Over time, though, users realize that their scanner isn't always right. When they always take its advice, their applications don't install or can't communicate with the Internet. After too many instances of security software crying "wolf", users change their attitude to skepticism; that makes them more likely to distrust and override its advice. At that point, it's a crapshoot whether any security software that gives the user veto power can offer effective protection.
Add to those sins the problem that happened with McAfee this time. An erroneous detection had McAfee's scanner deciding that an innocent svchost.exe file was malicious. McAfee removing the virus, er, critical system file, rendered it unbootable, which is a problem that can't be fixed without a face-to-face encounter with each PC. McAfee realized their mistake pretty quickly, although only after the fact.
This most recent episode does bring into question whether McAfee quality control and testing is good enough, and their answer darned well should be "no". Yet it isn't like this is the first time a problem like this has happened. False positives don't have to be very common to be catastrophic -- to the PC, to the IT department, and to the product's credibility. Is the industry's current approach really sustainable? Malware seems to have been able to stay ahead of security software for more than a decade; the good guys are constantly being reactive to threats and leaving open a window of vulnerability that is hours or even days long.
Given the flaws of the current system, is there any alternative? A few options do exist out there. For example, instead of depending on security scanners to find the malware needle in the software haystack using a blacklist, some products like Bit9 use a whitelist to only allow approved programs to run. In some environments this can be a much better approach. In a setting where users need to run arbitrary software on PCs, such as software development, it's not practical. Yet many offices really can make a short list of the software they want their users to run. Is yours one of them?