Last week, Malwarebytes released an update that, in the words of company founder and CEO Marcin Kleczynski, "disabled thousands of computers worldwide," despite the fact that the company had removed the update, v2013.04.15.12 from its servers in less than eight minutes (h/t The Register).
According to posts on the Malwarebytes Forum, the faulty update had identified Windows system files as Trojan downloaders.
"If this is the competency level of your developers and engineers working on your definitions, I strongly suggest you step your game up," wrote one frustrated customer. "Sounds like the work of a scorned employee or someone already on their way out with a chip on their shoulder, because if it isn't, I am highly dissapointed in your product and procedures."
On April 18, Klecynski wrote a follow-up post detailing what the company had done to avoid similar issues in the future, including installing a false positive shim server to test every update before it gets pushed out, hiring a larger support team, exploring the addition of telephone support.https://o1.qnsr.com/log/p.gif?;n=203;c=204660766;s=9477;x=7936;f=201812281312070;u=j;z=TIMESTAMP;a=20392931;e=i
Additionally, Klecynski noted, the company is modifying the tools used to compress and encrypt updates. "The false positives on Monday were not traditional, they were caused by a corrupted file that our encryption tool did not flag," Klecynski wrote. "We’ve made immediate changes to the tool and are testing it with a roll-out date to the entire research team by the end of the week."