Feeds

McAfee ate my system

False positive creates havoc

Internet Security Threat Report 2014

A faulty signature update from McAfee flagged up legitimate application files as infected with a low-risk virus, CTX.

The dodgy anti-virus update (4715 DAT), issued on Friday, March 10, falsely identified a number of component files of Microsoft Office applications and some Windows systems files as infectious. Along with Microsoft Excel, components of Adobe Update Manager, Macromedia Flash Player and Google Toolbar were falsely labeled as viral. McAfee has produced a seven page list of files known to trigger incorrect identification here (PDF).

McAfee has released a new update along with a tool designed to recover legitimate system and application files from quarantine (the default setting). But that's not much use to users that had set their software to auto-delete infected files, who've found themselves with hosed systems.

"We are manually reinstalling, MS Excel, Java Runtimes, and Adobe. A lot of my little network management packages are clobbered as well. Little key generator programs to make WPA keys, Kazaa lite, Spybot S&D, Procomm Plus, all deleted," one Reg sysadmin reader writes. "We set our secondary option to delete because we felt we may have had a worm at the time. We've run their product successfully for four to five years."

Faulty anti-virus signature updates are not uncommon across the industry. However the latest McAfee snafu affects a far wider range of commonly-installed files than is normally the case, causing a wider range of problems. ®

Beginner's guide to SSL certificates

Whitepapers

Driving business with continuous operational intelligence
Introducing an innovative approach offered by ExtraHop for producing continuous operational intelligence.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.