Goto Blog Home PageRevell Research Systems: Alastair Revell's Web Log
On this page....
<January 2020>

RSS 2.0     Atom 1.0     CDF

Blog Roll
About Alastair Revell
Alastair Revell is the Managing Consultant of Revell Research Systems, a Management and Technology Consulting Practice based at Exeter in the United Kingdom.
Contact Alastair Revell
 EMail Revell Research Systems Limited Email Me
Legal & Other Notices
Sign In
The material published in this web log is for general purposes only. It does not constitute nor is it intended to represent professional advice. You should always seek specific professional advice in relation to particular issues. The information in this web log is provided "as is" with no warranties and confers no rights. The opinions expressed herein are my own personal opinions.

Web Log Home | Welcome to this Web Log | Using this Web Log | New to Blogs? | About Revell Research Systems | Contact Details

Review Entries for Day Wednesday, April 21, 2010

I imagine that 21st April 2010 will be a day that McAfee will remember for sometime to come and probably one they would much prefer to forget!

The antivirus vendor issued its daily security update DAT5958 at 06:00 PDT (GMT-7), but by 13:00 BST (GMT+1) the update was wreaking havoc on many corporate networks in the United Kingdom, let alone the rest of the world!

The update affected Windows XP machines with Service Pack 3 applied, falsely detecting the svchost.exe file as Win32/wecorl.a. The vendor’s VirusScan product essentially prevented the svchost.exe file from running, causing Windows to endlessly reboot in many cases.

McAfee acted fairly quickly by pulling the affected virus definition file (DAT5958) from their download servers, preventing more customers from becoming involved in what must be one of the worst update issues to impact corporate networks for some time.

They released DAT5959 to replace the affected virus definition file at around 10:15 PDT (GMT-7).

This incident comes on the back of reports that many modern anti-virus products are failing to detect malware. I’ve just been reviewing Cyveillance’s February 2010 Cyber Intelligence Report, which suggests McAfee detects around 37% of emerging threats on a daily basis (based on data from the last half of 2009). Kaspersky came out on top with a daily detection rate of 38%, but many were much poorer - such as Symantec on 25%.

The time for relying on straight-forward anti-virus products seems to be coming to an end…

RSS 2.0 Feed If you enjoyed reading an article on this blog, why not subscribe to the RSS 2.0 feed to receive future articles?
Revell Research Systems Logo Visit the Revell Research Systems Web Site if you want to learn more about this management and technology consulting practice.