It can not be used to undo this bad signature because affected system will lose network connectivity. The ePolicyOrchestrator is used to update "DAT" files throughout enterprises. The use of "ePolicyOrchestrator", which is used to update virus definitions across a network, appears to have lead to a faster spread of the bad DAT file. The bad DAT file may infect individual workstations as well as workstations connected to a domain. However, only particular configurations of these versions appear affected. We have individual reports of other versions of Windows being affected as well. The affected systems will enter a reboot loop and loose all network access. Read more about security in Computerworld's Security Knowledge Center.McAfee's "DAT" file version 5958 is causing widespread problems with Windows XP SP3. Follow Gregg on Twitter at or subscribe to Gregg's RSS feed. Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. "McAfee apologizes for any inconvenience to our customers," he added. McAfee is working on helping customers affected by the rogue update, said Evers. In May 2007, a Symantec definition file crippled thousands of Chinese computers when the software mistook two critical Windows. In 2005, Trend Micro released a flawed signature update that slowed PCs to a crawl, and McAfee is far from the first antivirus vendor to ship a flawed signature update. A month ago, a BitDefender update clobbered 64-bit Windows machines. The company has yet to produce an updated signature definition file to replace the one that crippled computers. "We are not aware of significant impact on consumer customers and believe we have significantly limited such occurrence." "The faulty update has been removed from McAfee download servers for corporate users, preventing any further impact on those customers," Evers said. Instead, users can reach the instructions and EXTRA.DAT file from elsewhere on McAfee's site. After applying the EXTRA.DAT, restore the affected files from Quarantine." Unfortunately, those instructions and the suppression EXTRA.DAT update file are not currently available, again because McAfee's support site has gone dark. "For systems that have already encountered this issue, start the computer in Safe Mode and apply the EXTRA.DAT. "Apply the EXTRA.DAT to all potentially affected systems as soon as possible," the company recommended. McAfee reacted by warning users not to download today's update if they haven't already, and by posting recovery instructions and a signature update to suppress the defective one seeded to users earlier. "Our initial investigation indicates that the error can result in moderate to significant performance issues on systems running Windows XP Service Pack 3," acknowledged Evers.Īffected PCs have displayed a shutdown error or blue error screen, then gone into an endless cycle of rebooting, users claimed. We apologize for any inconvenience this may cause."īoth users and McAfee said that the flawed update had crippled Windows XP Service Pack 3 (SP3) machines, but not PCs running Vista or Windows 7. ET, McAfee's support forum was offline, with a message reading "The McAfee Community is experiencing unusually large traffic which may cause slow page loads. "Great work McAfee! GRRRRRRRRRRR."Īs of 3:30 p.m. "This is goddamn ridiculous," added Gerard, who identified himself as a senior security administrator with Wawanesa Mutual Insurance Company of Winnipeg, Manitoba, in Canada. "HOW THE F*** do they put a DAT out that kills a *VITAL* system process?" asked Jeff Gerard on one thread. According to users on McAfee's support forum, today's update flagged Windows' "svchost.exe" file, a generic host process for services that run from other DLLs (dynamic link libraries).
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |