https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2021 MSP 501 Application
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2021 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

Best Practices


McAfee Apologizes for Killing Windows

  • Written by Dave Courbanou 1
  • April 22, 2010

April 20th marked one of the most unhappy days in McAfee history, because  virus definition update — version 5958 — gave a “false positive” identification of the infamous critical Windows process “svchost.exe”. Short version? McAfee thought it was a virus, and Windows ends up not  booting up. Here’s the remedy, the aftermath, and the official word from McAfee.

First, a little background: The McAfee problem arises as the security software company prepares to launch a new partner program in early May 2010. McAfee’s latest channel chief — Alex Thurber — is a Cisco Systems veteran, so channel programs are in his DNA. Also, McAfee has committed to keeping the best portions of the MX Logic partner program amid the new McAfee partner program launch. (McAfee acquired MX Logic last year.)

So, that’s the big picture on McAfee’s channel strategy. It sounds promising. And we hope to hear more from Thurber during a potential meeting the week of 26.

Now, the Bad News

But at least for this week, some VARs were dealing with a somewhat annoying McAfee software glitch. If your customers are running Windows XP Service Pack 3 and have installed the 5958 definitions, svchost.exe will get deleted. Poof. Suddenly, your customers have a non-functioning Windows machine. What’s worse, Windows is set to reboot on a failure of svchost.exe, basically putting machines into an endless-reboot making it hard to repair.

One site worthly of note, ArsTechnica, said McAfee’s site “collapsed under the load” and as such, official McAfee support forums weren’t accessible. They did however, quote McAfee’s SOS before the site came to a halt:

“Boot the system into safe mode
Drop the attached extra.dat in c:/program files/common files/mcafee/engine
Reboot into normal mode
Rebooting into Windows normal mode type “shutdown /a” in the run line this aborts the automatic shutdown.
This will allow them to apply the exclusion.”

Make sure to run the command as Admin, otherwise it wont work.

We contacted our own official McAfee sources, and they had the following to say:

McAfee is aware that a number of customers have incurred a false positive error due to this release. We believe that this incident has impacted less than one half of one percent of our enterprise accounts globally and a fraction of that within the consumer base–home users of products such as McAfee VirusScan Plus, McAfee Internet Security Suite and McAfee Total Protection. That said, if you’re one of those impacted, this is a significant event for you and we understand that.

Our initial investigation indicates that the error can result in moderate to significant issues on systems running Windows XP Service Pack 3…The faulty update was removed from all McAfee download servers within hours, preventing any further impact on customers.

McAfee teams are working with the highest priority to support impacted customers. We have also worked swiftly and released an updated virus definition file (5959) within a few hours and are providing our customers detailed guidance on how to repair any impacted systems.

While it sounds like McAfee’s got it cool and under control with an apologetic attitude, it does seem like they’re underplaying it slightly. “less than one half of one percent of our enterprise accounts” with a “fraction” of consumer base hit? What ‘fraction’ or numbers total to their ‘100%’ exactly? This blogger knows that despite Windows 7’s warm reception, there still hasn’t been a total migration yet. Migration in the Enterprise arena is also a mixed bag. Admittedly, the amount of McAfee users explicitly using Windows XP SP3 might be a metaphorical handful, but a ‘fraction’ seems like marginalizing the problem if McAfee’s own support site went down.

But what are the implications beyond the obvious downtime? Is this a one-time, minor setback for McAfee or the sign of a larger challenge? Were you affected?

Sign up for The VAR Guy’s Newsletter; Webcasts and Resource Center; and via RSS; Facebook; Identi.ca; Twitter and VARtweet.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs Best Practices Leadership Networking

Related


  • No Racism
    Racially Charged Tweet Costs Alteryx CRO His Job
    Numerous individuals, including a customer, criticized Alteryx for the tweet, which led to the CRO's resignation.
  • Select a Hire
    AvePoint Taps Ingram Micro, Palo Alto Networks Vet to Lead Channel
    He held channel exec roles at Ingram and Palo Alto Networks
  • Vendors: How Do You Measure a Partner Relationship?
    Vendors still struggle to gain a genuine insight into their partners’ needs. So what can they do?
  • Black History Month
    Black History Month: Celebrating Tech Pioneers
    From the 19th century to present day, their accomplishments are remarkable.

