McAfee Apologizes for Update Fiasco | News & Opinion | PCMag.com
McAfee Apologizes for Update Fiasco | News & Opinion | PCMag.com.
McAfee on Thursday issued an apology for the faulty update that shut down users’ computers and prompted a continuous reboot cycle.
“McAfee team members have been working around the clock to fix the problem and work with impacted customers,” Barry McPherson, executive vice president of worldwide technical support and customer service for McAfee, wrote in a blog post. “We estimate that the majority of the affected systems are back up and running at this time and more systems are coming back online quickly.”
The faulty signature update DAT file, which went out on Wednesday, affected the svchost.exe file on “a subset of systems” using McAfee VirusScan Enterprise on Windows XP service pack 3. Users with VirusScan Enterprise 8.7 were hit a bit harder than those running version 8.5, McAfee said, “because of the different implementation of memory scanning within the products.”
Other versions of XP, Vista, and Windows 7 were not affected, the company said.
The problem resulted in blue screens, loss of network connectivity, inability to use USB, and continuous reboots, McAfee said.
What happened? McPherson said that McAfee recently changed its QA environment, which allowed a faulty DAT to get through the testing process.
“To prevent this from happening again, we are implementing additional QA protocols for any releases that directly impact critical system files,” McPherson wrote. “In addition, we plan to add capabilities to our cloud-based Artemis system that will provide an additional level of protection against false positives by leveraging an expansive whitelist of critical system files.”
To fix the problem, McAfee issued a remediation tool that “suppresses the driver causing the false positive by applying an Extra.dat file in folder,” he wrote “It then restores the ‘svchost.exe’ Windows file, the file quarantined as a result of the false detection.”
This tool has “been successful at remediating the problem,” McPherson wrote. More details for restoring a system are available in the McAfee KnowledgeBase in KB68780.
“I want to apologize on behalf of McAfee and say that we’re extremely sorry for any impact the faulty signature update file may have caused you and your organizations,” McPherson wrote.
Conficker Removal Tool
This is the only tool that I have found to remove the Conficker Worm. You can download it here.
Remove your Downadup infection!
BitDefender Labs has detected a new and more aggressive Downadup version on Saturday, 07.02.2009. It spreads using a Windows RPC Server Service vulnerability and is called Win32.Worm.Downadup.Gen.
The new version is more resilient to disinfection. Once the system is compromised, the worm disables Windows Update and blocks access to most of the anti-virus websites in order to hinder the user to disinfect his machine.
BitDefender is the first to offer a free tool which disinfects all versions of Downadup and is available for all infected users at: http://bdtools.net This domain is the first to serve a removal tool without being blocked by the e-threat.
The worm itself is not new, it made its first appearance late November 2008, known under the names Conficker or Kido as well exploiting the vulnerability described in the Microsoft security bulletin MS08-067. After successful exploitation it used to install rogue security software on the infected machine.
How to help IT fight the spies
A 2005 IDC survey listed spyware as the second-greatest threat to a company’s network security. The research group estimates that 67 percent of all computers are afflicted with some form of spyware. Here are a few ways to help combat them.
Adding Vista computers to NT 4 domain
I found an interesting post on a Microsoft forum that provides insight on how to add a Vista computer to a legacy NT 4.0 domain. This worked on a pre-SP1 Vista machine. I still need to test on a SP1 machine. Read more
Demystifying Firewalls
A firewall refers to several types of hardware and software, and involves multiple different technical approaches. Firewalls are available for both business and home use, as freeware, and are even built into most standard operating systems.
Create and customize user accounts
Do you have more than one person using your home computer? If you do, you can create user accounts for everyone in your home so that they can set up Windows XP with unique favorites, colors, wallpaper, and private files. You can even create a guest account for visitors to use.
Set up your computer so that only authorized people can use it
If someone needs to use your computer for a brief amount of time, activate a Guest account and then deactivate it when he or she is done.