Fighting malware and spam

False positive

Clean file mistakenly labelled as malware, legitimate email incorrectly labelled spam

A false positive occurs when anti-malware software erroneously labels a clean file as malware.

False positives can cause considerable problems, particularly when the file in question is important to the operation of a system - if security software blocks access to or deletes a vital component, systems may become unstable or even cease to function altogether. Even when less significant files are mislabelled it can cause difficulties for users, for admins who must spend time ensuring the file is indeed valid, and for manufacturers who may halt production of a product while issues are resolved. The 'no false positives' rule is one of the main requirements for certification in the VB100 test process.

False positives are also encountered in spam filtering, when a piece of legitimate email (ham) is mistakenly labelled as spam. Again, serious consequences can result, for example when an important business document does not reach its intended recipient as a result of being filtered by anti-spam software.

Related news articles

False positive problem hits avast! users

Human failure blamed for faulty update.

09 December 2009

Serious false positive hits users of old McAfee engines

Batch of system files wrongly flagged as malware, current versions not affected.

07 July 2009

VB announces latest VBSpam certification results

Two products achieve top level VBSpam Platinum award.

01 July 2009

DKIM usage shows significant growth

US banks urged to use authentication method

29 June 2009

McAfee false positive flags Vista component

Innocent file labelled trojan.

22 October 2008

  see all related news stories

Poll

VB100 certification