Instances of false positives are rare, but a natural occurrence with Anti-Virus definition updates. As a result of the most recent issue, I would like to suggest an additional feature be added to the Enterprise suite to mitigate the damage should (when) another incident occur. The basic premise is run all new definitions against a test dummy (virtual node or standalone system). If the scan passes with no errors, the new definition would automatically propagate. If any errors occur or a virus is detected, halt distribution and flag the administrator to take action.
This level of protection / additional testing would have saved our company resources and mitigated the damage caused by the 5/6/2015 definition update. Please consider adding this feature as an option. I believe anyone using an Enterprise level version of the software would have a spare workstation that could be used for this purpose and would prefer to clean up one workstation vs the 300 plus workstation networks I saw referenced in the forums.
Thank you for your consideration of this request.