McAfee Fixes Bugs in AV Update

Friday, August 24, 2012 @ 04:08 PM gHale


McAfee fixed a bug-prone update that disabled security software for home and enterprise users over the weekend.

Users who received the latest updates for McAfee’s consumer and enterprise versions of its antivirus software last Friday found themselves unable to access the Internet or encountered errors within the application, according to messages posted on McAfee’s community forums.

RELATED STORIES
Autos Vulnerable to Cyber Attack
Test: AV Products Fail in Protection
Whitelisting Defense Combat Ready
APT: Attackers get What They Want

Home users were unable to access the McAfee Security Center console, preventing them from running anything within the software program. Enterprise users encountered errors with the On-Access Scanner.

Enterprise users had to wait till Monday for VSE 8.8 Hotfix 793640, which contained the full DAT 6809 update, according to a McAfee knowledge base article. However, the hotfix was 100 MB in size, making deployment a challenge for administrators overseeing a large number of affected machines.

“Deployment can cause high bandwidth usage in large environments,” McAfee recommended. The support document also suggested deploying the hotfix in stages rather than to all systems at once.

McAfee released a smaller version of the hotfix, VSE 8.9 Hotfix 793781, late Tuesday. While the smaller hotfix has a smaller initial footprint and addresses most of the issues, “remediated systems will require a full DAT update as soon as possible,” according to the advisory.

The hotfix does not force a reboot, but the company recommended a restart of all systems after installing the fixes in order to validate the latest update.

This isn’t the first time a security vendor had a faulty update. McAfee alone has had three bad DAT updates in recent years, including the April update for its email gateway security products that caused the systems to crash and display message scan failures.

McAfee is not alone, as a problem update was behind the Microsoft’s Security Essentials scanner attempt to flag google.com as malware. Last month, Symantec released an update for its Symantec Endpoint Protection 12.1 that caused users running Windows XP to see the blue screen of death. Symantec rolled back the signatures a few days later.



Leave a Reply

You must be logged in to post a comment.