McAfee Bug Forces Massive PC Cleanup

A flawed antivirus software update misclassified a critical Windows XP file as a malicious program, sending PCs into endless reboot cycles.

Antone Gonsalves, Contributor

April 22, 2010

2 Min Read

Many companies and people on Thursday were fixing thousands of Windows PCs that went haywire as a result of a seriously flawed software update sent by antivirus vendor McAfee.

The update distributed at 3 a.m. Eastern time Wednesday misclassified a critical Windows XP system file, called svchost.exe, as a malicious program. As a result, McAfee's AV software was instructed to detect and remove the threat, sending affected PCs into fits of rebooting that made the machines useless.

Hours after the blunder, Barry McPherson, executive VP of technical support at McAfee, said the company believed the snafu "impacted less than one half of 1% of our enterprise accounts globally and a fraction of that within the consumer base." However, media reports and Twitter postings indicated the problem was bigger.

Steve Shillingford, chief executive of tech forensics firm Solera Networks, told USA Today that one large U.S. multinational company saw 50,000 PCs go into a reboot frenzy as a result of the destructive update. Solera was in the process of helping the client clean up the mess, which could only be corrected manually by a technician at each PC.

Meanwhile, the Associated Press reported that a third of the hospitals in Rhode Island were forced to suspend treatment of non-trauma patients in emergency rooms. In Kentucky, state police officers had to shut down computers in their patrol cars while technicians tried to correct the problem.

According to Twitter posts by Intel employees, the chip also may have been affected, but the company couldn't be reached for confirmation, the AP said.

Meanwhile, Twitter and McAfee's comment page were packed with PC owners blasting the antivirus vendor in what will likely become a public relations nightmare for McAfee.

"Your company deserves to fail. Your 'protection' is far worse than any virus you're supposed to protect us against," an angry customer said.

Another appeared dumbfounded as to how McAfee could have failed to detect the flaw before distributing the update. "How the hell could this have not been picked up as an issue before the update was issued? Don't you guys do any real-world testing? Disgraceful."

At roughly 2 a.m. Eastern time Thursday, McPherson said the McAfee support unit was still working with customers either on the phone or online to fix affected PCs.

"Having talked to literally hundreds of my colleagues around the world and e-mailed thousands to try and find the best way to correct these issues, let me say this has not been my favorite day," McPherson said in the company blog. "Not for me, or for McAfee. Not by a long shot."

McPherson went on to say, "Mistakes happen. No excuses."

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights