back to article McAfee splats bug that knocked punters offline

Antivirus maker McAfee has fixed a problem that cut off punters' internet connections earlier this week. The snafu, caused by a dodgy update for the Intel-owned malware whack-a-mole product, also knackered enterprise versions although it didn't send users offline. For both the consumer and business builds, the error was traced …

COMMENTS

This topic is closed for new posts.
Stop

So why are we still using scanners?

Misfiring definition updates are a well-known Achilles' Heel of security scanners, akin to punctures in pneumatic tyres, and all vendors experience problems in this area from time to time.

Apologist much?

Why are we still using virus scanners? Why aren't anti-virus vendors affected by viruses?

1
1
Anonymous Coward

McAfee..... An also ran.

0
1

Re: So why are we still using scanners?

VMyths articles from 2004? It's like the other day, when I looked up the "Ural Mountains Nuclear Disaster" so-called, and the first Google result was a page that sounded perfectly reasonable for the first couple of paragraphs, and then started talking about how the Space People had to intervene to save seventeen million lives.

3
0
Holmes

Because it's been a problem since 2004 and earlier, actually

The bloody 'iLoveYou' virus from 2000, Code Red and ilk from 2001, and so on highlighted grave weaknesses in scanners that have existed to this very day. Never mind 2004.

You can blame McAfee for spearheading that, even back in 1999:

The market for profile-based detectors dried up ... because software reviewers recommended signature-based scanning to the exclusion of all else. That's right: jour­nalists with no exper­tise told every­body to use insuf­fi­cient virus detec­tion methods.

Profile-based utilities shriveled when John McAfee released a signature scanner called VirusScan. [...] Signature methodologies complement profile methodologies, and vice versa — but McAfee told the media his scanner superceded generic detection. Reporters wrote countless stories saying we needed only one product: VirusScan.

McAfee set themselves up for this failure at least thirteen years ago.

0
0
Bronze badge

Re: @Aaron

Cheers for that, absolutely marvelous. I had to add "Space People" to find it (maybe google have these forums plugged into the page ranking algorithms). Never came across the aetherius society before, looks like scientology but with the suggestion that they have not had their sense of humour removed.

0
0
FAIL

Ah, so that explains it

I was asked to help with a friend's computer, I couldn't work it out - I could ping the router and a WAN IP, but all tcp/udp traffic was dropped. I tried disabling McAffee's firewall, to no avail, so in the end I just removed it - it's shit anyway.

3
0
Facepalm

Re: Ah, so that explains it

I couldn't even get my friends to ping it's default gateway, but Windows update traffic was fine... McAfee kept bleating about missing DLL's every time I tried to start it and disabling the services had no effect.

0
0
FAIL

More trouble than any virus

Seriously - I've seen more problems caused by McAffee over the years than I've ever seen caused by viruses on non-protected machines - they range from blocking email collected over SSL, dropping random internet traffic (this update isn't the first one to do this) and generally slowing the machine down to a crawl even when they're working 'correctly'.

6
0

Not just more trouble...

...McAfee is a virus.

I mean, let's look at it honestly: It's a program that, once installed, fucks up your computer, and then demands money to get rid of the problems you didn't have before it started running. The only part of the "scareware" definition that it misses is that it doesn't install itself when you load a dodgy Flash ad -- but, then, that's what their social-engineering, oops I mean sales, department is for!

4
1
Silver badge
Linux

try

using MSE as a last resort before giving up and going pinguin shaped

I tore McAffee out of the non-internet laptop at work because the nag screens saying it could'nt connect popped up all the time.. usually in the middle of a complex CAD model.

Someone did a system restore on it though when the battery went flat........ argghh bloody McAffee bollox windows popping up again in the middle of my CAD models again

1
0

You don't need a penguin

You just need a bit of good sense -- Firefox + Adblock Plus + Flashblock does the job just fine for me, to the extent where I don't even bother running a virus scanner. Been doing it this way for almost a decade, and I've yet to encounter a problem.

0
0
Silver badge
Facepalm

Re: More trouble than any virus

Lets not forget the dog egg that is NAV too!!!!!!!

Possibly the two most fucked up anti-anti-virus programs it has ever been my displeasure to encounter...

2
0
Anonymous Coward

Re: More trouble than any virus

Urg, we're forced to have this on our desktops at work, and it sludges up the machines to no end. Opening firefox or thunderbird can take minutes, and if you open task manager, you can guarantee it'll have mcshield.exe stuck at 25% cpu, with more page faults than there are atoms in the universe. Trying to save a file or attach one, if you accidentally browse back to the root of My Documents it'll decide it needs to scan everything in there, and lock your machine up for another couple minutes. So much wasted time dealing with the bollocks that is mcaffee...

