Microsoft, Google join forces to tackle antivirus false flags

The program, dubbed "trusted source," has seen more than 6,000 false positives fixed so far, just one week after the program started.

(Image: Microsoft via CNET)

VirusTotal's effort to reduce the number of flagged false positive results has received help from Microsoft.

The anti-malware company, which was bought by Google last year for an undisclosed sum, said its "trusted source" program allows large software developers share their files so they can be quickly marked as safe by its antivirus program.

Read this

​Facebook launches ThreatExchange: Can information sharing thwart cyberattacks?

Facebook's ThreatExchange, a social platform designed to enable cyberattack data sharing, is the latest example of how companies and government agencies are trying to aggregate intelligence.

The program is designed to bolster trust in the antivirus industry and its programs. If a file is flagged, the company will inform the developer, allowing them to "quickly correct the false positive."

In a blog post, it was said that Microsoft has contributed to more than 6,000 false positives being fixed.

Files mistaken as malware are a "headache" for both developers and the antivirus issue, the post explained.

"Software developers may face strong business impact as a large portion of their users see their programs rendered unusable" from false flag reports, the post said. That can lead to users being "unable to finish critical tasks."

ZDNet's Larry Dignan makes a point, however. "Don't get too carried away by this Google and Microsoft detente. After all, the search giant will still out Microsoft vulnerabilities before they are fixed," he said.

It comes not long after the two companies -- on two separate occasions in a week last month -- sparred after Google disclosed vulnerabilities in Microsoft's software. The bugs were revealed after the search giant gave its software-making rival 90 days to fix the flaw.

Google's Project Zero has since its inception been a critical unit in discovering security flaws and vulnerabilities in various companies' software. But it has faced controversy for disclosing these bugs publicly -- as well as code required to exploit bugs -- after its set time-limit.

Newsletters

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All