CA mistakes Windows system file for malware

Pro

4 September 2006

Computer AssociatesEtrust antivirus application flagged a Windows system file as malware for several hours recently.

A spokesman for the security vendor said that the error followed an incorrect update of the application’s antivirus signature file, causing it to remove or isolate a file named ‘isass.exe’.

The company released an update for its antivirus signature file within hours.

The isass.exe file is a system component for the Windows Server 2003 operating system. The antivirus software caused the operating system to crash, and rendered it unusable in some cases.

Such false positives are a regular problem for antivirus vendors. Sophos mistakenly claimed in February that several Microsoft Office and Adobe Acrobat Reader components on systems running Mac OS X were infected with the Inqtana virus.

Last July Symantec erroneously detected the Zlob Trojan in the open source Nullsoft Scriptable Install System tool.

Read More:


Back to Top ↑

TechCentral.ie