A company is claiming to have found security holes in multiple anti-virus programs, which can be exploited by the very malware those products are supposed to protect you against. Many of the top anti-malware vendors have ended up finding parsing issues in their product over the past few years. Some have repaired the original parsing issues only to see them raised again with exploits found after the original vulnerability. Security software programmers are hired for their programming knowledge and with the (false) expectation that they will naturally code securely.”]
Source: https://www.csoonline.com/article/2633192/security-software-developers-need-sdl–too.html