A bad virus definition update has left a number of McAfee customers worldwide with systems that will no longer run.
First spotted by the guys over at Gizmodo following a surge of comments on micro-blogging service Twitter, and later confirmed by Engadget and The Register, the issue stems from a false positive contained within the 5958 virus definitions and triggered on machines running Windows XP Service Pack 3.
Users who received the faulty update - initially released yesterday at 1400 and then quickly removed from the update servers - will have found that the rather important Windows service svchost.exe was categorised as a virus. If the default option to quarantine the file is selected - or if the software is configured to do so automatically - the system will crash.
Describing the issue as causing "moderate to significant performance issues" on affected systems, McAfee has posted instructions on both removing the faulty virus definition and on repairing a damaged Windows install.
This is hardly the first time a signature-based anti-virus has gone haywire and caused havoc on the very PCs it was designed to protect, of course. Just last month BitDefender Antivirus crashed 64-bit Windows systems due to a similar faulty signature update, and back in January Kaspersky Anti-Virus ended up blocking Google AdSense by mistake. Unfortunately, such issues are a by-product of the complex balancing act signature-based detection systems must perform: too permissive and you'll miss new and modified viruses; too strict and you'll falsely classify legitimate files as malware.
Do you think the time has come to solve the virus problem a different way, or are these false positive issues just something modern computer users need to expect from time to time? Share your thoughts over in the forums.
First spotted by the guys over at Gizmodo following a surge of comments on micro-blogging service Twitter, and later confirmed by Engadget and The Register, the issue stems from a false positive contained within the 5958 virus definitions and triggered on machines running Windows XP Service Pack 3.
Users who received the faulty update - initially released yesterday at 1400 and then quickly removed from the update servers - will have found that the rather important Windows service svchost.exe was categorised as a virus. If the default option to quarantine the file is selected - or if the software is configured to do so automatically - the system will crash.
Describing the issue as causing "moderate to significant performance issues" on affected systems, McAfee has posted instructions on both removing the faulty virus definition and on repairing a damaged Windows install.
This is hardly the first time a signature-based anti-virus has gone haywire and caused havoc on the very PCs it was designed to protect, of course. Just last month BitDefender Antivirus crashed 64-bit Windows systems due to a similar faulty signature update, and back in January Kaspersky Anti-Virus ended up blocking Google AdSense by mistake. Unfortunately, such issues are a by-product of the complex balancing act signature-based detection systems must perform: too permissive and you'll miss new and modified viruses; too strict and you'll falsely classify legitimate files as malware.
Do you think the time has come to solve the virus problem a different way, or are these false positive issues just something modern computer users need to expect from time to time? Share your thoughts over in the forums.
MSI MPG Velox 100R Chassis Review
October 14 2021 | 15:04
Want to comment? Please log in.