Coles closes stores due to McAfee bug

Coles closes stores due to McAfee bug

Summary: Australian supermarket behemoth Coles was today hit by a McAfee bug that affected 10 per cent of its point of sales terminals and forced it to shut down stores in both WA and South Australia.

SHARE:
11

Australian supermarket behemoth Coles was today hit by a McAfee bug that affected 10 per cent of its point of sales terminals and forced it to shut down stores in both WA and South Australia.

A McAfee update released on Wednesday caused computers using Microsoft's Windows XP Service Pack 3 to incorrectly identify a legitimate operating system component as containing a virus. Affected computers experienced networking problems or repeated rebooting. McAfee has since removed the buggy update code from the company's servers.

Coles spokesperson Jim Cooper told ZDNet Australia that 1100 of the supermarket's terminals had been affected by the bug.

"What's happened is we're basically pretty prompt in updating our McAfee virus software as required and unfortunately that's where we got caught by it," Cooper said.

"It's affected our point-of-sale registers. We had about 1100 registers affected, which is about 10 per cent of the registers across the country."

He said the damage was restricted to WA and to a lesser degree South Australia. "And that's basically because of the time difference," he said.

"We were able to catch it before it hit the eastern seaboard, but it had already gone for the other guys [WA and SA]."

Asked whether Coles would be charging McAfee for the time it had to spend fixing 1100 terminals, work which is still ongoing, Cooper said it was "fair to say ... we'll be having some conversations with McAfee at some point down the track, but we're just focused on one thing at a time at the moment".

"Our guys have been battling to rectify it in the stores all morning. So we did have as many as 18 stores in WA predominately closed for a period of time over there this morning and that was basically because they either didn't have any registers that were functioning or they didn't have enough for the store to be able to operate properly," he said.

He said that he had never seen such a widespread outage at the company.

"We have had issues where there has been a technical glitch where it's affected stores," he said. "It's often more commonly a power outage or a surge or something along those lines. But it's not been anything on this sort of scale before in our recollection."

Only one store remained closed at the time of writing, according to Cooper.

"It was a store that was open earlier but it had to close because while it was able to function with limited registers operating when the store traffic was quiet, as the store had gotten busier the other registers weren't able to open, so we had to close that store subsequently."

Cooper said that a substantial number of people were working on the fix. "We've got an IT team and others that are all hands on deck, but I wouldn't want to put a number on it," he said.

"So it's a bit of a movable beast still, but we're progressively auto-rebooting lanes where we can and if we can't do an auto-reboot we're walking store teams through manual reboots."

Coles wasn't the only business to be affected by the problem. Jeremy Bree, IT manager at Fordham Business Advisors, a business development, risk management, superannuation and investment management company, told ZDNet Australia that 30 to 40 of his 130 desktops had been affected this morning. He said he had to spend three hours fixing the issue.

Yet McAfee's executive vice president, Worldwide Technical Support & Customer Service, Barry McPherson said on a blog that the problem wasn't widespread. "We believe that this incident has impacted less than one half of one per cent of our enterprise accounts globally and a fraction of that within the consumer base," he said.

Topics: Security, Emerging Tech

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

11 comments
Log in or register to join the discussion
  • Antivirus on POS kind of reminds me of this xkcd comic http://xkcd.com/463/
    Their POS designers have done something very wrong if they think AV on a POS is going to fix anything, if they want to use windows then lockdown the systems with a security policy and leave the antivirus for more interactive systems.
    changlinn
  • This is good news to all who still use Windoze everywhere. TCO (Total Cost of Owenership) is still low for Windoze users compared to Linux and other OSes - that's what M$ claims!
    syampillai
  • Honestly, though, this wasn't a Windows issue. It was a McAfee issue. File scanners are basically useless in this day and age anyway, things like this just compound the problem.

    That said, anyone still using WinXP needs to get off their butts and upgrade already... There've been better alternatives for 4 years now - XP is a malware hazard waiting to happen, even without AV scanners eating your machine.
    dermott
  • @dermott - Of course this is a Windows issue - if they were running some form of *nix they wouldn't be running an anti-virus program AND the system would be locked down, since *nix is designed around limited rights for regular users. Sure any and all software can be cracked for malicious purposes but the fact is that Windows is the most susceptible to ACTUAL malware seen in the wild (by an EXTREMELY large margin) and therefore should be LAST on the list of choices to run the POS system for a multi-billion dollar retail company. And as for the 'time to update' comment - we are not talking about your home computer here. Real businesses need POS machines to run 100% reliably for many years. They don't need to be sucked in to the same old turd-polishing MS ploys to extract more dollars from the entire planet by forcing everyone to buy their latest 'better' product. Cash registers don't need Aero glass to calculate your grocery bill.
    formerzombie
  • @microfish: Honestly. How does that even equate into the article? This is not a Windows issue. It is a McAfee issue.

    I'll agree with another poster that they really should be using a GPO setup to restrict allowed programs rather than using AV but on the other hand there are infections and rootkits that can bypass GPO and even disable it.

    Oh and I'd like you to name one store that uses Unix for it's POS terminals. I can't think of any right now.

    Aero doesn't come into play here considering they were running XP SP3 on the terminals. If you had been following the story you would know this did not affect previous service packs of XP nor did it affect Windows Vista/7.

    Windows is not more vulnerable to malware. It is just more targeted than the other platforms. Why? Well it is used more often that is the only reason. People will program for the largest target audience and malware/virus authors do it for the most impact. Last but not least it has been shown that Mac OS and Linux can usually be hacked a bit more easily than Windows anyways when not properly secured. Linux can have security flaws in the services themselves allowing root access. Mac OS doesn't seem to do enough for security but it isn't being hit right now simply because it doesn't have the deployment that Windows does right now. It is also based on Unix (FreeBSD I think; if not that then OpenBSD) so it can potentially have similar vulnerabilities in the core services under the GUI.
    shinji257
  • @shinji: If Linux counts (microfish wrote "*nix"), Pizza Nova. And the fact that Windows 7 was not affected is a moot point, because a) McAfee should've tested it and b) The store doesn't run Windows 7. If they did, we might not have seen this article because it automates system restore so the system would probably come up again with minimal effort, to allow the shutdown to be cancelled in time. This is far easier then having to manually restore svchost on a broken system. You're right in the way that McAfee ought not to put these maintenance functions to the test, but microfish is also right in that a properly locked down *nix system can definitely still be running today without needing an AV program.

    The fact that Windows is more targeted doesn't make *nix any less secure, which can be seen in practice on the server side of IT where my colleagues and I see more attacks that target Apache then anything but they do jack *****nix systems have also implemented MAC (Mandatory Access Control) for far longer then when Windows Vista came out (grSecurity for instance came out in Janurary 2000). A GPO solves nothing as that merely affects the shell (i.e. ShellExecute/ShellExecuteEx, as opposed to, say, CreateProcess), by comparison, programs in a *nix system require their executable bit to be set or they just won't run. Writeable directories can be mounted without permission to use this bit to ensure no user can download a program, and run it. Shell scripts without this bit are opened in a text editor, so you'd have to knowingly open a shell and run e.g. "bash Downloads/freesmileys.sh". In no way does this grant any more rights then the user already has, without write access to system files it will be unable to hide its activities for long. Sure, all systems have vulnerabilities but the attack surface is far greater on Windows. Especially with the lousy excuse for a package manager that is Windows Setup which lets you choose to install/remove shortcuts (e.g. MSIE, WMP) instead of actually installing and removing the programs.
    anonymous
  • Sorry to reply to myself, but the comment program seems to have incorrectly replaced another word for feces with asterisks. To read it correctly, replace "*nix" with ". *nix".
    anonymous
  • @changlinn
    The comic is hilarious, loved it.

    @dipswitch
    That was a good explanation, thanks. Just to add: while I can't tell if they're running on *nix, I've seen a couple of big supermarkets in Asia runs SAP POS.
    hhandoko
  • " Sure any and all software can be cracked for malicious purposes but the fact is that Windows is the most susceptible to ACTUAL malware seen in the wild (by an EXTREMELY large margin) and therefore should be LAST on the list of choices to run the POS system for a multi-billion dollar retail company."

    The problem with your arguement is that most multi-billion dollar companies use Windows on client machines to process payments. Banks, supermarkets, government departments, telecommunications companies, hospitals, you name it. So this means you are right and hundreds of CIOs around the country are wrong?

