McAfee Update Breaks Hundreds Of Apps - InformationWeek
IoT
IoT
News
News
3/13/2006
03:51 PM
50%
50%
RELATED EVENTS
The Real Impact of a Data Security Breach
Aug 02, 2017
In this webcast, experts discuss the real losses associated with a breach, both in the data center ...Read More>>

McAfee Update Breaks Hundreds Of Apps

For over five hours Friday, McAfee's anti-virus software erroneously flagged hundreds of legitimate executables as a malicious virus, leading some customers to quarantine or delete the offending files and render applications such as Microsoft Excel inoperative.

For over five hours Friday, McAfee's anti-virus software erroneously flagged hundreds of legitimate executables as a malicious virus, leading some customers to quarantine or delete the offending files and render applications such as Microsoft Excel inoperative.

An error in McAfee's daily virus definition file (dubbed "DAT") identified the files as W95/CTX, a virus first discovered in 2004. All editions of McAfee's on-demand-scanning products, including both the enterprise and consumer versions of VirusScan, were affected.

Among the legitimate files painted as malware were Microsoft's Excel spreadsheet, Adobe's Flash, the Google Toolbar installer, several Adaptec drivers, and parts of Sun Microsystems' Java Runtime Environment. The list that McAfee posted of the affected files numbers more than 330, but even so, the SANS Institute's Internet Storm Center called it incomplete.

"It doesn't include any of the Oracle binaries that have been reported to be affected by some of our readers," one of the Storm Center's analysts wrote on the site Sunday.

Depending on how users had configured VirusScan, the harmless files were either quarantined to a special folder or deleted. In either case, applications were broken as files were moved or erased from hard drives.

The flawed DAT went out at 10:35 a.m. PST Friday, said Joe Telafici, director of operations at McAfee's AVERT Labs. "About two hours later, we started getting reports of large numbers of files identified as W95/CTX," he said.

McAfee pushed out a corrected DAT a couple hours after that, at 3:28 p.m. PST.

By then, however, it was too late for some McAfee users.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
IT Strategies to Conquer the Cloud
Chances are your organization is adopting cloud computing in one way or another -- or in multiple ways. Understanding the skills you need and how cloud affects IT operations and networking will help you adapt.
Video
Slideshows
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll