Norton turns into mental lipstick-wearing false-positive pig

Davey Winder
Thursday, 11 December 2008 16:43

Your IT - Home IT

Meanwhile, I got the same PDF file download warning when visiting Reddit, and CNN. Now I diverted my attention to my own machine, thinking it might have somehow been compromised. But no, it scanned as clean.

It became obvious that this was a Norton problem when I tried another laptop with another AV suite installed that gave no such warnings. A quick call to a colleague confirmed his NIS 2009 'protected' machine had also gone mental.

The real giveaway was the URL which was referenced as being a suspicious PDF file download pointed not to a PDF at all, but rather to some JavaScript.

It took a while, but eventually Symantec came clean and admitted it had lost the plot and gone mental. In a support forum posting , a security response spokesperson called Orla stated "I can confirm that the issues you've been seeing, where NIS erroneously triggers the detection "HTTP Acrobat PDF Suspicious File Download" on some legitimate websites, have been resolved."

Orla continued "Corrected signatures have been created and are now available for download via LiveUpdate."

Having apologised, Orla insisted that Symantec "take false detections such as this very seriously and will be taking corrective measures to ensure a situation such as this does not happen in future."

Well that's OK then. Not. False positives totally screw the trust issue when it comes to security products.

Pretty much all of the Madrid launch event, at least from the perspective of the security press attending, was angled towards persuading us that Norton had moved on from the problems of the past when it was associated with being resource hungry and system unfriendly.

This one mistake could have undone all the good work from Symantec. Oink Oink Oink...