A recent security update for McAfee Antivirus made systems reboot abnormally or loose network access for extended periods of time, causing a lot of damage to hospitals, companies and schools that used this particular anti-virus. The bugged update only affected computers running Windows XP Service Pack 3 and caused them running in a reboot loop or loosing network access. The problem was caused by a virus definition file, which misinterpreted a vital system file (svchost.exe) as a virus and quarantined it, causing the system not to work properly and eventually rebooting. McAfee immediately removed the faulty update file from their servers preventing any further impact.
The computer recovery though couldn’t be automated and personal attention to each computer from a technician appeared to be the only way to fix the problem. McAfee claims that the update only hit 0.5 percent of its customer’s computers, including Intel Company. Barry McPherson, executive vice president of support and customer service at McAfee in an attempt to apologize for all the inconvenience caused said: “First off, I want to apologize on behalf of McAfee and say that we’re extremely sorry for any impact the faulty signature update file may have caused you and your organizations.”
After McAfee’s gaff, not only did they apologize, but they took serious measures in order that no similar mistakes happen in the future. For that matter, they started implementing additional QA protocols for any releases that directly impact critical system files and they plan to add capabilities to its cloud-based Artemis system that will provide an additional level of protection against false positives. As if all that wasn’t enough hackers all over the world took advantage of the situation and tricked people into visiting websites that had information about fixing the bug, which actually were highly malicious.
http://news.yahoo.com/s/nf/20100423/bs_nf/72944;_ylt=AntUUuCU19dBKoJSDTBVg2KDzdAF;_ylu=X3oDMTJiZmdvdjQwBGFzc2V0A25mLzIwMTAwNDIzLzcyOTQ0BHBvcwMxBHNlYwN5bl9wYWdpbmF0ZV9zdW1tYXJ5X2xpc3QEc2xrA21jYWZlZTM5c3NodQ–
http://siblog.mcafee.com/support/mcafee-response-on-current-false-positive-issue/
