OFFICIAL SECURITY BLOG
April 18, 2013 | BY Marcin Kleczynski
It’s been a rough week here at Malwarebytes, and I’m sure for many of you as well. We’ve spent the entire week focused on supporting the users affected by Monday’s false positive, as well as implementing systems to prevent this type of problem from ever happening again. If you have not yet received help, please route everything to our support team so we can reach out to you — the forums aren’t an ideal place to track responses, and once you’re in our helpdesk system we can help you more quickly.
With that said, I’d like to take a closer look at what we’ve done to prevent false positives in the future.
1. We’ve installed a false positive shim server. This server will have virtual machines running a wide range of different configurations and operating system versions, to mirror the range of setups our customers run. Before an update gets pushed out, it will be tested on this server, on every configuration. If a false positive is detected, it will prevent our research team from uploading a database update.
2. We’ve modified the tools that compress and encrypt our definition updates. The false positives on Monday were not traditional, they were caused by a corrupted file that our encryption tool did not flag. We’ve made immediate changes to the tool and are testing it with a roll-out date to the entire research team by the end of the week.
3. We’ve started hiring for our support team. While I am proud of how our support team handled the situation, they were, and still are, very overwhelmed. We realize that Malwarebytes needs to scale proportionally as a team and the support team needs more members. We’re going to reach out to our community and hire additional forum members as well.
4. Phone support has been on our plate for quite some time. We’ve been exploring several different options and approaches. This incident has opened our eyes to how important this really is and we’re taking all the steps necessary to make it happen.
We remain fully committed to providing the top quality products you expect from Malwarebytes and to earning and keeping your trust.