Slashdot Mirror
Kaspersky Update Breaks Internet Access For Windows XP Users
An anonymous reader writes "Yesterday afternoon, Kaspersky Labs released a definition update that blocked all Internet and Intranet access on Windows XP workstations. While there has been no official communication from Kaspersky, their forum is lit up with angry customers relying on each other to find a fix."
Update: 02/05 16:42 GMT by T : Thanks to an anonymous reader, who says that Kaspersky has issued a statement, and a fix (though the fix takes some manual labor to implement).
they already have a fix you can download!
Epic FAIL! All you AV providers need to be testing your damn defs before deployment to the public. Geez, how fucking hard is this?
Life is not for the lazy.
Sometimes the only way to win the game is not to play. It seems like Kaspersky has learned that the only way to secure Windows XP is to disable the internet connection. Now if they disable the USB ports next, I think we will have a good security model going. Unfortunately that update will be harder to push.
To be the perfect AV ......
No internet means
No virus
No Botnet
No Adware
No Spyware
Or maybe the program became self aware and realized that the internet is a disease, a virus, needing to be squashed
My Aurora : http://www.youtube.com/watch?v=o91ZsGwJYyg
FB : https://www.facebook.com/TanveersPhotography
Right now, the "temporary" fix is to disable their Web AV.
http://forum.kaspersky.com/index.php?showtopic=255508&st=20&p=1978848&#entry1978848
Text of fix, credit the forum poster known as "omaudio":
from Kaspersky-
"We apologize for the inconvenience. It does appear that there was a hiccup with an Update pushed out causing Windows XP machines to lose internet connectivity. An update was just released that should address the issue, what I will need you to do is:
To get XP users internet connectivity (temporarily), please disable the Web AV component of your protection policy for your managed computers. After doing so;
In Security Center (or Admin Kit):
1.) Go to the Repositories section >> (Right click) Updates >> All Tasks >> Clear updates repository.
2.) Go to the Repositories section >> (Right click) Updates >> Download Updates
After taking this step, please run your group Update task for Managed Computers. After the update has been pushed to your workstations, please re-enable your Web AV component in your protection policy. This should resolve the issue. "
Knowledge is how to play a game, intelligence is how to win, wisdom is knowing what game to play.
I'll bet they don't even have an XP machine to do the testing on. Besides, if they did, would they be having problems with it...?
Cutting off internet access is one of the very best methods for Windows XP security. What's the problem?
* Carthago Delenda Est *
The next update will fix the issue, you'll just have to download it...oh, wait.
Protecting users of more up to date Windows versions from those malware infested botnet-targets.
She: Hey, are you a traitor? Me: No, I'm atheist.
Thus making Windows XP completely secure!
"I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
In Soviet Russia, the viruses scan YOU!
I have to wonder at which point workstation AV software becomes a bigger risk than the actual malware.
So far in our organization, we've had two AV incidents. One several years ago when a user brought in an infected laptop with one of the Microsoft RPC exploiting worms. We got the worm before the AV vendor (Symantec at the time) had a signature for it, so the AV software was totally useless. The other event was when Symantec erroneously flagged a Windows Server 2003 resource kit program as malware and quarantined it (fortunately, a program we didn't rely on). So so far, for us - AV has failed to catch our only malware infection and has broken a non-infected program. Strict filtering (both inbound AND outbound) has done a lot more to stop malware in our organization than AV software ever has.
I also remember an incident a few years ago when a prominent AV vendor's software (I think it was Norton) erroneously quarantined a system file in the Chinese version of WinXP, and rendered the workstation unbootable, affecting a very large number of users.
I also wonder if any of the AV companies have independently verified and verifiable procedures for making their updates; a malicious employee at one of the big AV vendors could cause a lot of damage by releasing an update that results in an important system file getting quarantined. What safeguards do each AV vendor have in place to prevent this happening? How is it verified that the companies are actually carrying out the policies if they have them to ensure updates are not malicious, and how is it verified that these policies are actually watertight?
