Monday, May 28, 2007

Another Anti-Virus Problem, Again

In February I blogged about a vulnerability in a Trend Micro product that exposed systems "protected" by this anti-virus software to remote exploitation. Symantec provides another example that running anti-virus is not cost free: Symantec false positive cripples thousands of Chinese PCs.

Now, according to Symantec may compensate Chinese users hit by buggy update, Symantec may pay companies affected by its botched signature update. Trend Micro apparently had a similar problem in 2005, before I was blogging about these dangers; it cost TM $8.2 million.

Please keep these stories in mind when you hear people claim that adding any security software to a system is automatically good and justified because of "defense in depth."

On a related note, this story pointed me towards the English language edition of the Chinese Internet Security Response Team blog.

1 comment:

Thierry Zoller said...

Yep this is soooo true, we investigated a bit more indepth into the situation, the outcome can be seen here : http://www.nruns.com/parsing-engines-advisories.php
Will be updated for the next months!

Strange you don't mention this as we piblish regularly on Bugtraq :)