AVG update kills iTunes

July 27, 2009 // 2:21 p.m.

Tags: #anti-virus #avg #avg-anti-virus #ca #computer-associates #false-positive #grisoft #itunes

A glitch in virus definition updates for the popular AVG Anti-Virus software from Grisoft is mis-identifying libraries required by Apple's iTunes software as harmful – and disabling the software.

According to an article over on I4U, the update – which came out on Friday – appears to be mistaking iTunes.dll and iTunesRegistry.dll for a Trojan Horse identified as Small.BOG. This affects all users of iTunes on Windows, with some unfortunate side effects: if AVG is allowed to quarantine or delete the files, iTunes will no longer operate.

Although a patch has now been issued by Grisoft which corrects the false positive issue, many users over at the Apple Support forums are left confused and bewildered. Some iTunes users have been left with the impression that Apple's software really was infected, with one user even stating that “even if you go back to Apple and get the [iTunes] setup again, [it] is infected."

This isn't the first time a false positive in an anti-virus application has wreaked havoc: back in 2008 a similar flaw in AVG left Windows systems unbootable as it removed the system file user32.dll – again mis-diagnosing it as a Trojan Horse. More recently, Computer Associates' Internet Security Suite claimed that files associated with the Cygwin Linux-style system environment along with Windows XP Service Pack 3 were infected with the Win32.AMalum.ZZQIA virus.

Do you believe that anti-virus vendors need to test their definitions more thoroughly before release, or does the rapid turnaround required in order to protect their users against the latest threats excuse them somewhat for the occasional false positive? Share your thoughts over in the forums.

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU