Cripples Windows XP machines with endless reboots after critical system file quarantined
A flawed McAfee antivirus update sent enterprise administrators scrambling today as the new signatures quarantined a crucial Windows system file, crippling an unknown number of Windows XP computers, according to messages on the company's support forum.
The forum has since gone offline.
McAfee confirmed it had pushed the faulty update to users earlier today. "McAfee is aware that a number of customers have incurred a false positive error due to incorrect malware alerts on Wednesday, April 21," said company spokesman Joris Evers in an e-mail reply to questions. "The problem occurs with the 5958 virus definition file (DAT) that was released on April 21 at 2:00 P.M. GMT+1 (6:00 A.M. Pacific)."
According to users on McAfee's support forum, today's update flagged Windows' "svchost.exe" file, a generic host process for services that run from other DLLs (dynamic link libraries).
HOW THE F*** do they put a DAT out that kills a *VITAL* system process?" asked Jeff Gerard on one thread. "This is goddamn ridiculous," added Gerard, who identified himself as a senior security administrator with Wawanesa Mutual Insurance Company of Winnipeg, Manitoba, in Canada. "Great work McAfee! GRRRRRRRRRRR."
As of 3:30 p.m. ET, McAfee's support forum was offline, with a message reading "The McAfee Community is experiencing unusually large traffic which may cause slow page loads. We apologize for any inconvenience this may cause."
Both users and McAfee said that the flawed update had crippled Windows XP Service Pack 3 (SP3) machines, but not PCs running Vista or Windows 7 . "Our initial investigation indicates that the error can result in moderate to significant performance issues on systems running Windows XP Service Pack 3," acknowledged Evers.
Affected PCs have displayed a shutdown error or blue error screen, then gone into an endless cycle of rebooting, users claimed.
McAfee reacted by warning users not to download today's update if they haven't already, and by posting recovery instructions and a signature update to suppress the defective one seeded to users earlier. "Apply the EXTRA.DAT to all potentially affected systems as soon as possible," the company recommended. "For systems that have already encountered this issue, start the computer in Safe Mode and apply the EXTRA.DAT. After applying the EXTRA.DAT, restore the affected files from Quarantine." Unfortunately, those instructions and the suppression EXTRA.DAT update file are not currently available, again because McAfee's support site has gone dark.
Instead, users can reach the instructions and EXTRA.DAT file from elsewhere on McAfee's site .
Wednesday, May 5, 2010
FBI: Finding criminal data on cell phones and game consoles is tough
FBI says variety of software and limited memory pose challenges
Non-traditional communications devices such as smartphones and game consoles pose a particular problem to law enforcement agencies trying to milk them for forensic data that reveals criminal activity, attendees were told at the 2010 Computer Forensics Show in New York City. "Forensic tools for cell phones are in their infancy," says Stephen Riley, a forensic examiner with the FBI's Computer Analysis and Response Team. "There's lots of different carriers, different phones, different cables – just try to keep up."
Smartphones can communicate via SMS, MMS, mobile e-mail, mobile internet access, VoIP and traditional cellular voice networks, Riley says, making each machine a potential treasure trove of information but also a nightmare maze of possible proprietary technologies to unlock it.
Retrieving SMS messages can depend on the model of phone, the carrier, the time of day, even the country in which the phone is used. SIM cards removed from phones carry potentially useful forensic information, but unless it is associated with a particular phone's PIN, it's inaccessible. Perhaps the personal unlock feature controlled by phone manufacturers could release the data, but that requires knowing the make and model of the phone, he says The ready availability of cell phones is also a problem. Searches of suspects' residences can turn up drawers-full of cell phones that are no longer used but never thrown out. Yet they can demand valuable forensic time.
Game consoles pose a separate problem. They can be used to send e-mail and connect to the Internet but have very little internal memory so whatever is on the drive can be quickly over written and therefore gone forever, he says. "You can take a Wii onto the Internet and it doesn't save sites or browser history," he says. "If you type in a Web address and surf, 10 minutes later there's no record of it."
Non-traditional communications devices such as smartphones and game consoles pose a particular problem to law enforcement agencies trying to milk them for forensic data that reveals criminal activity, attendees were told at the 2010 Computer Forensics Show in New York City. "Forensic tools for cell phones are in their infancy," says Stephen Riley, a forensic examiner with the FBI's Computer Analysis and Response Team. "There's lots of different carriers, different phones, different cables – just try to keep up."