Oolite: Elite-like game. For Mac, Linux and Windows
there has been no official communication from Kaspersky
It seems they were using Windows XP.
everyone that i know uses windows 8 on intel i7 or Amd FX computers.
So, you don't know anyone besides yourself?
Not the first time a KAV update has broken something. KAV for Exchange has had several updates come out that stomped on Store.EXE and kept it from running at all without uninstalling KAV for Exchange.
Client-side breakage seems less common, but unless you're running an SSD RAID-10 disk system with an 8 core CPU, you're always wise to dial back some of the Kaspersky defaults or you will find your machine unusable.
It also helps to reduce the frequency of updates. The default is something ludicrous like every hour or two. This provides two benefits -- one, when the update kicks off it generates a crushing amount of disk and CPU activity that throttles lesser machines, the other benefit is that you're much less likely to suck down broken definition updates as it's likely that the bad ones will be found and removed or fixed before you update.
This is not Kaspersky's only problem with its anti-virus product. I have been asked to install a 'technical update'. When I did so, it crashed the anti-virus so badly that it no longer worked at all. I had to physically remove its folder from the Program Files area and reinstall the program from scratch. And this was with Windows 7. That was back in November. When I got the same message in January, I thought Kaspersky might have fixed the problem. Nope: Install -- crash -- scrape up mess -- reinstall from scratch. You kind of wonder what has Kaspersky been doing over the past six months.
--- Andy West http://andywest.org
LOL the first link I found was a w3schools one where apparently 1/5 of wanna-be web developers were using XP as of two months ago. Its been dropping about 10% per year for several years now, so that will sunset around 2016 or so.
If a fifth of the techno-elite (LOL) are using XP I think in the wider market the numbers must be 50% or so.
I know MANY megacorps still stuck on XP. There are huge issues with being unable to give a "better" computer to a "lower" status employee that really screw up rollouts, not to mention corporate demanding certain software versions and the division demanding certain versions and the local team demanding certain software all adding up to its quite possible an upgrade is impossible until some bean counter 2000 miles away finally stops using some oddball thing. Or more likely they stopped back in '07 but no one has updated the official list since then and lots of CYA about what if they needed to access files using that antique app...
"Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
WinXP users can uninstall the product since there is no longer a threat of getting their machines infected! Kaspersky has done the ultimate preventative measure for them. ;-)
Good question - ASSuming that the XP box is the only box they own, how can they discuss their problem on an internet forum? It's not like XP owners are likely to live near a library, or have a relative, or an internet cafe nearby. None of them live near a campus with internet access. Geeez, this is an insurmountable problem, isn't it? Unless, of course, someone actually does backups, and restored his system to a pre-update status.
Phhhht - silly questions form silly AC's.
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
I have seen this exact thing happen dozens of times on Norton, Mcafee, and Trend Micro. Usually the only fix was to uninstall the client. Then Kaspersky does it and it makes the news? DOES NOT COMPUTE.
I thought in that case, the viruses scam you.
Lost at C:>. Found at C.
The new security model in Vista/Win7/Server 2008 breaks a lot of software. Lots of it. Tons. Especially building automation, medical equipment, factory automation, robotics, SCADA, pretty much any piece of equipment that needs to work 24x7 for years at at time without upgrades or updates and which costs more than $100,000 is going to run XP until physically replaced.
Place I used to work had a knee-high pile of Compaq 386 laptops sitting in the radio room. I offered to surplus them and the radio guys almost had a heart attack. The company had bought a half million dollar state-of-the-art radio system in the 1990s, and the control software would only run on a 386 running DOS 4. The manufacturer was purchased almost immediately afterwards by another company, which discontinued that hardware and its support. That stack of laptops was their backup for the control program.
There are multi-million dollar CNC lathes that use Windows NT, sawmills which will only run on Win2k, and PET scanners which will never upgrade higher than XP SP2. It's not about "status", it's about having functioning equipment.
