Monday, July 06, 2009

McAfee McDestroys McComputers

According to The Register, McAfee has been at it again, releasing another DAT file (5664) that has decided the regular (and critical) core Windows system files are malicious and need to be removed, resulting in both a BSOD and an unusable machine in a number of cases.

I wonder when AV vendors (all of them, as pretty much all of them have done this from time to time) will realise that a proper test of their database updates before releasing them is an essential part of the customer service they need to provide to their own customers?

Sure, getting databases updated for new, active, infections malware is important, but so is leaving the machines that your customers run your software on in a usable state. The two are not (and should not) be mutually exclusive!

Regards,

The Outspoken Wookie

2 comments:

London Security Solutions said...

Are you really that ignorant? Did you bother to read the reports as to who is impacted and why? The only people who are impacted are those running old scan engines.

With every DAT update is a readme.txt which clearly states:
"The DAT files supplied with this README file are compatible with our anti-virus products that use the version 4.3.20 (or later)
virus-scanning engine."

If these people aren't going to update the scan engine, how can you blame the vendor? That's like blaming Ford for my sister not changing her oil.

Hilton Travis said...

G'day Dennis,

No, it is like your sister replacing a failed/updated Ford part with the new replacement part and that then making her car catch fire. That is Ford's problem, not your sister's.

If a DAT isn't designed to work with an older engine, then shouldn't the programmers be able to determine this DAT shouldn't be used? Or are they that lowly skilled that this isn't possible?

And yes, I read the reports and the McAfee forum posts before I posted this.