Botched Security Update Cripples Thousands of Computers

← Back to Stories (view on slashdot.org)

Botched Security Update Cripples Thousands of Computers

Posted by samzenpus on Wednesday April 17, 2013 @04:27PM from the houston-we-have-a-problem dept.

girlmad writes "Thousands of PCs have been crippled by a faulty update from security vendor Malwarebytes that marked legitimate system files as malware code. The update definition meant Malwarebytes' software treated essential Windows.dll and .exe files as malware, stopping them running and thus knocking IT systems and PCs offline, leaving lots of unhappy users and one firm with 80% of its servers offline."

16 of 274 comments (clear)

Min score:

Reason:

Sort:

Microsoft Security Essentials... by Frosty+Piss · 2013-04-17 16:28 · Score: 5, Insightful

...is all I use these days.
Of course since Windows is "out of favor" here, one does not necessarily mention that Microsoft's "Security Essentials" is easily as good as most commercial Windows anti-malware packages, and much more "light weight". And free. And yes, everyone knows that Microsoft purchased the original technology (so what?) ...

--
If you want news from today, you have to come back tomorrow.
1. Re:Microsoft Security Essentials... by Anonymous Coward · 2013-04-17 16:48 · Score: 5, Insightful
  
  NO, it hasn't been getting bad reviews, it has had some negative press based on some dodgy tests that try to use essentials for something it isn't really meant for. They throw zero day malware to test its heuristics, which are not wonderful. however in known malware (the stuff 99.9% of people need protection against) it is exceptionally good.
2. Re:Microsoft Security Essentials... by inflex · 2013-04-17 17:08 · Score: 3, Insightful
  
  All I use and recommend now as well. Previously good AV suites have become pointlessly (for the consumer) bloated and I'm having a higher occurence of machines being bought in with faults explicitly attributable to the AV suites.
  I'm no fan of Microsoft, but I have to say that MSE does tend to do an acceptable job given that inevitably all AV suites let stuff slip past.
3. Re:Microsoft Security Essentials... by Anonymous Coward · 2013-04-17 17:47 · Score: 2, Insightful
  
  All I use and recommend now as well. Previously good AV suites have become pointlessly (for the consumer) bloated and I'm having a higher occurence of machines being bought in with faults explicitly attributable to the AV suites.
  Which is why, over a year ago, I tried out MSE, found that (at least, back then) it was as good as the usual freebie AV offerings, and installed it on a number of customer PCs and laptops.
  
  I'm no fan of Microsoft,
  I got a serious amount of stick for going the MSE route, I've cordially detested Microsoft and it's unholy offerings since DOS 3.2
  
  but I have to say that MSE does tend to do an acceptable job given that inevitably all AV suites let stuff slip past.
  And this is the thing, '..inevitably all AV suites let stuff slip past
  I've had infected machines back to me for disinfection which had been running fully up to date AV suites (both free and commercial).
  In a bout of boredom one week, I set up a test machine running XP c/w patches, ghosted the install, then worked my way through various AV suites, free and commercial.
  The basic test was, fire up eMule, download the obvious virus files, then try to deliberately infect the system by running them.
  Eventually, all the AV suites I tried failed, and the box was duly infected (which lead to part two of the test, how capable various disinfection tools are..oh, what fun).
  MSE fell out of my favour a while back mostly due to detection issues (over a couple of weeks, 10 machines running it became infected with known [to most of the other AV software] variants of a Trojan then doing the rounds) It's hard trying to explain to people that AV software is as fallible as any other software, especially when you initially specified/installed it and are now charging them for repairing the damages caused by it's failure.
4. Re:Microsoft Security Essentials... by Joce640k · 2013-04-17 19:32 · Score: 5, Insightful
  
  Only by those who don't pay attention to current reviews. Like many recent Microsoft products, MSE started off well, but has been in steady decline since its release.
  Face it, they're all shite... the viruses change every single day and no anti-virus of them will protect you from the latest ones. Not one. Virus infection is 100% due to the warm squishy thing between the keyboard and chair, not the flavor of antivirus installed on the machine.
  OTOH, MSE doesn't constantly annoy, slow your PC to a crawl or constantly ask for credit card details just to keep on running.
  
  --
  No sig today...
5. Re:Microsoft Security Essentials... by Joce640k · 2013-04-17 19:35 · Score: 4, Insightful
  
  Experience has shown that it makes NO difference what anti-virus I install on people's machines.
  
  --
  No sig today...
6. Re:Microsoft Security Essentials... by Samantha+Wright · 2013-04-17 19:55 · Score: 5, Insightful
  
  But if it doesn't slow the computer down to an unusable crawl, how will anyone ever feel safe?!
  
  --
  Bio questions? Ask me to start a Q&A journal. Computer analogies available for most topics!
Doh! by All_One_Mind · 2013-04-17 16:30 · Score: 3, Insightful

For once I'm happy that I'm too lazy to regularly update programs like that.
thats what they get by Anonymous Coward · 2013-04-17 16:32 · Score: 0, Insightful

for using microsoft servers
Re:The cure is worse than the disease by Anonymous Coward · 2013-04-17 16:42 · Score: 4, Insightful

I've yet to see an AV that actually can deal with browser add-on attacks.
The only thing that might help is Malwarebytes because it blocks by IP address.
If you want protection, use an ad blocker. Ad servers seem to be one of the chief causes, if not the top infection vector these days.
1 in 20 by tuppe666 · 2013-04-17 16:44 · Score: 3, Insightful

Maybe I'm doing something wrong, but I haven't seen a virus in a decade.
...or maybe as http://eugene.kaspersky.com/2013/03/25/one-in-twenty-is-the-sad-truth/ "Even those who care nothing for their health still get sick – it’s just that the infection goes undiagnosed" as much as you may find it comforting blaming users, 1 in 20 infected machines implies there is something wrong. Its no wonder users are not buying PC's anymore.
Re:One major reason why AV is a dead-end by Spikeles · 2013-04-17 17:40 · Score: 3, Insightful

There is no way to prevent these things from happening
Sure there is. Kaspersky Anti-Virus Security Center has a Update Verification module built in, that allows a sysadmin to install the update to a known-clean test group and then run a virus scan BEFORE the update is applied to the rest of the machines. If the scan fails(ie, finds anything), the update is aborted and an email is sent to the admin. If Malwarebytes had that kind of thing(or if it did and the sysadmins actually used it), this wouldn't even be an issue.

--
I don't need to test my programs.. I have an error correcting modem.
Re:scoring 71% percent vs. the industry average 92 by Electricity+Likes+Me · 2013-04-17 18:15 · Score: 5, Insightful

Basically "stop doing stupid things with your computer".
Why a firm needed Malware Bytes on it's servers in the first place is the real question here.
Re:scoring 71% percent vs. the industry average 92 by minus9 · 2013-04-17 20:08 · Score: 2, Insightful

If their results can be bought, Microsoft would have bought them.
Malwarebytes by 1s44c · 2013-04-17 21:13 · Score: 3, Insightful

The clue is in the name.
Re:Production by wonkey_monkey · 2013-04-17 22:18 · Score: 3, Insightful

Yeah, stupid idiots, why didn't they write their own OS from scratch at the start, then they wouldn't have any of these problems.

--
systemd is Roko's Basilisk.