Smartphones can communicate via SMS, MMS, mobile e-mail, mobile internet access, VoIP and traditional cellular voice networks, Riley says, making each machine a potential treasure trove of information but also a nightmare maze of possible proprietary technologies to unlock it.
Retrieving SMS messages can depend on the model of phone, the carrier, the time of day, even the country in which the phone is used. SIM cards removed from phones carry potentially useful forensic information, but unless it is associated with a particular phone's PIN, it's inaccessible. Perhaps the personal unlock feature controlled by phone manufacturers could release the data, but that requires knowing the make and model of the phone, he says The ready availability of cell phones is also a problem. Searches of suspects' residences can turn up drawers-full of cell phones that are no longer used but never thrown out. Yet they can demand valuable forensic time.
Game consoles pose a separate problem. They can be used to send e-mail and connect to the Internet but have very little internal memory so whatever is on the drive can be quickly over written and therefore gone forever, he says. "You can take a Wii onto the Internet and it doesn't save sites or browser history," he says. "If you type in a Web address and surf, 10 minutes later there's no record of it."
Google Apps vs. Microsoft Office
Google may pose strongest long-term threat to Microsoft's dominance
Google Apps or Microsoft Office? That is the question on the minds of many CIOs today
Microsoft has long dominated the e-mail, collaboration and office tools market, and its customer list dwarfs that of Google and all other competitors. But despite the presence of well-established alternatives such as OpenOffice and IBM's Lotus Notes, some industry analysts believe Google may pose the strongest long-term threat to Microsoft's office dominance. "Google is still a wannabe, but they're Google so this is a very strong challenger," says Laura DiDio, lead analyst with Information Technology Intelligence Corp (ITIC).
Why should a business choose Google over Microsoft? Google is inexpensive, at $50 per user per year. Employees are often familiar with Gmail, so user training shouldn't be too burdensome. Outsourcing IT functions to Google lets businesses reduce internal IT expenditures and wasted time maintaining servers and applications. With Google, businesses get the basic productivity tools of e-mail, calendaring, and document creation and editing, as well as a Web site builder, private video sharing and other functions. (See related article, "Google Apps basics".)
Yet even Google has a hard time arguing that its own office tools are just as good as Microsoft's. And customers and analysts agree that Google's support is not on the same level as Microsoft's, which has far more experience dealing with the needs of enterprise customers.
But Google's momentum, and the emergence of cloud computing as a viable alternative to in-house IT systems, has clearly caused Microsoft to change the way it approaches the office market. Microsoft is offering its own online services now, and is being forced to give better pricing to customers who bring up the name of Google as a negotiation tactic.
Rexel, an electrical distributor in France, recently chose to deploy Microsoft Exchange Online instead of Google Apps and was able to get pricing that was nearly identical to Google's $50 per user per year, says CIO Olivier Baldassari
Google Apps or Microsoft Office? That is the question on the minds of many CIOs today
Microsoft has long dominated the e-mail, collaboration and office tools market, and its customer list dwarfs that of Google and all other competitors. But despite the presence of well-established alternatives such as OpenOffice and IBM's Lotus Notes, some industry analysts believe Google may pose the strongest long-term threat to Microsoft's office dominance. "Google is still a wannabe, but they're Google so this is a very strong challenger," says Laura DiDio, lead analyst with Information Technology Intelligence Corp (ITIC).
Why should a business choose Google over Microsoft? Google is inexpensive, at $50 per user per year. Employees are often familiar with Gmail, so user training shouldn't be too burdensome. Outsourcing IT functions to Google lets businesses reduce internal IT expenditures and wasted time maintaining servers and applications. With Google, businesses get the basic productivity tools of e-mail, calendaring, and document creation and editing, as well as a Web site builder, private video sharing and other functions. (See related article, "Google Apps basics".)
Yet even Google has a hard time arguing that its own office tools are just as good as Microsoft's. And customers and analysts agree that Google's support is not on the same level as Microsoft's, which has far more experience dealing with the needs of enterprise customers.
But Google's momentum, and the emergence of cloud computing as a viable alternative to in-house IT systems, has clearly caused Microsoft to change the way it approaches the office market. Microsoft is offering its own online services now, and is being forced to give better pricing to customers who bring up the name of Google as a negotiation tactic.
Rexel, an electrical distributor in France, recently chose to deploy Microsoft Exchange Online instead of Google Apps and was able to get pricing that was nearly identical to Google's $50 per user per year, says CIO Olivier Baldassari
Subscribe to:
Posts (Atom)