Microsoft, Google join forces to tackle antivirus false flags

[Reefa]

VirusTotal's effort to reduce the number of flagged false positive results has received the help from Microsoft.

The anti-malware company, which was bought by Google last year for an undisclosed sum, said its "trusted source" program allows large software developers share their files so they can be quickly marked as safe by its antivirus program.

The program is designed to bolster trust in the antivirus industry and its programs. If a file is flagged, the company will inform the developer, allowing them to "quickly correct the false positive."

In a blog post, it was said that Microsoft has contributed to more than 6,000 false positives being fixed.

Files mistaken as malware are a "headache" for both developers and the antivirus issue, the post explained.

"Software developers may face strong business impact as a large portion of their users see their programs rendered unusable" from false flag reports, the post said. That can lead to users being "unable to finish critical tasks."

ZDNet's Larry Dignan makes a point, however. "Don't get to carried away by this Google and Microsoft detente. After all, the search giant will still out Microsoft vulnerabilities before they are fixed," he said.

It comes not long after the two companies -- on two separate occasions in a week last month -- sparred after Google disclosed vulnerabilities in Microsoft's software. The bugs were revealed after the search giant gave its software-making rival 90 days to fix the flaw.

Google's Project Zero, which has since its inception, been a critical unit in discovering security flaws and vulnerabilities in various companies' software. But it's faced controversy for disclosing these bugs publicly -- as well as code required to exploit bugs -- after its set time-limit.

zdnet

[DKT27]

What if the file is not actually a false positive. Sure, you expect big developers to keep out any such malwares out of their computers and their softwares, but that is not fool proof. If a company can put passwords or it's hashes in text files, you cannot expect them to be great when it comes to security in other matters. Sure, there might be many which do it well, but probably not all.

To add to that, AVs themselves do a lot of flagging by marking the files safe by seeing the companies name, so this thing done by VT is a kind of addition to that.