Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

December 10th, 2009

Bad Definition Update

First, I want to thank everyone that left comments on my previous blog entry and on Ondrej’s forum entry. We appreciate all the comments—positive and negative. And, if you are still having problems, please do contact our support and they can help you. You can reach them via http://support.avast.com/index.php?languageid=1&group=eng. From that page you can get help on our forum—just post a question and someone (an avast employee or a community member) will help you. Or send a trouble ticket directly to our support staff.

As I had promised in the earlier post, I am giving an update on steps we are putting in place to protect against such an occurrence again in the future. Three key elements of the current process are that:

  • Only a have a small and very controlled group who is allowed to publish virus updates
  • The updates to be tested against our clean set (a massive set of about 10 million  known clean files) to ensure no false positives
  • Monitoring of our forums, false positive reports, etc. for some period of time after an update is sent out

The major change we have made is to absolutely mandate that no one other than this small group is allowed to publish virus updates. There are no exceptions to this policy—even myself, our CTO, and other members of the virus research team are not allowed to publish virus updates. We believe that our process itself is very good and the failure came about only because someone outside this small team did the publication. We have added some safeguards though to ensure early detection and remediation of any future problems. These include:

  1. Automated monitoring of false positive servers and data connections. If the servers/links experience unusual traffic, alarms and phones will start ringing. We already have this monitoring on a number of servers/links and now will add it to the false positive servers.
  2. We will be publishing an emergency contact number for key partners and an assortment of users around the world. If these partners or users see anything unusual—whatever the time—they can reach someone responsible on the phone immediately. Some of our power users detected this last problem pretty much immediately—unfortunately they had no way of contacting us. Now they will.
  3. We will be instituting a method of rolling back the virus update pretty much instantaneously. This will allow us to quickly roll back to the last known good update without having to take the time to develop a new update.

So once again, very sincere apologies and we thank you for your continued confidence in us.

Categories: CEO's corner Tags:
  1. December 10th, 2009 at 10:36 | #1

    Hi Vince,

    We are really understand for last mistaken happened with avast signature update.
    We believe everyone learn from his/her mistaken, and will improve in the next event.

    1. It is good idea for each signature before released, need to tested with virus lab first
    2. Need to publish customer service contact number like McAfee (Asia pasific or Europe) or Symantec same
    3. So far your avast have a good support either from support or forum support, but just need your quickly response time
    4. If you need local support, maybe you could established avast local support at your distribution partner

    Don’t worry for each user which have a problem with avast, either avast’e evangelist or avast tech guys ready to server you.

    Regards,
    Yanto Chiang

  2. Tech
    December 10th, 2009 at 20:15 | #2

    [quote]We will be instituting a method of rolling back the virus update pretty much instantaneously. This will allow us to quickly roll back to the last known good update without having to take the time to develop a new update.[/quote]
    Very good technical idea.

  3. Waleed
    December 11th, 2009 at 10:03 | #3

    I cannot blame avast because of one mistake after 3 years using full function antivirus in free without any problem
    sorry my English is bad

  4. December 11th, 2009 at 10:33 | #4

    Tech :
    [quote]We will be instituting a method of rolling back the virus update pretty much instantaneously. This will allow us to quickly roll back to the last known good update without having to take the time to develop a new update.[/quote]
    Very good technical idea.

    Hi Tech,

    That is good if avast will have it

    Regards,
    Yanto Chiang

  5. Reynaldo Mtz
    December 11th, 2009 at 21:46 | #5

    I love avast and if you do 10 things and 1 is bad everybody remembers the bad thing but what about the 9 good things? I really appreciate the long long time me and all my friends in Mexico have been using Avast, since we started using Avast we forgot about the nesty things in the web.

    Thanks to all of you staff from Avast, you all have made possible that many people in many countries lacking of money to buy an antivirus to have a free and accurate solution to their problems, I have recomendend Avast to my friends in Chile, Venezuela, Peru, Colombia and Argentina and now they are doing the same with his friends, everybody is happy to have Avast.

    Rmtz
    Mexico.

  6. Tony
    December 12th, 2009 at 18:31 | #6

    I have to admit, Avast had me in a panic while I was deleting virus files that was in error. And yes, I was upset after the fact. But I can say for certain that taking steps to correct the situation in the time frame they did was very responsible. The definition of a Journeyman in the “trades” is to be able to find and fix your own mistakes. Avast has proved themselves time and time again with my hardware. I will not be tossing thier AV software in the street after one mistake like several claim, but due to the actions of the AV team at Avast, I will be installing Avast Pro on all of my machines in our 2 offices.

    Once again, Thank you AVAST!

    Tony Snyder
    Network Admin
    SLS Consulting

  7. December 12th, 2009 at 18:51 | #7

    tohomeuse

  8. December 12th, 2009 at 18:53 | #8

    to home use.

  9. December 12th, 2009 at 18:55 | #9

    my farssnal use only.

  10. g.miller
    December 13th, 2009 at 00:39 | #10

    I depend on avast and trust you to keep virus free computer.I have had no problems with it so far as i know. When i had other virus programs (top names) i won’t say here,they always messed up and i was spending more time taking them off and reloading them . This does not slow my computer like they did . Happy holidays to all who celebrate and a good new year .

  11. Stan
    December 14th, 2009 at 18:43 | #11

    More than just “thanks” – its your attitude to dealing with it is what’s really important.

  12. Chim
    December 14th, 2009 at 19:28 | #12

    I’m curious if an idea that was tossed around in the avast Forums will be instituted / implemented. I don’t know if it was addressed over there, but there are too many threads regarding this topic, so it’d be very difficult to see if it WAS answered.

    Anyway, it was suggested that IF some problem of this recent problem’s magnitude ever happened again … perhaps there could be in place the function to where all of us avast Users would say … immediately see the RED Avast Pop on the bottom right of our screen come up and inform us of a major problem. Now obviously the little Pop Up Window doesn’t have enough room for a detailed explanation. But, we could be given just enough of a Heads Up that there was a critical problem with the latest Virus Database Update and have us click on a link to where we can find out what to do and what NOT to do. This could prevent avast Users from panicking and jumping to performing a Manual Scan that would then cause more damage. Is this idea or something similar going to be instituted?

    This would go hand in hand very well with the ability to roll back a Virus Database Update.

  13. bohmied
    December 14th, 2009 at 22:21 | #13

    Don’t think too much…
    Avast

    is

    the best…

  14. December 15th, 2009 at 01:39 | #14

    I was in the middle of some critical (isn’t it always???) work when my machine started telling me things were infected. I didn’t quite panic – although somebody watching me might think differently… I got suspicious that “everything” seemed to be infected. I hit Google to get a description of the virus, then Googled for messages about problems, and found several messages indicating exactly what I was experiencing. There were also messages indicating that you’d already released an updated database. That took care of it – updated, restored the files I’d deleted, and all is fine.

    I’ve had major problems with several of the Biggest Names in the anti-virus software business – like destroyed machines; had to wipe the drive and reinstall everything.

    I’m impressed that you’ve admitted there was a problem, you’ve apologized, and you’ve taken steps to see it won’t happen again. What more can anyone ask? (Yeah, we can *ask* for perfection, but it doesn’t exist!)

    Ironically, the snafu hit just as I got to the end of my license – it expires the end of this month. Of course I questioned whether to renew or not; after that anyone would.
    You’ll be pleased to know I just *did* renew – for 3 years.

  15. george
    December 15th, 2009 at 07:33 | #15

    @Yanto Chiang
    nom, avast is best one.

