March 13, 2006 McAfee Update Wrecks Havoc By Gregg Keizer Courtesy of Page 2 of 2 Customers flooded the company's message forums with questions and tales of broken applications. "I tried to open Excel, and it tries to install itself again, then fails," wrote a poster identified only as "Waterlily." "I need to use Excel, what should I do?" "So what do you do if instead of quarantining those files, you deleted them?" asked "Bethany." "I bet I'm just screwed." Quarantined files could be restored, said Telafici, once the corrected DAT was downloaded and installed, but deleted files were another matter. On its going to a backup or using Windows XP's System Restore feature to roll back the machine to a point before the flawed DAT. "We're still looking at what we can do for customers," said Telafici. He wouldn't quantify how many users might have deleted files, and only said that McAfee was working with "some." However, McAfee has come up with tools to move quarantined files on enterprise machines back to their proper places. The tools have not been posted to its site, but will instead be provided to business users through offline support channels. Such "false positives" are much more common in than in detection, but they occasionally happen, Telafici said. "But I've never seen anything on this scale," he admitted. "False positives are actually very common," added Richard Stiennon, chief research analyst at Michigan-based IT-Harvest. "They're particularly common for programs that aren't widely distributed, like some game." Most of the time the mistaken identity occurs when a security researcher finds a malicious and tags its filename as belonging to a virus or worm, but doesn't realize that the same filename has been used by a legitimate program. This should have been caught by McAfee's quality control process, Stiennon said, noting that many of the files netted by VirusScan were commonly-known executables. McAfee's Telafici acknowledged as much. "This was a combination of unusual circumstances, Telafici said in explaining what happened. "There was one off in a signature, and there was a hole in our testing process." E-mail This Story Print This Story Page 1 | 2 Get the latest Messaging news, product info, and trends every week.			Spyware And Adware Continue To Plague PCs FTC Smacks Spammer With $900K Fine IM: Real-Time Securrity Problems For Financial Services Bot Herders Ready Attack Against Message Forums Researchers Warn Of Coming Tax Scams Microsoft Vows To Keep Pressure On Phishers     Messaging Pipeline's Main RSS Feed     Messaging Pipeline's Blog RSS Feed Editorial and vendor perspectives The Six Flavors Of Windows Vista Microsoft plans to release a full six-pack of Vista versions, one for every taste. Which Vista will be right for you? Hope is Not Enough When It Comes To Compliance Three Ways To Authenticate E-Mail And Stop Spam Wikis In The Workplace Review: Google Desktop 3 Vendors are now talking about how collaboration can be improved by integrating video with messaging applications. They're even talking about adding live TV to mobile phones. How far do you go before it becomes a bandwidth and business productivity drain? Video is a great idea     13% Video is fine but there needs to be size limits     25% It's never used for anything really productive     38% I draw the line at live TV     25% In search of messaging products? Check out our brand new Product Finder for a directory of groupware and collaboration tools, security products, archiving solutions, and more.