Trend Micro has given out details of two anti-virus signatures sent out last week that caused Windows DLL files to be quarantined.
The false positive identification of Windows systems files by Trend Micro Internet Security began at 4.30pm BST on 4 September with signature 5.521.50. The false positive affected Trend Micro users in Germany and Norway.
When Trend Micro tried to correct the issue, this inadvertently casued more damage, according to Rik Ferguson, Trend Micro's senior security adviser in the UK.
At 2.00am BST on 5 September Trend Micro sent out signature 5.525.50 to try to correct the original issue. The new signature affected even more users, in France, Turkey, the UK and Poland. Signature 5.527.50, sent out at 12.15, then corrected the issue -- for users whose systems still worked. The problem with quarantining systems files is that this is liable to make systems not work.
Trend Micro technical support has advice for users whose systems have fallen down, said Ferguson.
Feguson told me that the problem had been caused by more generic anti-virus signatures.
"It's one of the ways anti-virus vendors are looking at the huge rise in the number of variants of individual pattern files," said Ferguson.