McAfee acts to avoid signature quality issues

Antivirus firm McAfee has overhauled its quality control and software testing procedures to avoid repeating a mistake last month that caused a signature update to flag Microsoft Excel as a virus.On a visit Down Under this week, McAfee's president Kevin Weiss said he wishes he could "roll back the hands of time" and stop the faulty signatures (DAT file) from being distributed.

Antivirus firm McAfee has overhauled its quality control and software testing procedures to avoid repeating a mistake last month that caused a signature update to flag Microsoft Excel as a virus.

On a visit Down Under this week, McAfee's president Kevin Weiss said he wishes he could "roll back the hands of time" and stop the faulty signatures (DAT file) from being distributed. He described how the company has changed its testing procedures to try and avoid repeating the mistake.

"We are trying to remove any potential of this happening again -- it was a very unfortunate incident and we wish we could roll back the hands of time," Weiss told ZDNet Australia. "It was the 4,715th DAT file we had downloaded to customers and it was a first to do something like this. It was a storm and we have done several things to protect our customers going forward."

The infamous DAT file also had issues with the files Graph.exe -- another Microsoft Office file -- and AdobeUpdateManager.exe, an application that deals with Adobe software updates.

Weiss said the problem occurred because somebody had been able to bypass a procedure that would have caught the mistake.

"We have changed the way we do our DAT file development and testing. We have ensured that there is a segregation of duties so that somebody could not make a mistake and circumvent a procedure that would have caught this beforehand," said Weiss.

In addition to improving internal testing procedures, McAfee has also updated its application so customers will be able to quickly toll their systems back to the point before the DAT file was installed, which is a feature the company had never previously thought was necessary.

"When it never happens you may not think about these things, but now we are giving customers the ability to roll back their files back to where they had a very well orchestrated environment," said Weiss.

Another change introduced after the incident is in how the software behaves once it has discovered what it believes to be a malicious file. Previously the suspicious file would be immediately deleted but now it is put into quarantine for a number of days.

Weiss said that the problems caused by the faulty DAT file impacted only a small fraction of the company's customers. He even joked that a number of customers were quite happy about the unexpected behaviour.

"We think we have made the right changes. Most of the customers understood that it was not a malicious error but an error in process -- some people even called me and said 'it is about time you got rid of Excel'," he added.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All