    "Mac OS doesn't seem to do enough for security but it isn't being hit right now simply because it doesn't have the deployment that Windows does right now. It is also based on Unix (FreeBSD I think; if not that then OpenBSD)"

    Do some research before swinging your bat. Yes, OSX does use FreeBSD's kernel or a variation of it but OpenBSD doesn't enter the picture at all. By the way, payment processing terminals are not run with Administrator rights so they are subject to the same protections as a Unix machine not run as Root if they are set up correctly.

    I agree with Changlinn - these machines should not even require AV software. I will also mention that AV software vendors think they are above the law and above scrutiny. How many times do their offerings show false positives on people's computers and how many times to fraudulently-reported websites suffer as a result of the AV vendors not verifying reports and not coding their signature files correctly? How many times does this happen without them being subject to defamation claims? For that reason I do not use AV software distributed by the more popular vendors because their business practices stink.
    Mel Sommersberg
  • Jaycar, fedora from the looks of it last time I looked.
    I am always of the opinion that if google can do it, so can everyone else. For myself though when I did do a few Linux desktop (not POS) rollouts I would put as a standard part of the build Clamwin, running a scheduled task /home/ scan one day and a full scan on the weekend.
    changlinn
  • "The problem with your arguement is that most multi-billion dollar companies use Windows on client machines to process payments. Banks, supermarkets, government departments, telecommunications companies, hospitals, you name it."

    Large corporations, particularly banks, do not do their financial processing on Windows clients. Most do run Windows on the desktop but it's primarily used to run client software that allows access to the corporate systems. I spent over 10 years in IT support for over 10 years by a billion dollar multi-national corporation AND a major Australian telecommunications company and I can assure you that when a desktop machine fails for whatever reason in this type of company they replace it/reimage it or whatever and nobody cares because there is no important data kept on these machines.

    "So this means you are right and hundreds of CIOs around the country are wrong?"

    Even if your previous statement was factual I'd still say "YES" to this one. The IT industry is a shambles because everyone accepts poor quality product on the desktop as the norm. If you could put a dollar figure on all the wasted man hours worldwide every day just due to the inherent unreliability of Windows alone it would be astronomical. There are no technical reasons why PCs should have to be regularly rebooted, slow down dramatically over time, randomly crash or just generally not work the same way twice (exaggeration, but you get the point). All of these have been inherent characteristics of Windows from version 3.0 (the first proper GUI version) through to version 7, and yes I have used and supported them all over an 18 year period). *nix machines including Linux and Mac (which I have been supporting for over 4 years now) do not display any of these characteristics unless something isn't working right.

    Microsoft should be aiming toward making reliable and secure operating systems rather than churning over more of the same only with a prettier interface each time they bring out a new version. Yes Windows improves over time but why does it still suffer the same problems listed above?

    Go to the News Agent and look at the computer magazines. The PC/Windows mags contain copious amounts of information on how to make Windows work faster and more reliably. There are even complete magazines dedicated to troubleshooting Windows. The Mac mags are almost 100% filled with information on what you can create with your Mac, and the Linux mags are... well, they are in a category of their own :).

    And then there is the Malware. Surely the supposedly greatest software company in the world would know the best way to address the Malware issues on their own operating system? Why does Windows rely on third party 'security' products with their associated $$ cost and CPU/RAM-sapping overheads to save the day? Why are their own anti-malware products not very popular? Why are they needed at all? Surely all the security you need should be a part of the operating system and not a bolt-on, shut-the-gate-after-the-horse-has-bolted pain in the butt appendage?

    Microsoft is primarily about selling you their 'latest and greatest' product, not about MAKING the latest the greatest. If they wanted to address all of these inherent problems they could, but they don't need to because they already have a captive market brainwashed into thinking their products are the only choice, and that unreliable operation is a "necessary evil", an inseparable part of personal computing and you just have to put up with it.

    The bottom line is that as long as the majority of the industry thinks they have no choice but to accept crap, that's all they're going to get. I'm not saying Windows doesn't have a place in the market - if you want cheap and cheerful $2 shop standard computing to read emails and surf the net then go for it - but Windows certainly isn't a sound choice for mission critical roles. If I owned Coles I would rate my POS terminals as mission critical considering how many dollars are lost when they all go down at the same time.
    formerzombie