The December 2022 issue of IEEE Spectrum is here!

Close bar

Last Wednesday, corporate users (and some consumers) running Windows XP experienced problems caused by a faulty signature update file released by the security company McAfee.

As a result, McAfee said that many of those customers "reported a variety of symptoms, ranging from a system "blue screen" (not to be confused with BSOD, but due to the issues with Explorer and svchost.exe), loss of network connectivity, inability to use USB, and experiencing a perpetual state of reboot. Users have reported these symptoms when both the file is present on the system (in quarantine), or has been deleted entirely."

McAfee's President and Chief Executive Officer David DeWalt said in a company blog post Friday that, "We deeply regret the impact this may have had on you. In some cases, the outages were lengthy. Even among the vast majority of customers who did not experience operating disruptions, the mere possibility created an unwelcome distraction and reason for concern."

According to McAfee, the updated signature file, which created a false positive error situation, only affected " 'less than half of one per cent of business customers,' and a smaller number of consumer customers", a story in the London Telegraph reported. McAfee has refused to say exactly how many customer systems were affected, however, although some are guessing as high as 300,000. The company says that it helps secure 60 million business users and 75 million consumers.

The total number of customers affected may have been small from McAfee's perspective, but a quick search reveals major problems reported by:

A general roundup of those affected by McAfee's update issue can be found here.

McAfee said that the problem arose because the signature update file release "was designed to target the W32/Wecorl.a threat that attacks system executables and memory. The problem arose during the testing process for this solution. We had recently made a change to our QA environment. Unfortunately, this change resulted in a faulty DAT [update file] making its way out of our test environment."

Few things are more ironic in the IT community than trying to improve a QA process and having it backfire.

McAfee promises more QA protocols and some other measures to keep the issue from ever happening again. I think they promised the same thing after another false positive signature problem in 2008, though.

Anyway, today McAfee is promising its customers that,"If you have already incurred costs to repair your PC as a result of this issue, we're committed to reimbursing reasonable expenses."

This story in USAToday quotes Steve Shillingford, CEO of tech forensics firm Solera Networks, as saying that firms can expect to average 30 minutes of manual labor per affected PC to get it back into working order.

That's a lot of labor hours McAfee may be on the hook for.

Alas, consequential damages suffered seem to be out, however.

The Conversation (0)

Why the Internet Needs the InterPlanetary File System

Peer-to-peer file sharing would make the Internet far more efficient

12 min read
Horizontal
An illustration of a series
Carl De Torres
LightBlue

When the COVID-19 pandemic erupted in early 2020, the world made an unprecedented shift to remote work. As a precaution, some Internet providers scaled back service levels temporarily, although that probably wasn’t necessary for countries in Asia, Europe, and North America, which were generally able to cope with the surge in demand caused by people teleworking (and binge-watching Netflix). That’s because most of their networks were overprovisioned, with more capacity than they usually need. But in countries without the same level of investment in network infrastructure, the picture was less rosy: Internet service providers (ISPs) in South Africa and Venezuela, for instance, reported significant strain.

But is overprovisioning the only way to ensure resilience? We don’t think so. To understand the alternative approach we’re championing, though, you first need to recall how the Internet works.

Keep Reading ↓Show less