- Related Stories
-
Web filters mistakenly blocking Yahoo
March 28, 2007 -
Symantec incorrectly flags Yahoo Mail as a virus
February 28, 2007 -
McAfee update exterminates Excel
March 10, 2006 -
Microsoft flagged Symantec software as spyware
February 13, 2006 -
Microsoft says sorry for AntiSpyware error
February 24, 2005
According to the Chinese Internet Security Response Team (CISRT), users of Norton Antivirus, Norton Internet Security 2007 and Norton 360 who installed an antivirus signature update released by Symantec on May 17 could not reboot their PCs. The update reportedly mistook two Windows system files--"netapi32.dll" and "lsasrv.dll"--as the Backdoor.Haxdoo Trojan horse. The two files were subsequently quarantined.
CISRT said the flawed Symantec update affects only users of the Simplified Chinese version of Windows XP Service Pack 2 who have been patched with a particular Microsoft software fix available since November 2006. CISRT noted that this issue has been "huge."
According to CCTV.com, which is part of China's largest national TV network, the problem has affected millions of PCs and was not completely resolved as of Wednesday.
A representative at Symantec Asia-Pacific and Japan confirmed the incident earlier this week, but declined to reveal the number of Chinese Norton customers who were affected. According to Symantec, the problem was caused when Symantec made a change to the automated process used by the company's security response team to detect malicious software.
Symantec said the false detection was immediately removed from the virus signature definitions. Symantec security experts then initiated a LiveUpdate--the company's automated software update process--posting to include the updated definitions. This LiveUpdate became publicly available on May 17, about four and a half hours after Symantec was notified of the issue.
According to Symantec China's Web site, affected customers can resolve the problem by initiating another LiveUpdate, if they have not restarted their PCs after installing the flawed update. Systems that have already been restarted can be returned to the previous state by recovering the two system files from the Windows XP disc.
Aaron Tan of ZDNet Asia reported from Singapore.
See more CNET content tagged:
Symantec Corp., China, Norton Co., antivirus, Microsoft Windows XP
Symantec's false positive record is too high for me!
I fix too many infected PC's that became infected under the nose of Symantec (and McAfee) "protection" to give me any confidence in it. That's on top of resource hogging and irritating and unnecessary hampering of harmless processes and applications. Honestly, the freebie stuff out there is much better anyway.
1. Ignore the fact that it comes via AOL, they're actually doing something useful here.
2. Resist the offer of a toolbar during installation, it will simply nag you to spend money for something or another.
*** Do use a disposable email address to get the activation code ***
- So what's new?
- by robtheailean June 6, 2007 7:24 PM PDT
- I had my first taste of Symantec's "protection" some 7 years ago, while running a small IT business, Symantec pushed out an update to their Enterprise AV product, that crashed NT4 servers.
- Like this Reply to this comment
-
(9 Comments)Needless to say, they were A. unconcerned and B. slow to respond and C. could not understand the fuss.
AS I had recommended the product, my clients saw it as my problem to rebuild their servers - and I lost a couple of clients as well.
There have been a number of such disasters since - but the morons who are supposed to report this stuff, go to the lush seminars and repeat Symantecs copy.
I just avoid their product like the plague