Importance of QA in Antivirus Industry: Case 1 - False positive detection

Just recently AVG offered infected customers with free one year license or update.
Read the article:

AVG offers infected users free year of service

By Emma Hughes
17 November 2008 07:06AM
Security

AVG announced yesterday that it would be offering a free year of service after its antivirus software got confused and misidentified a key Windows system file as malware.

The problem affected non-English versions of XP.

The security vendor identified earlier this week that user32.dll was coming up as a generic Trojan which caused a warning pop-up asking if the user wanted to delete it – unfortunately for those who say ‘yes’ they were stuck in an endless reboot cycle.

Once the floods of complaints began, AVG identified the mistake and began offering workarounds for affected users – which is fine if you’ve got someone else to look it up for you.

Yesterday however, AVG announced, "As a follow-up to the rapid distribution of recovery instructions and repair CDs, AVG Technologies is offering all affected users a free license or license extension as follows.”

This basically means a free year of AVG 8.0 service, or a free upgrade for AVG 7.5 users.

The upgrade also includes users of the free AVG antivirus service.

Once the company began apologising, it seemed to be unable to stop, "AVG Technologies apologises again for the inconvenience caused to our customers and wishes to assure our users worldwide that the company is actively putting new processes in place to avoid similar occurrences in the future.”

AVG has said that it will begin contacting affected customers beginning November 24 in order to give further instructions on this service.

Look how important is QA testing for false positive in AV Industry; not only AVG have lost revenue for little mistake, it also created unwanted media attraction.

Few years ago and only few months ago, Symantec had exactly same thing when Norton AV was deleting part of Windows. It's all fixed up and updated now, but if these companies have done proper scanning testing before the release of their anti virus definitions or database then this wouldn't happened.

False positive detection must be cleared before the release of the anti virus definition/database, if only AV companies properly implemented QA testing lab to perform FP detection at least on popular operating systems like Windows XP/Vista then AV Industry won't spend their time & money on patching or fixing their mistakes.