McAfee Update causes problems with Windows XP SP3
Posted on | April 21, 2010 | No Comments
Earlier today, McAfee released an update for their antivirus software. If you were using their antivirus product and updated using this update, I’m so sorry.
Basically, this update (called DAT 5958) marked svchost.exe, an executable file used by Windows XP, as a threat. When a good file is labeled as a virus or some kind of threat, this is known as a false positive. When this file is placed into the antivirus quarantine, Windows is unable to call on this program to perform essential functions, such as networking.
Fortunately, McAfee quickly disabled this update and announced a way to to that file from being quarantined. If you follow the instructions in the link above, you will be able to restore your system to a working state.
This incident emphasizes several important aspects of computer security. The first is not to rely upon any single point of failure. While McAfee is a reputable antivirus vendor (even if their software is a bit bloated – it hogs plenty of system resources), it’s still capable of failure. If you’re running McAfee, you’ve probably paid for it (as opposed to perfectly capable free antivirus solutions like Avast!, Antivir, or FreeAVG).
Of course, those solutions are prone to failure as well. Even with advanced heuristics (study of behavior), antivirus software needs updates every day, and any update could have these sorts of problems.
Stories like this do show how responsive antivirus vendors can be once a problem starts – this had potential to affect millions of users (and did affect many thousands), yet a fix was rolled out within hours.
This is why many system administrators wait until they roll out an important update – why not wait for some other users to beta test the update before applying the patch to mission-critical systems?
Comments
Leave a Reply