McAfee Update Poisons XP: Automated Fix Not Likely

Dennis Faas's picture

McAfee is facing a major backlash in sales this morning after a buggy security update left many customers' computers effectively unusable. Worst still, some analysts are predicting that an automated solution may not be possible.

As we reported yesterday, the problem is the result of a recent McAfee antivirus update gone awry, which then caused the antivirus program to identify legitimate Windows files as being virus infected.

The end result was that the legitimate Windows files were sent to a quarantine, resulting in thousands (if not hundreds of thousands) of crashes PCs. The problem appears to only affect Windows XP running Service Pack 3 using McAfee's VirusScan 8.7 and the 5958 DAT (virus definition update file), which was set live on Wednesday April 21st, 2010 this week.

Security Rivals Pounce at Golden Flub

The immediate effects have been in the security software market.

Some companies which promote McAfee software are already condemning the incident, while others believe it will open the door for competitors to take market share. There are even cases of companies offering cheap or free deals to McAfee customers who decide to switch to a rival service. (Source: crn.com)

Firms Pay The Price For Speedy Updates

Unfortunately, there were factors which worsened the problem.

Many businesses have set up their IT systems so that any security updates are applied to every machine on the network as soon as physically possible. Ironically, that usually smart practice has magnified the effects of this blunder as it meant the discovery of the problem came too late to be a warning in many cases.

There are also questions about exactly how the problem occurred. It's been noted that not only did McAfee's system for verifying whether a suspected virus was genuine fail, but that it then either quarantined or deleted the XP component without giving any warning, as would normally be expected.

Manual Fix Difficult, May Be Required

What happens next is also far from certain. While McAfee has talked about working on producing an automated fix (rather than the current manual workarounds), Peter Schlampp of Solera Systems says he doesn't expect that to happen, leaving a lengthy repair process.

He also warns that the nature of the problem means it won't necessarily show up immediately on all machines, meaning it could take some time before the extent of the damage is truly known. (Source: darkreading.com)

| Tags:
Rate this article: 
No votes yet