  16. Jo Pfeffer
    December 16th, 2009 at 20:49 | #16

    I really appreciate the apology! I have a friend who owns a Thoroughbred breeding farm, and the false positive fiasco ended up blowing out her system. She drove it in to me, and I was able to do a repair on Windows XP and get her system running properly again. It was several days of her not having a system, and several hours of work by me to get things going again, so the apology goes a long way to calming things on her end.

    GLAD to see that you’ve put controls in place on releasing virus updates! Still an avid user of Avast! on family and friends computers!

  17. December 17th, 2009 at 04:34 | #17

    george :
    @Yanto Chiang
    nom, avast is best one.

    George,

    Sure, if you feel convenience with avast! support and performance that it good for you and ALWIL Software.

    Regards,
    Yanto Chiang

  18. December 17th, 2009 at 05:20 | #18

    A WANT TO REMOVE MY ANIVIROUS AVASTI ON MY PC.BUT I CAN’T.ITS SHOWS PROBLEMS.SO PLS HELP ME SOON.

  19. Debbie
    December 17th, 2009 at 07:11 | #19

    Is there something I need do about this update? Specific symptoms or problems it caused? I ran a scan possibly around that time and since, as my computer has begun acting odd.(cpu usage % maxing out when i open chrome and while on it. pgs freezing and not functioning correctly, etc.) No viruses were found, however it showed 11 items that could not be scanned. 6 were password protected archive files.I have not password protected or archived any files. 3 on D: drive it said were decompression bombs. The other two were in docs and stgs (1)Hp admin \…\backup.db (2)d&s \…\FileInfoList.xml
    These two, it also said were password protected. When I tried to put in chest a window popped up saying an error was encountered – no other info. no options other than closing window.

  20. December 18th, 2009 at 15:01 | #21

    @Debbie
    Hi, if avast didn’t report the mentioned viruses you haven’t experienced this update issue. Please find explanation to password protected files here: http://forum.avast.com/index.php?topic=51816.0 and here to decompression bombs: http://forum.avast.com/index.php?topic=8943.0

  21. sultan
    December 19th, 2009 at 08:42 | #22

    Avasti is good and best but i cant able to update

  22. michaelmj
    December 20th, 2009 at 02:04 | #23

    I’m usinf version 4 of avast! and am pleased with it. Lately the announcer’s voice that announces an update has taken place is silent. Is that the result of the update or a new change to the program – also, can I get the voice back ? THANKS.

  23. Rabb
    December 20th, 2009 at 08:11 | #24

    After all said and done AVAST is simply fantastic. To know why, just try AVAST BART software.

  24. karan
    December 22nd, 2009 at 07:14 | #25

    HI everybody,
    first of all,i will like to thank all of technical members,who created this anti-virus,i like avast most,i am a computer technician,so whenever i install a operating system in my customers computer,i recommend them avast,but i would like to tell you guys,that there is a slight problem,whenever my system crashes and whenever i re-install it,i have install avast again with older database files and everytime i have to update its database files,so please put a add-on so that avast database files could be store in backup,so that whenever system crashes,i dont have to update avast data base files via internet,because they are larger in sizes,and here in india,the net connection is very slow,and it is very boring to sit in front of pc and download whole files again.

  25. Nathan
    December 23rd, 2009 at 08:39 | #26

    I have been using AVAST for over 7 years now and have NEVER had any problems! If you did publish a bad update, you had it fixed before I noticed anything wrong.
    You have been doing a job that is well worth much more than any of the others charge, and you give it away for free!
    I can not express enough how happy myself and my whole family are with your program! I have 5 laptops and 2 desktop computers in my family and all but one of them are running Avast for their anti-virus protection.
    Please keep up the great work and don’t let the nasty comments of a few people get to you in any way..
    I have been telling people about your program for a long time now and just about every one of my friends and even a couple of businesses I have told , are running your program. Thank you very much for years of safe effective use.

  26. December 27th, 2009 at 12:58 | #27

    lol I didn’t visit the avast blog much I’m surprised to see that the emergency was also post in the avast blog.Good to have a blog where people can see the news about avast.

