At 6AM today, McAfee released an update to its antivirus definitions for corporate customers that had a slight problem. And by “slight problem,” I mean the kind that renders a PC useless until tech support shows up to repair the damage manually. Here’s how the SANS Internet Storm Center describes the screw-up:McAfee’s “DAT” file version 5958 is causing widespread problems with Windows XP SP3. The affected systems will enter a reboot loop and [lose] all network access. We have individual reports of other versions of Windows being affected as well. However, only particular configurations of these versions appear affected. The bad DAT file may infect individual workstations as well as workstations connected to a domain. The use of “ePolicyOrchestrator”, which is used to update virus definitions across a network, appears to have [led] to a faster spread of the bad DAT file. The ePolicyOrchestrator is used to update “DAT” files throughout enterprises. It can not be used to undo this bad signature because affected system will lose network connectivity.The problem is a false positive which identifies a regular Windows binary, “svchost.exe”, as “W32/Wecorl.a”, a virus.McAfee now has its own KnowledgeBase page posted, with details about the problem and the fix. The symptoms are described, tersely, as “Blue screen or DCOM error, followed by shutdown messages after updating to the 5958 DAT on April 21, 2010.”
via Defective McAfee update causes worldwide meltdown of XP PCs | Ed Bott’s Microsoft Report | ZDNet.com.
Filed under: Instructional, PC Security |
AskBillFirst - Non-Tech Speak Technology Blog 
[…] AskBillFirst Defective McAfee update causes worldwide meltdown of XP PCs | Ed Bott’s Microsoft Rep… […]