassment for Symantec - and yet another mark against the approach taken by traditional signature-based anti-virus packages.
Do you believe that the entire anti-virus industry needs a massive overhaul? Should companies be looking towards alternative technologies in order to avoid the harm caused by false positives? Share your thoughts over in the forums