The Trojan That Never Was
How not to handle a PR debacle, Part 767:
Avast, the free antivirus I’ve been using, and recommending, for while, has lost my confidence by a double whammy: mis-identifying pretty much every executable on my computer as a Trojan, and then not telling me about it.
Apparently an update to the software will misidentify a lot of files as containing the Trojan Win32:Delf-MZG, suggesting you do a boot scan to clear out infections. Do so, and you’ll likely find that Avast will be deleting a lot of major program files, including those in the Windows directory.
This is bad, because these are what are called false positives—i.e. not infected. An update to the Avast virus database created the error—and has, apparently, since been corrected with a further update. But not before hundreds, maybe thousands, of users, did what I did: boot scan and religiously delete
You won’t, at the moment, know any of this from Avast.
Their blog hasn’t been updated since November 30. There’s nothing on their home page to suggest there’s a problem: the website lists the latest update and doesn’t indicate there’s been a problem.
But do a Google or twitter search and you get a sense of the frustration:
Twitter is throwing up a tweet every couple of minutes:
The point here is that everyone makes mistakes. But Avast don’t seem to have helped their users to avoid panic by not only correcting the problem but in trying to ensure that their users find out about it easily and quickly.
This is not excusable in this era of the real time web. Twitter is the obvious choice, but there’s no sign of Avast on its official twitter feed since November 30. (see screenshot above.) Avast should be using all channels to reach its users.
Antirvirus is just an extreme example—it’s an industry that is used to updating its product on the fly. But security is also about informing its users—and Avast, sadly, is not much different from most companies that think they can brush over glitches and pretend they never happened.
A mea culpa is in order, and a promise that this isn’t going to happen. Crying wolf on viral infections is not a good security procedure.