Mangled McAfee Update Drives Windows XP Users Bonkers

Things are looking bleak for McAfee after the security software company sent a bad virus definition to its users Wednesday.

The file was created to combat a new threat, but once it was distributed, it caused thousands of PCs running Windows XP Service Pack 3 worldwide to crash.

Many felt McAfee did not respond adequately to the issue. Could the fallout be more than a temporary black eye for the vendor?

McAfee’ problems began when it detected a new piece of malware and its engineers crafted a response.

“In the past 24 hours, McAfee identified a new threat that impacts Windows PCs,” reads an official McAfee statement provided by Heather Edell, who works for McAfee’ public relations firm Red Consultancy. “Researchers worked diligently to address this threat that attacks critical Windows system executables and buries itself deep into a computer’s memory.”

The result was the 5958 virus definition file. This was released at 6 a.m. PST Wednesday after passing quality testing.

Once users’ PCs downloaded the file, however, it triggered a false positive error. While it mainly hit PCs running Windows XP SP3, other versions of Windows were also affected, according to the Internet Storm Center.

Affected PCs enter a reboot loop and lose all network access, ISC said. The situation was made worse in large organizations, many of which use McAfee’s ePolicy Orchestrator to update virus definitions across a network, because this sped up the spread of the bad file.

Affected organizations include first responders and schools. One community in northern Iowa was reportedly hit in the middle of a disaster exercise. The city and county governments had to shut down all their computer networks, including those of first responders, to contain the damage.

Sorry Isn’t The Hardest Word

McAfee has made attempts to appologize to its customers and assure them it is working to fix things.

“We sincerely apologize for the inconvenience this has caused our customers,” Barry McPherson, executive vice president of worldwide technical support and customer service, wrote in the company’s blog on the problem Wednesday.

However, some users reacted angrily to this and McPherson’s second post. The bad file also kicked off a Twitterstorm of sorts, with users venting their anger through the microblogging service.

The Impact on McAfee

All that anger could lead some users, at least, to head off to a new antivirus vendor.

“This kind of problem can be a killer because it effectively shut down a large number of firms, and the resulting liability could be legendary,” Rob Enderle, principal analyst at the Enderle Group, pointed out.

“They did a lot of damage to a lot of companies,” Enderle told the E-Commerce Times. “I was at a big multinational and even their security system was down because of this problem, and were I in their IT department, McAfee would be done.”

Perhaps all is not lost. “In the short term, the company will suffer a very badly blacked eye,” Charles King, principal at Pund-IT, told the E-Commerce Times. “But it could mitigate long-term damage by doing all it can to resolve the problem. Accepting responsibility, keeping efforts to correct the problem completely transparent, and doing everything you can to help clients is how I’d suggest McAfee should proceed.”

Partners and Other Strangers

McAfee recently announced several new initiatives, including partnerships. One is a deal signed with Facebook in January; another is the McAfee Cloud Secure Program, which lets Software as a Service providers secure their deployments in the cloud. Amazon Web services and SaaS provider SuccessFactors are expected to be the first customers for this.

A third is a partnership with Adgregate Markets, a provider of transactional advertising and distributed commerce solutions. This will let consumers access ads and apps for online, mobile and social networks securely.

Could these be hurt by the fallout from the bad file it released?

That probably depends on the other party and the technology involved. Partners may continue to work with McAfee.

“It doesn’t impact our view of our partnership because we are securing portable apps, not desktops,” Henry Wong, CEO of Adgregate, told the E-Commerce Times. “We look forward to a fruitful and long-term partnership with them.”

However, consumers may get turned off unless McAfee addresses the perception that it’ not being transparent and open and is more interested in spin than substance. Several have complained about these issues.

“With something this major, you need to get well in front of the news and execute sharply,” Enderle pointed out. “You’d have thought Toyota would have been a good example of what can happen if you don’t do this right.

“Evidently McAfee’ executives missed the Toyota lesson,” Enderle said.