One day after security vendor McAfee sent out a bad antivirus update that crippled corporate and consumer Windows-based computers, the suffering wrought by the update, DAT 5958, continues.
McAfee apologised for the faulty update and has supplied what it calls a SuperDAT remediation tool and DAT 5959 to wipe out and repair the damage done by DAT 5958. But if McAfee's own community discussion site is any indication, getting rid of the bad McAfee code, which can blue-screen Windows computer and cause other disturbances, hasn't been easy.
"I assume that like me, everyone is in repair mode right now and getting machines running is their top priority," wrote one individual under the name CrazyFingers. "However, after this is over, I expect McAfee to have some straight answers for me. I expect them to explain clearly how a mistake of this magnitude managed to happen in the first place. Then I want to know how it slipped past QA. Finally, I have lost a lot of faith in McAfee's products. I need them to show me why I should continue to use their products when the largest and most destructive virus outbreak we have had in 8 years was actually caused by my A/V vendor."
Another commenter on the community site wrote, that 5958 "is nuking all of my systems and detecting a false positive in svchost and causing a system shutdown."
McAfee's public response has mainly been provided by Barry McPherson, McAfee executive vice president of support, whose blog posting earlier detailed how he has spent 14 hours straight on the phone with McAfee's support group
McAfee isn't the first antivirus software vendor to have wreaked havoc on customer PCs with a bad antivirus update. Trend Micro delivered a bad antivirus update two years ago, and vendor AVG also had a bad antivirus update that year. But McAfee's handling of DAT 5958 this week is meeting with frustration from customers who are bewildered by technical explanations from McAfee and long wait times — one online commenter claims 2 hours —for tech support.
"Upon calling McAfee's Gold Tech Support, we were met with waiting over 2 hours FOR AN OPERATOR!!," wrote one individual on McAfee's comments section. "While we understand a higher than normal call volume for an event like this, we were completely taken aback that we had to dig deeply to find information regarding this issue on your Web site. We certainly would have expected to see something, anything on the main page of McAfee…nothing."
Another wrote: "Not enough time to figure out what all the geeky terms like DCOM, DAT and SVCHOST means. I'm not a geek so I took the laymans way out and deleted the whole enchilada." And one commenter simply called it, "the McVirus."
Read: McAfee is not the first vendor to suffer a troublesome false positive.