New
#1
McAfee update is locking users out of their systems
Read the full article here.Neowin.net said:
Fortunate for Windows Vista & Windows 7 folks, this only affected Windows XP PCs:
Buggy McAfee update slams Windows XP PCs | Security - CNET NewsEarly reports attributed the widespread problems to a routine McAfee update that caused computers with Microsoft's Service Pack 3 installed to incorrectly identify a legitimate operating system component as containing a virus.
A McAfee representative confirmed the problem to CNET, and said the buggy update code had been removed from the company's servers and that a fixed version would be made available shortly.
"McAfee is aware that a number of customers have incurred a false-positive error due to incorrect malware alerts on Wednesday, April 21. The problem occurs with the 5958 virus definition file (DAT) that was released on April 21" at 6 a.m. PT, the company said in a statement.
ICS reported that it was a false positive which identifies a regular Windows binary, "svchost.exe", as "W32/Wecorl.a", a virus.
Recovery information at ICS: McAfee DAT 5958 Update Issues
As I understand it, the bad update affected only Windows XP, SP3 PCs, not Windows Vista or Windows 7.
More at ICS: McAfee DAT 5958 Update IssuesMcAfee released an updated DAT file, and an "EXTRA.DAT" file to fix the problem. An EXTRA.DAT file is a patch to just fix the bad signature. McAfee's support web sites currently respond slowly and are down at times, likely due to the increased load caused by this issue.
McAfee Knowledgebase Article: https://kc.mcafee.com/corporate/inde...ent&id=KB68780
EXTRA.DAT file: W32/Wecorl.a | Virus Profile & Definition | McAfee Inc..
What is happening to virus programs? Last month, it was BitDefender which caused BSOD on millions of machines. I personally was a fan of Norton but I switched to Microsoft Security Essentials. People should try it =)
Here's another article. Was just going to post this darn you DNG LOL. McAfee antivirus program goes berserk, freezes PCs - Yahoo! News
LIFEHACKER HAD SOMTING TO
How to Fix the McAfee Restart Debacle on Your Machines - Malware - Lifehacker
I work for a large local hospital, and we were hit by this screw up today. I am still working on a tool to automate the fix for our tech's at offsite locations.
If the machine pulled down the bad dat file there are two methods for fixing it.
If its domain connected, you can push a gpo to the machine to copy the extra.dat file that mcafee has distributed. Then if its not working (only a small percentage of machines) boot into winpe and copy the backup copy of svchost.exe to the system32 directory.
If the machine is not domain joined the quickest solution is to boot directly to winpe and copy both files from it.
Last edited by ccatlett1984; 21 Apr 2010 at 23:27.