Symantec anti-virus updates hobbled a number of PCs late last week; affected customers suffered repeating blue screen of death crashes. A signature update rolled out from 11th July for Symantec Endpoint Protection 12.1 and Norton anti-virus software for businesses was found to be the culprit that widely affected Windows XP based machines. Norton Antivirus, consumer version, wasn’t affected by the problem.
The famous anti-virus vendor issued a rollback of malware signatures on Thursday that should help assuage these self-inflicted wounds. However because the faulty update is aimed at business workgroups, of which there are many running Windows XP, several big companies suffered a lot of computer down-time due to Symantec’s incompetence. For business, even more than for individuals, time = money.
How it happened
“The root cause of the issue was an incompatibility due to a three-way interaction between some third-party software that implements a file system driver using kernel stack based file objects – typical of encryption drivers, the SONAR signature and the Windows XP Cache manager. The SONAR signature update caused new file operations that create the conflict and led to the system crash.” says Symantec in a blog post about the issue. The company says it has learned from these mistakes and it won’t ever happen again.
The casualties
Reuters spoke to a representative of PSO Beheer BV in Holland, this company had 150 computers fail due to the Symantec definitions LiveUpdate. Staff were sent home and a laboratory became unusable. At the time of the Reuters report 300 corporate customers and 60 consumers were known to be affected by the bug.
One customer claims that Symantec has offered compensation for the wasted time and effort required to get machines up and running again. It’s ironic that businesses who pay for this software to keep mission critical business systems running safely and smoothly get stung by it.