    Cheers

  27. December 27th, 2009 at 16:26 | #28

    The update VPS 091227 has caused the ads that appear at the bottom of the email page on AOL to be interpreted as TROJAN viruses. The avast pop-ups are interfering with ability to read email as each pop-up has to be deleted. Can this be fixed?

  28. December 27th, 2009 at 17:42 | #29

    The new version of Avast makes it impossible to navigate Yahoo finance without the software stopping the web site navigation and winding up displaying a blank page. In order to visit yahoo I must disable Avast (which one should not have to do) inorder to navigate the web site.

    This is really a disruptive process. Fix it.

  29. December 27th, 2009 at 20:24 | #30

    avast alarm sounds every time I log on to yahoo mail

  30. Joe S
    December 28th, 2009 at 02:53 | #31

    Today there was another bad update that caused access problems with Yahoo.com. Since this is the second bad definition update in about a month are there plans to review the testing and release procedures? I’ve used Avast for several years and this is the first problem I’ve encountered.
    Joe

  31. ronny
    December 28th, 2009 at 15:01 | #32

    I recently updated the free version avast antivirus and now get nothing but trojan warnings with many different websites that never have given me problems before. These websites include Yahoo and msn.. I am also getting the really annoying on-access scanning messages at the bottom right of my computer. Is there a way to remedy this situation or am I stuck with this? Would like some help with this, so if you have any suggestions, please let me know… This is the first issue I’ve had with this antivirus program and am otherwise pleased with the program..

  32. tjgdude
    December 29th, 2009 at 03:35 | #33

    @ronny

    I would try reinstalling avast and if that doesn’t work e-mail me at tjgdude21@yahoo.com

  33. budsie175
    December 29th, 2009 at 17:36 | #34

    My problems cleared up overnight.

  34. ali
    December 31st, 2009 at 17:59 | #35

    آپدیت اوستا را می خواستم

  35. Ed – Canada
    January 1st, 2010 at 08:01 | #36

    I was a Norton AV user for a few years – but I would get one or two virus’ each year that the program didn’t seem to stop or quarantine.

    I am pleased to say that I have not had one problem with Avast over the past 3 years I have been using it. The fact that this one problem happened was simply human error and not a fault of the program itself. I do hope the person(s) who made the mistake are still with Avast, as they would have learned from this oversight and would not make this same error again in their career.

    Best wishes to Avast and Avast users for a Happy and prosperous New Year in 2010.

  36. Sonya Sorenson
    January 3rd, 2010 at 10:41 | #37

    I too worked a “system restore” program to a previous date when everything was going smooth with Avast!
    First time I’ve had difficulty with Avast! in too many years to count for anything serious. I won’t long recall the problem just how to handle the difficulty.

  37. Rod
    January 4th, 2010 at 17:28 | #38

    Seems like a pretty nice program, though after 2 hours of trying to update, it only downloaded 1mb out of 35mb. It keep retrying, but failed. Your guys server must be super busy – should I move to avira or avg?

  38. January 4th, 2010 at 17:33 | #39

    @Rod
    Hi Rod. Thanks for the kind words on the program. You seem to be using a dial-up connection from Atlanta? We actually have massive server capacity and you are quite close to our servers. Which download site did you download through? Was it from our site or someone else’s? A dial up download will be slow as you know. But it should still be faster than you indicate.

  39. January 5th, 2010 at 20:38 | #40

    @michaelmj
    Dr. M. D. Is that you I am so upset I dont know what is going on…Always your friend Lisa I need to talk to you I need your forgiveness for something that happened by my making a very poor choice a while back

  40. John Mallows
    January 7th, 2010 at 18:06 | #41

    I have a regular pop – up offering a new version of Avast. I’m still ignoring oit just in case, amd glad a took this cautious tactic back in December so I escaped the misery others suffered. But is it now safe to let it load?

Comments are closed.