Bit Offender: Latest Antivirus Update Kills Systems
Customers of the antivirus/antimalware company BitDefender ran headfirst into a major problem over the weekend, courtesy of a (very) faulty virus definition update for systems using 64-bit flavors of Windows. After installation, users flooded the company's forums complaining that BD was now identifying every executable on the system as being infected. To its credit, Bit Defender responded quickly to the situation; the update was apparently yanked less than a day after it was made available. The following is an exerpt from BD's official webpage on the topic:
"Today BitDefender products running on Windows 64-bit systems experienced problems caused by a faulty update. Multiple BitDefender and Windows files have been incorrectly detected as Trojan.FakeAlert.5 and have been moved to quarantine. Based on the information we have, only .exe, .dll and other binary files have been quarantined (no pictures or documents). Consequently, on some systems BitDefender did not run anymore, applications did not work and/or Windows did not start on those systems."
The same site links to various tools and procedures that can be used to repair the problem, including those systems which are no longer capable of booting. There's no published method for repairing the problem en masse, unfortunately, which means IT admins who rolled the update out across a corporate network all at once may be stuck fixing the problem one system at a time. Kudos to BD for jumping on the problem as quickly as it did, but this is the sort of issue that makes us wonder if the company is performing the right sort of in-house testing. It's one thing to have an update that kicks back false positives on a few esoteric executables that the majority of people don't use. An update that locks out every single executable is something that really should have been caught before it was rolled out; it's not as if booting and restarting a system is a high bar for product testing.
If you have been impacted by this issue we suggest you download the tools to solve it directly from BD. The company notes that malware authors have already started distributing fake solution tools with botnets baked in.
"Today BitDefender products running on Windows 64-bit systems experienced problems caused by a faulty update. Multiple BitDefender and Windows files have been incorrectly detected as Trojan.FakeAlert.5 and have been moved to quarantine. Based on the information we have, only .exe, .dll and other binary files have been quarantined (no pictures or documents). Consequently, on some systems BitDefender did not run anymore, applications did not work and/or Windows did not start on those systems."
The same site links to various tools and procedures that can be used to repair the problem, including those systems which are no longer capable of booting. There's no published method for repairing the problem en masse, unfortunately, which means IT admins who rolled the update out across a corporate network all at once may be stuck fixing the problem one system at a time. Kudos to BD for jumping on the problem as quickly as it did, but this is the sort of issue that makes us wonder if the company is performing the right sort of in-house testing. It's one thing to have an update that kicks back false positives on a few esoteric executables that the majority of people don't use. An update that locks out every single executable is something that really should have been caught before it was rolled out; it's not as if booting and restarting a system is a high bar for product testing.
If you have been impacted by this issue we suggest you download the tools to solve it directly from BD. The company notes that malware authors have already started distributing fake solution tools with botnets baked in.
