Antivirus makers are having a particularly difficult time protecting users using the 64-bit version of Microsofts latest operating system, Vista. According to the Virus Bulletin security certification body, 35% of the twenty products tested on Vista x64 failed to meet VBs latest test criteria. McAfee Virusscan, Symantec Antivirus, and Microsoft Forefront were three of several major vendors who managed to pass the test. Among those who failed were Computer Associates eTrust, which comes with improper default settings instructing the application to ignore many file formats, and all three of TrendMicros submissions, which mistook a Microsoft development tool as malware. John Hawes, technical consultant at Virus Bulletin, explained that "a false positive can cause as much disruption as a virus infection. False warnings often lead end-users to delete valid files in the belief that they are some form of attack and the resultant damage can be significant."
The root of the problem seems to be a struggle by AV makers to adapt to Microsofts PatchGuard technology, which prevents applications from accessing the OSs kernel. As developers explore new approaches to protecting the user in light of PatchGuard, teething problems are to be expected. Virus Bulletins certification is particularly stringent: one false positive or one failed detection results in a failing grade.