Antivirus software vendor Avira is making moves to update its quality assurance processes following a 20-minute window yesterday where components of Avira's own software were triggering false positives.
Avira's reported false positive samples over the past week peaked at 10,611 samples.
(Screenshot by Michael Lee/ZDNet Australia)
The company normally has an automated quality assurance process that tests files from popular operating systems, browsers and other software, including patch updates. As a result, it has a team working every day to add new software to its false-positive quality assurance test, which normally includes Avira program files.
As the company began to update its infrastructure a few days ago, not all of its program files were added to the test, including a dynamic link library, aescript.dll.
"A loophole was created for possible false positives on our own software," the company said in a statement.
This loophole caused aescript.dll to be detected by Avira as TR/Spy.463227 shortly after Avira issued its Virus Definition File (VDF) 18.104.22.168. According to Avira's statistics on the virus, it received 10,611 samples from its user base reporting infections on the first day of the issue.
Avira shortly realised the issue, and pulled the VDF offline after it had been up for 20 minutes. A new VDF was released 32 minutes afterwards, which fixed the false-positive issue.
The company has stated that while its infrastructure has been upgraded, it will now implement a manual process, which runs in parallel to its automated quality assurance tests to ensure that false positives on Avira files are eliminated.
This process will become automated and operate in real time once the upgrade is complete.