A bad McAfee update for Windows XP has millions scrambling to make sure they aren’t the next victims.
According to sources:
“DAT update 5958 deletes the svchost.exe file, which then triggers a false-positive in McAfee itself and sets off a chain of uncontrolled restarts and loss of networking functionality.”
UPDATE: McAfee has sent out a statement:
In the past 24 hours, McAfee identified a new threat that impacts Windows PCs. Researchers worked diligently to address this threat that attacks critical Windows system executables and buries itself deep into a computer’s memory.
The research team created detection and removal to address this threat. The remediation passed our quality testing and was released with the 5958 virus definition file at 2.00 PM GMT+1 (6am Pacific Time) on Wednesday, April 21.
McAfee is aware that a number of customers have incurred a false positive error due to this release. Corporations who kept a feature called “Scan Processes on Enable” in McAfee VirusScan Enterprise disabled, as it is by default, were not affected.
Our initial investigation indicates that the error can result in moderate to significant issues on systems running Windows XP Service Pack 3.
The faulty update was quickly removed from all McAfee download servers, preventing any further impact on customers. We are not aware of significant impact on consumers.
McAfee teams are working with the highest priority to support impacted customers. We have also worked swiftly and released an updated virus definition file (5959) within hours and are providing our customers detailed guidance on how to repair any impacted systems.
We are investigating how the incorrect detection made it into our DAT files and will take measures to prevent this from reoccurring.
We sincerely apologize for the inconvenience this has caused our customers.
So that’s good news for consumers, and every bit as terrible news as expected for corporate users who’ve already been burned. This shows you that ever thing has a flaw no matter what!