Serious false positive hits users of old McAfee engines

Batch of system files wrongly flagged as malware, current versions not affected.

An update released by McAfee last week resulted in problems around the world, as some vital system files were flagged as malware by updated scanner products, bringing affected systems to a crashing halt. The issue is believed only to have affected users of McAfee's VirusScan 8.01, with those who have upgraded to versions 8.5i and onward not affected by the problems. The misbehaving DAT file was corrected fairly quickly.

Numerous user comments have been posted on forums and elsewhere detailing the serious issues caused by the update, which resulted in a selection of files, some of them core components of Windows, to be flagged as a generic password stealer. With many admins already away from their posts thanks to the US 4th July holidays, damage could be considerable despite the limited range of products affected. As usual, we advise readers to run the latest versions of all components of their security software where possible.

Details on the glitch are at ITPro here, with a flood of comments at The Register here. Further input from users reached McAfee forums here and here.

07 July 2009

Tags: false positive, mcafee, update. del.icio.us digg this