McAffee Antivirus Goes Amok, Shuts Down Legitimate Apps
Posted by Pile
(6797 views) [E-Mail link]
|Anti-virus vendor McAfee is scrambling to contain the damage from a faulty definition update that incorrectly flagged hundreds of legitimate software programs as W95/CTX, a low-risk Windows 95 virus that was first detected in 2004.|
The erroneous .DAT file (4715) was shipped late on March 10 with definitions for a wide range of new malware threats, but when the update was installed, it quarantined or deleted several widely deployed applications, including Microsoft Excel, Macromedia Flash Player, Adobe Update Manager and the Google Toolbar Installer.
Santa Clara, Calif.-based McAfee acknowledged the gaffe and quickly shipped a new virus pattern file (4716), but for some users the damage was already done.
In a notice posted online, McAfee said the 4715 DAT files caused problems for customers running its VirusScan Enterprise, Managed VirusScan, VirusScan Online, LinuxShield and VirusScan (consumer) products.
The incorrect detections did not occur with McAfee's OAS (On Access Scanner), nor with gateway or e-mail scanners.
McAfee officials said the files that were incorrectly flagged as a virus were renamed as filename.exe.vir. However, instead of simply quarantining the supposed threat, McAfee said the point product's secondary action can result in the file being deleted.