Feeds

McAfee false alert snares innocent JavaScript files

I didn't do it

Secure remote control for conventional and virtual desktops

Faulty virus definition updates from McAfee that flagged legitimate JavaScript files as potentially malign caused a headache for some sysadmins earlier this week.

The false alarm, which meant benign content was flagged as infected by Exploit-Packed-c-gen, was corrected promptly by a set of revised definition updates from McAfee late on Wednesday, but not before at least one Reg reader was inconvenienced by the slip-up. "We thought we were under virus attack today [Thursday] and cut back on our internet access for a few hundred employees," our UK-based informant told us.

In response to our inquiries, McAfee issued a statement apologising for the snafu, which it said affected only a "limited number" of customers.

McAfee is aware that a limited number of customers may have incurred problems fully accessing specific Web sites due to incorrect malware alerts on Wednesday, Sept. 2.

The problem primarily occurs when navigating to Web sites that use JavaScript compressed using a packing tool known as Dean Edward's Packer. McAfee worked to address the problem with a new signature update released Wednesday evening.

McAfee apologizes for any inconvenience to our customers.

Dodgy anti-virus signature updates make for a well known problem with security scanners which affects all vendors from time to time. The problems caused are far worse when Windows system files are affected rather than only general applications. For that reason the latest snafu is fairly minor in the bigger scheme of things, though obviously a right royal pain for those unlucky enough to get tripped up by the glitch. ®

Intelligent flash storage arrays

Whitepapers

Seattle children’s accelerates Citrix login times by 500% with cross-tier insight
Seattle Children’s is a leading research hospital with a large and growing Citrix XenDesktop deployment. See how they used ExtraHop to accelerate launch times.
Why CIOs should rethink endpoint data protection in the age of mobility
Assessing trends in data protection, specifically with respect to mobile devices, BYOD, and remote employees.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting against web application threats using SSL
SSL encryption can protect server‐to‐server communications, client devices, cloud resources, and other endpoints in order to help prevent the risk of data loss and losing customer trust.