Bad security update brings down PCs worldwide

PCs running on Windows 64-bit systems stopped working properly after users updated BitDefender's antivirus software over the weekend, according to report.
Written by Kevin Kwang, Contributor

A number of BitDefender users, whose 64-bit Windows systems stopped working or were unable to be rebooted after updating their security programs, vented their frustration by flooding the antivirus (AV) vendor's forum pages over the weekend.

According to an IDG report, users on forum boards started signaling the problem on Saturday evening. The complainants said several Windows files, and the security vendor's own program files, were identified as "Trojan.FakeAlert.5" malware after they performed an update for their BitDefender AV programs.

In an e-mail update Monday to ZDNet Asia, Vitor Souza, BitDefender's global communications director, explained that "multiple" BitDefender and Windows files which comprise .exe, .dll and other binary files, were incorrectly detected as malware and "moved to quarantine".

The faulty updates were applied to the company's home user product line as well as BitDefender Business Client and BitDefender Security for File Servers. Those using BitDefender's products from 2008 to 2010, on Windows XP, Windows Vista and Windows 7 platforms, were affected.

"By 11am PST, our team had reversed the faulty update so no additional users would be affected," Souza said, adding that the number of customers that contacted the company's support channels were "in the hundreds".

In a blog reply posted on Saturday, BitDefender had offered workarounds for BitDefender 2009 and BitDefender 2010 products, but has yet to release a patch for its 2008 version.

The IDG report stated that users who can't make use of the released patches should either use Windows' Last Known Good Configuration restore or System Restore options.

Even with these solutions, though, some users were still left trying to figure out how to restore clean files that have been mistakenly sent to quarantine or deleted by the AV update--a condition commonly termed as a false positive.

One forum user, huhuhu, said in a post on Monday: "I downloaded and saved the patch for BD2009...when I run it it says that the BD update service has stopped working...what should I do? How do I restore the files in the quarantine? [Please] help."

Another user, THEPAPA, also called on Bitdefender to provide solutions for 2008 AV products, saying, "Please give us an estimate for the 2008 patch, now that it seems you solved the 2010 and 2009 put your attention on the 2008 patch. An estimate will be gladly [appreciated]. I have my computer on since yesterday just waiting for this patch."

In response, Souza said that teams are "working around the clock to minimize the impact" and are "developing tools and patches to fix the issue as quickly as possible".

"We understand [our] customers' disappointment, and we are working to rectify the incident of all users affected. This was an isolated issue and as we learn the causes we will be optimizing so it won't happen again," he added.

In 2005, changes to BitDefender technology were blamed for the accidental deletion of thousands of GFI customers' e-mail messages. Last year, CA also incurred the wrath of customers after its AV technology wrongly identified a Windows XP systems file as a virus, and quarantined the associated files.

Editorial standards