McAfee update cripples Windows XP machines
By Barry Collins
Posted on 22 Apr 2010 at 07:38
McAfee has apologised to its customers after a routine security update crippled Windows XP PCs.
The update falsely identified the SVCHOST.EXE Windows file as a virus, effectively prompting the McAfee software to attack core operating system files. This causes affected PCs to crash or enter endless reboot cycles.
The problem appears only to have affected McAfee customers running Windows XP SP3, but it has reportedly downed tens of thousands of PCs across the world, including those of Intel, US police departments and universities.
Today we released a update file that clearly did more harm than good
McAfee claims businesses are worse hit than consumers, although it's playing down the impact of the false positive. "We believe that this incident has impacted less than one half of one percent of our enterprise accounts globally and a fraction of that within the consumer base – home users of products such as McAfee VirusScan Plus, McAfee Internet Security Suite and McAfee Total Protection," writes Barry McPherson, the company's executive vice president for customer service on the McAfee blog. "That said, if you’re one of those impacted, this is a significant event for you and we understand that."
McAfee has halted distribution of the flawed update an issued a fix for the problem.
In a follow-up blog post, McPherson admitted the company had let its customers down. "In our ongoing efforts to protect our customers from a seemingly endlessly multiplying variety and volume of attacks, today we released a update file that clearly did more harm than good," he said. "There was a legitimate threat and we wanted to protect our customers, as we have done successfully thousands and thousands of times before. But in trying to do so, we created negative and unintended consequences for some very important people. Many of you."
"Mistakes happen. No excuses," McPherson added. "The nearly 7,000 employees of McAfee are focused right now on two things, in this order. First, help our customers who have been affected by this issue get back to business as usual. And second, once that is done, make sure we put the processes in place so this never happens again."
From around the web
We were lucky as we got an advisory from our reseller about this just before the end of the day so I was able to stop our ePO server from downloading the DAT and pushing it out.
By james016 on 22 Apr 2010 
This crippled 4 of my machines
By ptp_producer on 22 Apr 2010
Not so lucky
My employer had literally thousands of machines affected globally. McAfee aren't very popular today.
By Stonedecroze on 22 Apr 2010
Likewise AVG
AVG did exactly this in France about 18 months ago, and were very unhelpful, only admitting they had messed up after several days. Caused me a lot of problems. It shows very clearly how slack their (McAFee & AVG) testing procedures really are.
By anth13 on 22 Apr 2010
Still working...
Our tech support machines all run Vista/7 so we can still work, all other PCs are screwed at the moment - hopefully get back on later this morning
By EddyOS_2K9 on 22 Apr 2010
Another all-nighter...
This stupid DAT file turned over 500 of our PC's into expensive paper-weights! It's sorted now (with the exception of encrypted devices), but not without spending all night in the Office... McAfee have a lot to answer for, and their testing leaves a lot to be desired!
By mattlockey on 22 Apr 2010
@mattlockey
What testing?
By james016 on 22 Apr 2010
Shocking and inexcusable
It is inexcusable for a a/v company to release such bad updates.
Avira caused a similar problem a month ago and STILL haven't resolved the issue with customers suffering frequent BSOD.
AVG had a similar issue (hogging resources) a while back and took ages to fix it.
You would like to think that all of these companies learnt from the mistakes made my Microsoft with one of their first XP updates that temporarily 'killed' PCs.
By widget on 22 Apr 2010
NO EXCUSE.
Normal Home Users Can Not Help It, Because They Do Not Know Better.
As For IT Personnel, No Excuse.
This Problems Occurs With Every IT Company From Time To Time, So ITS Should Know That They Need To Delay Updates For 2 Or 3 Working Days, Unless Some Major Problem Occurs.
No Excuse.
By A41202813GMAILCOM on 28 Apr 2010
2 or 3 Days
In response to 'No Excuse' 2 to 3 days is a lifetime when it comes to AV updates, leave it that long and you might as well not bother.
AV companies such as McAfee have been around long enough to develop proper QA procedures so that such flawed DATs like this should not even get close to release.
By Ursus42 on 29 Apr 2010
advertisement
- Chrome's shine getting lost in translation
- BytePac: the cardboard hard disk enclosure
- How tech loosens our grip on reality
- Hokum watch: Safer Internet Day
- Why I'm deleting Adobe from my PC
- Prepare to be patronised: it's Safer Internet Day
- Dear Sony, Samsung and every other tech company in the world: stop trying to be Apple
- Will Apple's Final Cut Pro X update placate the pros?
- Smartr Contacts for iPhone review
- Switching to Office 365's Outlook Web App
- How to make Google AdWords work for your business
- The curse of sloppily written software
- Paying for your crimes with Bitcoin
- Behind the scenes: tech support for Formula 1
- The security risk of fat fingers
- Why Windows Phone 7 isn't quite ready for business
- When will Microsoft stop fiddling with Windows 8?
- Flash down the pan?
- Metro Style apps vs desktop applications
- Coping with Facebook changes
advertisement
Printed from www.pcpro.co.uk