A malware scanner that executes code and infects the machine. Oh you couldn't make this up.
Which was pretty much my reaction..
Reading more - it seems that there is a language interpreter (akin to Javascript) called NScript included in the anti-malware suite and it's that that can be compromised. Which is a whole other Set of Fail..