1
0
FAIL

Re: More trouble than any virus

Spot on

0
0
Unhappy

Ah good glad that one is fixed. I mean, it's only the fourth (or more?) times that McAfee have released an update thats broken a PC. Anyone recall the definition file that required an engine upgrade? If you didn't upgrade the engine the definition file would trash McAfee and cause PC problems.

Or the Engine update that tanked the PC

or the definition update that broke the application

and so on. McAfee are a joke now.

5
0
Thumb Down

Bah

"...either left without a functioning internet connection or unable to perform any actions in the McAfee Security Center console..."

So, how is an affected user supposed to download or apply the update that fixes it?

[abandoned McAfee years ago]

0
0
Dem

Thank You

Ta for this, Reg. You prevented me hurling my computer out of the window in a fit of 'why won't this f***ing thing connect to the Internet' pique.

Funny how McAfee can get 'please buy more from us' emails out but not 'we have screwed your computer'.

Still, to be fair, once you had pointed me in the right direction, the fix was quick and painless.

0
0
Holmes

Re: hurling my computer out of the window

Couple of months ago I found a Dell tower, lcd and keyboard in the cardboard recycling bin at work. Much to my surprise all are working, though XP would not boot at first. It was some problem with either Norton or McAfee, which I solved by removing it. Tower is going to a workmate who needs a better computer, after I put in a bit more ram.

Imagine trying to run even XP on 512Mb of ram (as shipped by Dell) and either of those boated AV's. No wonder it went into the bin, aside from the boot issue.

0
0
Bronze badge
Facepalm

Re: hurling my computer out of the window

No imagination necessary. I was consulting at a client with just that - 512 MB Dell laptops + Norton.

Every morning, sure as the sun rises in the east, NAV would take 45 minutes to scan everything and use 200MB of those measly 512 to do so. Couldn't really expect to really start working before 10 as a result.

Us contractors had actually proposed buying the effin RAM for the customer, on our dime. Just to skip the aggravation. Dell being Dell however, the RAM was long since discontinued. Neither did the customer's accounting department fully grasp the difficult concept of 50% efficiency loss x 0.75 hours x $100/hour x 200 days was far more than the RAM would have cost.

NAV and McAfee are far more destructive of productivity than any virus can realistically dream of being.

1
0
Coat

Typo in article:

"Misfiring definition updates are a well-known Achilles' Heel of McAfee, akin to having your tyres slashed by the local Kwik Fit, and all versions brick your PC from time to time."

There, much better.

4
0
Bronze badge
Childcatcher

Thanks to McAfee

I recently shifted to IS from more general network and desktop admin work. I am quite happy about this as problems of this nature actually increase my job security. From a purely cynical perspective, riding herd on dodgy software equates to bigger paychecks.

On a more practical note, delaying the implementation of DAT files across your enterprise by a day or two will prevent this crap from happening to you. Treat DAT files like any other change to your environment: test first, then deploy to the field.

2
0
FAIL

Utter Muppets

McCrappy have a history of this clueless stuff. Had to use this terrible software for 7 years in an Enterprise Environment and all the problems we have had caused by McCrappy DAT updates not tested before they send them out. Beggars belief. When it actually works it fails to deal with infections.

1
0
Bronze badge

Re: Utter Muppets

Why didn't you stagger the releases, epo can do that and so can Symantec etc...

Although not my preferred choice of AV (Eset) ePo was very easy, the only problem I found was every support contract renewal a feature included suddenly became seperate and meant having to buy an add-on. In the end was forced to go with our group's choice Symantec.

0
0
Anonymous Coward

It isn't just the operation that's bad

Its the design.

Why not distribute updates over http so you can use proxies to ease the load on your main servers and wan links?

A major corp I worked at had issues a few years ago when the update client didn't shut down network connections as expected. Thousands of hosts tried to connect at around the same time and DOS'ed the firewall (I know, don't get me started on that config...) which took out LOB services too (and there's another thing not to get me started on).

0
0
FAIL

If McCrapAfee actually TESTED their software......

...... these problems would not arise.

But then, I no longer have these problems because after years of suffering McCrapAfee, I now use AVG.

END OF PROBLEMSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS.

1
0
Anonymous Coward

Re: If McCrapAfee actually TESTED their software......

Start of BUY NOW

You can't use this feature

Why didn't it block that virus

0
0

When will signature scanning end?

I've posted this idea before, but will signature based scanning ever end? It's trivial to get around now; 'whack a mole' characterizes it perfectly. The question is, what's the answer? White listing/digital signatures? Heuristics?

0
0
This topic is closed for new posts.

Forums