One comment

  1. Avatar Mark Newton April 23, 2010 @ 12:50 pm
    Reply

    My wife works for a large hospital / university. She told me that it was odd walking around the office yesterday with no one at their computers. They were all down. The email below talks around 8,000 computers just at this location. Here is the email sent out. I am lead to believe that most are now working again today.

    At 11 a.m. today, 4/21, McAfee, our VirusScan vendor, released an update to its customers that improperly identified a critical component of Windows as having a virus.

    XXIT, along with the majority of McAfee’s customers worldwide, automatically propagates these virus definitions to their client PCs.

    Roughly 8,000 CoreImage PCs randomly distributed across the Health System automatically received the virus scan update and are now experiencing repetitive reboots. These computers are not functioning at this time and will be offline until the problem is fixed.

    IT has stopped the virus scan update and is currently working on ways to restore the affected machines. This is challenging due to the nature of the file that is being flagged (improperly) as having the virus.

    If your computer is still operational, it is fine and will not experience this problem.

    NOTE: The CoreImage computers do not have a virus, but McAfee VirusScan incorrectly believes they do.

    There will be more updates as they become available from Microsoft, McAfee and IT.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • TA Associates to Acquire Virtual Desktop OS Provider IGEL
  • Companies Seek IT Security Resellers with Technical Know-How
  • Cisco Second Quarter: Profit Slips, Revenue Flat
  • Channel Survey: Sales and Marketing, Analytics Are Significant Challenges

Galleries

View all

Channel Partners Virtual 2021 Is the Hottest Ticket in Town

February 26, 2021

Industry Perspectives

View all

Backup Vulnerability: 4 Targets Hackers Might Utilize to Infiltrate Your Backup Solution

March 2, 2021

The “Roaring 20s” Are Coming

February 25, 2021

Three Ways MSPs Can Improve Supply Chain Security

February 24, 2021

Webinars

View all

A Partner’s Perspective on Channel Success in 2021

March 23, 2021

XDR and Why it Matters to MSPs

March 24, 2021

Top Security Trends Impacting Technology Security Providers In 2021

March 25, 2021

White Papers

View all

Why Fortinet for my MSSP?

March 2, 2021

Small and Mid-Size Business Security: 4 Steps to Success

March 2, 2021

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul

March 2, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@Netrality launches expanded partner program. #datacenters dlvr.it/RtrKXt https://t.co/2qHhnqrF7g

March 3, 2021
ChannelFutures

With day one of #CPVirtual in the books, we offer a recap of highlights and look ahead to day two. @Channel_Expo… twitter.com/i/web/status/1…

March 3, 2021
ChannelFutures

Why Fortinet for my MSSP? @EXN_Networks dlvr.it/Rtr1JS https://t.co/VV1dfuEK3r

March 2, 2021
ChannelFutures

Small and Mid-Size Business Security: 4 Steps to Success @EXN_Networks dlvr.it/Rtr1J9 https://t.co/ENfDHBfajN

March 2, 2021
ChannelFutures

How SMBs Can Secure Endpoints and Remote Workers for the Long Haul @EXN_Networks dlvr.it/Rtr1Hq https://t.co/3aAZL31Y2e

March 2, 2021
ChannelFutures

Mapping the Ransomware Landscape @EXN_Networks dlvr.it/Rtr1F6 https://t.co/oTSoIJKlA5

March 2, 2021
ChannelFutures

Top 5 Considerations when Selecting an EDR Solution @EXN_Networks dlvr.it/Rtqt8V https://t.co/g9VLXbj2Rx

March 2, 2021
ChannelFutures

[email protected] launches new #partnerprogram. #zerotrust dlvr.it/RtqhZB https://t.co/yIUhvYkYUs

March 2, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X