False positive

Clean file mistakenly labelled as malware, legitimate email incorrectly labelled spam

A false positive occurs when anti-malware software erroneously labels a clean file as malware.

False positives can cause considerable problems, particularly when the file in question is important to the operation of a system - if security software blocks access to or deletes a vital component, systems may become unstable or even cease to function altogether. Even when less significant files are mislabelled it can cause difficulties for users, for admins who must spend time ensuring the file is indeed valid, and for manufacturers who may halt production of a product while issues are resolved. The 'no false positives' rule is one of the main requirements for certification in the VB100 test process.

False positives are also encountered in spam filtering, when a piece of legitimate email (ham) is mistakenly labelled as spam. Again, serious consequences can result, for example when an important business document does not reach its intended recipient as a result of being filtered by anti-spam software.

Related news articles

DKIM usage shows significant growth

US banks urged to use authentication method

29 June 2009

McAfee false positive flags Vista component

Innocent file labelled trojan.

22 October 2008

Tough weekend for AV giants as FPs and DNS issues hit

Trend false alert cripples users' systems, Sophos sites taken out by DNS mixup.

10 September 2008

  see all related news stories


Poll

How should software and OS patching/security updates be managed?
Manually, at the user's discretion
Automatically via an optional, user-defined schedule
Automatically via a fixed, but optional schedule
Automatically via a fixed schedule, on by default with opt-out system
Automatically and silently, with no option to run unpatched

Leave a comment
View 19 comments

Jobs Career Sidebar

Malware Prevalence

Dropper-misc |################|
Waledac |###############|
Agent |###########|
NetSky |#######|
Invoice |######|
 View this month's full report
Virus Bulletin currently has 165,644 registered users.