Roy Schestowitz wrote:
> __/ [ Larry Qualig ] on Wednesday 15 March 2006 05:32 \__
> > B Gruff wrote:
> >> "The dodgy anti-virus update (4715 DAT), issued on Friday, March 10,
> >> falsely identified a number of component files of Microsoft Office
> >> applications and some Windows systems files as infectious. Along with
> >> Microsoft Excel, components of Adobe Update Manager, Macromedia Flash
> >> Player and Google Toolbar were falsely labeled as viral"
> >> http://www.theregister.co.uk/2006/03/14/mcafee_av_false_positive/
> >> Interesting - something I hadn't considered in the past - the effect of an
> >> "active" protection mechanism rather than a passive one.
> >> I guess that one can have failures of both airbags and seatbelts, in that
> >> if the belt isn't properly anchored, or the airbag doesn't inflate,
> >> neither
> >> does its job in a crash. However, the premature inflation of a bag (e.g.
> >> while driving normally - a "false positive") could be a bit of a problem,
> >> and one that doesn't have an equivalent with a passive restraint?
> > I heard about this yesterday (Monday) at work. It happened to a friend
> > of mine who just happened to pickup the virus signatures the previous
> > Friday.
> > To clear this up... McAfee didn't and doesn't "eat" a system. It places
> > the files into a quarantined area for safe keeping. He had to click on
> > the files and tell McAfee to put them back.
> It's an issue with third-party software, but I think it still reflects badly
> on its host, which permitted this thing. If you think about it, had the
> platform not been so malware-ridden, this never would have happened.
Definitely. I thought this was rather obvious. If the *need* to run AV
software didn't exist then the problem would never have occurred.
> Yet again, Averaga Joe finds the operating system hard to use
> because applications disappear.
I'm not sure what the typical Joe Sixpack would do. I'm not sure they
have the (basic) skill to look in the quarantined folder and restore
the files. Depending on what was doinked, they may not even notice it
until they go to run the app. Net-net... it's a problem.