"Think about how stupid the average person is. Now, realise that half of them are dumber than that." - George Carlin
Good question - ASSuming that the XP box is the only box they own
No, it's a terrible question. Your assumption is incorrect. And most of them probably have an internet-capable smart phone. Wake up, it's the 21st century.
Seven puppies were harmed during the making of this post.
It works. I'm running it on my 6-year-old PC at home. I had considered upgrading to Windows 7 (or getting a new PC with Windows 7), but that's not an option anymore.
There's still a CNC stuff out there that will only run on DOS 4. Basically the same situation as the radio story.
So, they broke internet access, but it's ok, because you can download the fix from the internet.
That reminds me of the failure of the Russian Phobos-1 mission, which occurred when they sent an (incorrect) command stating, roughly, "point the receiving antenna away from the Earth, and wait for further instructions."
* (greatly simplified)
http://www.geoffreylandis.com
Many wishful thank yous my goodest friend. Kaspersky will soon wire money you earn so well by shill being.
KERNEL PANIC -SIGFAULT AT ADDRESS #51A54D07
My only concern is indeed the lack of support, but then, I'm not even all that worried.
Ahhh...the great dumpster continuum. Many a free computer will be found there. -- sowth (748135)
I thought in that case, the viruses scam you.
No, that's what happens everywhere. Not just soviet Russia.
Some guy bitching on the forum linked above....I guess they didn't bother testing a patch before sending it out....typical windows admin....
Kaspersky - I need this probably as much as I need another hole in the head.
Thanks,
Your customer
It broke Intranet access for us, which caused a few applications not to run. We uninstalled the workstation 6 R2 product and installed Kaspersky Endpoint security instead and that took care of the issue.
Because Kaspersky catches a lot more nasties than Microsoft Security Essentials. And I mean a LOT more.
They shouldn't have fixed it. anyone using Windows XP should have upgraded years ago. Perhaps this would be encouragement to move to Windows 7....or Linux :D
Some applications still need Windows XP. Yes the applications should have been designed better.
...in corner cases, not against real-world data.
"According to Microsoft, although AV-Test’s results indicated that Microsoft’s antivirus products detected only 72 percent of all “zero-day malware,” Microsoft knows from its telemetry data—from hundreds of millions of systems around the world—that fully 99.997 percent of its customers hit with any zero-day attack did not in fact encounter the malware samples tested in this test (basically a 100 percent success rate in the real world). AV-Test’s sample size was just 100 pieces of malware."
Think about what Microsoft is saying here. All MS is saying is that the sample was too small.
What Microsft is saying is that an unknown number of Microsoft customers was hit with some kind of zero-day attack. It doen't equate to a 100% success rate in real life, it says nothing about MSE's success rate in catching zero day attacks. All it says is that the sample size of zero-day attacks was too small for meaningful analysis.
The real "Libtards" are the Libertarians!
Security has been achieved!
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Seems that AV software is a prescription worse than the disease.
I always though McAfee was akin to Thalidomide in that respect. It would appear that Kapersky is cut from the same cloth...
Is Norton Security Suite (or whatever it is/was called) still the ultimate cyanide pill for a well-configured system?
They shouldn't have fixed it. anyone using Windows XP should have upgraded years ago. Perhaps this would be encouragement to move to Windows 7....or Linux :D
Anyone who wanted to move to Linux has been perfectly free to do so for years.
Windows 7 requires a higher spec to run than XP, so a lot of people who are perfectly happy running an old 600 MHz Pentium 3 laptop with 128mb memory on XP probably aren't going to be able to upgrade to Windows 7.
To have a right to do a thing is not at all the same as to be right in doing it
...but I really don't see the problem.
Like I said, they needed to upgrade a decade ago. Turn that old P3 into a linux server and buy a new machine FFS. Tax time is here, spend 300 bucks and get a better machine.
Then stop using shitty apps?