A buggy update released Friday by security vendor McAfee for its consumer and enterprise antivirus products, left the computers of its customers unprotected and, in some cases, unable to access the Internet.
The incident affected both home and business users, some of whom were still trying to sort out the problems caused by the updates on Monday and Tuesday, according to messages posted on McAfee's community forums and Facebook page.
The problems were introduced by McAfee updates DAT 6807, released on Friday, and the subsequent DAT 6808, depending on which product was used.
After installing these updates some home users started encountering errors when accessing the McAfee Security Center console, which prevented them from performing any action inside the program. Other users experienced a loss of Internet connection on their computers.
McAfee confirmed these problems on Sunday in a technical document that described two possible solutions, both requiring users to update to a newly released DAT 6809 file.
One workaround, intended for users who lost Internet connectivity on their computers, involved uninstalling the product, rebooting the computer, downloading an updated version of the product from McAfee's website and installing it.
The other solution described automatic and manual methods of updating existing installations to DAT 6809. Users who continued to encounter errors after updating to this DAT version were advised to uninstall the product using a specialized tool called McAfee Consumer Product Removal (MCPR) and then install the updated version of the product.
Users of McAfee VirusScan Enterprise (VSE) 8.8.x, the company's flagship enterprise antivirus product, had to wait until Monday for a so-called superDAT hotfix that wouldn't require them to reinstall the product on thousands or hundreds of affected computers.
For VSE, the bad updates caused issues with the on-access scanner (OAS), a critical component that checks all files accessed by the system for signs of malware, the company said in a support document published on Monday.
Some administrators in charge of antivirus deployment in corporate environments expressed concern that while the OAS remains disabled a user could get infected and the malware could spread to other computers on the network.
"I have 46 out of 152 computers, having this issue," a user who identified himself as bostjanc said on the McAfee community forum for business products. "I currently have over 3000 endpoints with this problem - solution asap please McAfee," another user named Derosa said.
"The issue is well over 24 hours old now, and it's been 'officially' confirmed for nearly 24. That's a very long time to have AV [antivirus] in a faulty state," a user named mjmurra wrote hours before McAfee released VSE 8.8 Hotfix 793640 to remediate the issue. "At least one saving grace is that many customers had their machine switched off over the weekend," he said in a later post.
Sign up for CIO Asia eNewsletters.