Saturday, March 11, 2006 2:50 AM
sandi
Ok, now Trend has been taken care of, now for McAfee
http://www.incidents.org/diary.php?storyid=1179
http://isc.sans.org/diary.php?n&storyid=1184
"NAI/McAfee today released pattern version 4716 only hours after 4715 had come out. Pattern 4715 triggered false positive virus alerts for "W95/CTX" on a number of files that are part of quite prominent third party products. Good for you if you have your AV configured to "quarantine" bad files and not to delete them outright, this makes restoring the chewed up files after a false positive considerably faster. Nevertheless, things like this can get messy pretty quickly if the AV scanner starts to quarantine vital components of your environment."
Want to know what some of the 'quite prominent third party products' are? We're looking at excel.exe, graph.exe, adobeupdatemanager.exe...
http://news.com.com/2100-1002_3-6048709.html
For pity's sake, don't these companies TEST their definitions before rollout???
Another stuff-up by Sophos from not long ago:
http://msmvps.com/blogs/spywaresucks/archive/2006/02/22/84530.aspx
Filed under: Security, safety and privacy on the Internet, I ain't happy about this....., Vulnerabilities, viruses and exploits