April 22, 2010, 1:08 PM — McAfee has apologized for its anti-virus update that took down Windows XP computers around the world, but says it affected a small percentage of its customers.
A statement issued by a McAfee spokesman says that less than .5% of McAfee users were hit by the update, which misidentified a legitimate SP function as a virus and killed it. The results were computers locked in a reboot loop.
The statement also says the fatal fix passed the company's quality testing and describes the effects on customer machines as "moderate to significant issues."
The company is still trying to figure out how the error made it into the update, the statement says.
The entire McAfee response:
"In the past 24 hours, McAfee identified a new threat that impacts Windows PCs. Researchers worked diligently to address this threat that attacks critical Windows system executables and buries itself deep into a computer's memory.
"The research team created detection and removal to address this threat. The remediation passed our quality testing and was released with the 5958 virus definition file at 2.00 PM GMT+1 (6am Pacific Time) on Wednesday, April 21.
"McAfee is aware that a number of customers have incurred a false positive error due to this release. Corporations who kept a feature called "Scan Processes on Enable" in McAfee VirusScan Enterprise disabled, as it is by default, were not affected.
"Our initial investigation indicates that the error can result in moderate to significant issues on systems running Windows XP Service Pack 3.
"The faulty update was quickly removed from all McAfee download servers, preventing any further impact on customers. We are not aware of significant impact on consumers. We believe that this incident has impacted less than one half of one percent of our consumer base and enterprise accounts globally.
"McAfee teams are working with the highest priority to support impacted customers. We have also worked swiftly and released an updated virus definition file (5959) within hours and are providing our customers detailed guidance on how to repair any impacted systems.
"We are investigating how the incorrect detection made it into our DAT files and will take measures to prevent this from reoccurring."
We sincerely apologize for the inconvenience this has caused our customers"
Read more about software in Network World's Software section.