The Church of England's publishing arm has advised clergy to ignore
Symantec security warnings, after its Norton Antivirus product wrongly
identified church software as spyware.
Many Church of England vicars use a software tool called Visual Liturgy to plan, create and deliver church services. On
July 8, Symantec issued a warning saying that a new virus had "a significant
detrimental effect on Visual Liturgy," according to Church House Publishing (CHP), the publishing arm of the Church of England.
Norton's auto-update wrongly identified a file integral to Visual Liturgy as
"Sniperspy," a piece of spyware. After receiving the update, users were prompted
to accept the Sniperspy threat warning and delete the file, called vlutils.dll.
This rendered Visual Liturgy useless.
"Up to 4,500 churches with approximately half-a-million churchgoers have been
badly affected by this," said David Green, the outgoing new media manager for
CHP. "Usually, it takes a lot to get a clergyman upset, but we have had a fair
few on the phone. There's been no talk of smiting yet, but we'll wait and see."
Visual Liturgy contains all of the authorized liturgy for the Church of
England. Vicars use the software to choose services, plan Bible readings and
CHP was deluged with complaints from vicars on July 10, the Monday after the
update was pushed out. Some vicars said that their Sunday service planning had
According to CHP, Symantec has compounded its sin by not responding to
repeated requests to put the situation right.
"We spoke to Symantec on Monday morning, and were told to fill in an online
false positive form. We were told Symantec would respond within four weeks. From
our point of view, this was not good enough," Green said.
Green said he and other CHP staff contacted Symantec in London, Dublin and
the U.S., trying to get the company to respond to the complaint quickly.
"We were told we needed to speak to the security response team, but
apparently the security response team doesn't take phone calls," Green said. "We
ended up speaking to consumer services, who according to Symantec were the best
people to speak to. Consumer services were also getting it in the neck from
vicars...Unfortunately Symantec isn't responding to our requests. We haven't
heard anything from Norton."
However, Symantec claims it responded to CHP's July 10 request a day later
but received no further communication from the organization.
"Having reviewed the query, the issue was addressed and a response was sent
to CHP on July 11, advising them to run Live Update and respond to confirm that
this rectified the signature and corrected this issue," a Symantec
representative told ZDNet UK. "No response was received so two weeks after this
initial request, it was concluded that there were no further issues and the case
Thomas Allain-Chapman, head of publishing for CHP, claimed CHP had been
forced to advise vicars to ignore Norton antivirus threat warnings, creating a
potential security risk.
Green said: "It's obviously frustrating. Ultimately, we don't want to advise
our customers to ignore threat warnings, because that's not a good idea. But
Norton isn't responding."
Andrew Sweeney, who will become CHP's new media manager on Friday, said it
was "hard or impossible for a business to find a way into Symantec" to report
incidents like this.
One vicar in Northumberland thought he had been infected with spyware, and
promptly canceled all of his credit cards because he thought someone had all of
his data, Green said. It took the vicar 10 hours to cancel cards and rectify his
online banking situation.