Destructive AV Is Not Just A Symantec Problem

Symantec’s destructive update is an inevitable consequence of how anti-malware works, says Peter Judge.

When a security story breaks, vendors in the sector queue up to comment about why Company X was negligent or Company Y deserved what happened to it.

Except for one kind of security story: when an anti-virus firm issues a destructive update.

Symantec admitted over the weekend that a buggy update to its anti-virus software caused a lot of PCs to crash into the Blue Screen of Death. Clearly, its quality control department slipped up – but so far no rival firms have criticised Symantec (or responded to our invitation to do so).

It could happen to anyone?

There is a fairly obvious reason for this, and another anti-virus firm gave it to me two years ago, when rival anti-virus firm McAfee suffered an even worse problem.

An update to McAfee’s software mistakenly classified an important Windows system file as a virus, causing endless grief to Windows XP users. Cleaning up that problem involved a lot of work, and McAfee’s reputation was seriously damaged, possibly helping to soften it up for eventual take-over by Intel.

Despite the seriousness of the problem, other AV firms did not comment. One of them said, strictly nameless and strictly off the record: “It’s just this. It could happen to any AV company. It might be us next.”

Not just a Symantec problem

Anti-malware is a tricky business. The software is often marketed like a protection racket: “That’s a nice PC you’ve got. Wouldn’t want anything to happen to it, would we?”

The firms that bundle AV with new PCs have a huge cost per sale, as most people don’t respond to the nag-screens that keep telling them to pay money to upgrade once their free subscription has expired.

The freemium AV vendors like AVG and Avast take a higher moral stance, arguing that their software actually protects domestic users for nothing, and can be funded if enough commercial users pay up for the full version.

But they always face the temptation to go to the dark side by monetising through other partners. I stopped using AVG at a point when it tried to bundle too many unwanted toolbars and search-engine preferences, because unwanted software can cause problems.

So, destructive AV updates, when they happen, don’t feel like any sort of surprise. This is probably the least-loved branch of software, and a poorly-administered update only confirms our low opinions of the species.

Which is a shame. Because no mater how much we dislike it, AV software has improved our PC experience on balance.

Symantec should certainly hang its head in shame for failing, in this instance, to properly iron out all the difficulties in a three-way software interaction.

But the whole business of anti-virus is based on users handing power to a third party. We ask those companies to set traps against intruders. When those traps snap on the wrong ankles, we can switch vendor to one that is less trigger-happy or more careful.

But my anonymous correspondent was right. In the world of anti-malware, these things happen.

Are you embedded into security? Try our quiz!

Read also : NortonLifeLock, Avast To Merge Into Antivirus Goliath