Slashdot Mirror


McAfee Retracts Lowball Bug Damage Estimate

bennyboy64 writes "McAfee has changed its official response [warning: interstitial] on how many enterprise customers were affected by a bug that caused havoc on computers globally. It originally stated the bug affected 'less than half of 1 per cent' of enterprise customers. Now McAfee's blog states it was a 'small percentage' of enterprise customers. ZDNet is running a poll and opinion piece on whether McAfee should compensate customers. ZDNet notes a supermarket giant in Australia that had to close down its stores as they were affected by the bug, causing a loss of thousands of dollars."

10 of 233 comments (clear)

  1. XP SP3 by Enderandrew · · Score: 3, Insightful

    I thought this affected anyone running XP SP3, which I expect would be a majority of enterprise desktops, not less than half of one percent.

    --
    http://blindscribblings.com - Tasty pop-culture in conceptual fashion.
    1. Re:XP SP3 by SharpFang · · Score: 4, Insightful

      I guess less than half of 1% of all corporate customers are customers of McAffee.
      The right wording is everything.

      --
      45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  2. I'm still wondering ... by khasim · · Score: 4, Insightful

    ... why they didn't test the new dat file against Windows system files.

    Seriously, we pay them a LOT of money for their product licenses and they cannot even test against known system files?

    1. Re:I'm still wondering ... by eharvill · · Score: 2, Insightful

      Yup. Same in the organization I am currently working with. Out of 10s of thousands PCs potentially affected, only ~800 actually got nailed, fortunately none at their retail locations. I was one of the lucky ones. After we determined it was an AV issue I was up and running a few minutes later. Safe mode -> rename/delete the latest .dat files -> reboot. Mine didn't delete the svchost.exe like some others did for some reason. Sucks for the folks that aren't somewhat computer savvy and had to have someone walk them through the steps over the phone.

      --
      At night I drink myself to sleep and pretend I don't care that you're not here with me
  3. AV on POS computer?? by wvmarle · · Score: 4, Insightful

    I feel sorry for that super market chain but: wtf is AV doing on a POS computer?

    POS should be a dedicated computer, running one and only one application (the POS software), on a thoroughly shielded LAN, talking to only a centralised server (or small network of servers if one is not enough) that collects the sales data and distributes prices etc. That server should itself be connected only to the POS network and a corporate LAN. In other words: no direct access out of the Internet, no web browsing, no local storage of any data files, no downloading, nothing that could have the most remote risk of a virus.

    Or am I missing something here?

    1. Re:AV on POS computer?? by EMG+at+MU · · Score: 2, Insightful

      I agree.
      However, when you have 200,000+ POS machines, management wants an AV.
      I hate McAfee, I hate using a AV instead of isolating a machine from removable media and the Internet. I hate spending money on AV when we could use it on something else. But when a franchise manager on the other side of the world lets one of his employees use the wifi or a printer or something, I'm glad there's an AV to protect my ass. Even though there shouldn't be a way the POS machines get a virus, the AV is kind of like car insurance: It protects you from accidents, costs too much money per year, someone else forced you to get it, and in the end when something shitty happens it kind of saves your ass.

    2. Re:AV on POS computer?? by Locutus · · Score: 2, Insightful

      and why does a POS computer have an internet connection to get the updates? It reminds me of the story of how a bunch of trains had no signal systems because the computers controlling the railway signals were running Windows, connected to a LAN, and got infected with a virus and stopped operating the signals. I guess with admins, you get what you pay for and maybe those MCSE certs are worthless.

      LoB

      --
      "Anyone who stands out in the middle of a road looks like roadkill to me." --Linus
  4. Oblig. xkcd by wvmarle · · Score: 4, Insightful

    Quite apt, even though not POS: http://xkcd.com/463/.

  5. Re:Testing before deploying? by X0563511 · · Score: 3, Insightful

    I know assumptions are bad, but is it really that big a stretch to assume the vendor tests their updates on their supported platforms?

    It's not like these were weird corner-cases.

    --
    For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
  6. Worse than the disease? by Atrox666 · · Score: 2, Insightful

    When was the last virus outbreak that caused this much damage?