back to article McAfee splats bug that knocked punters offline

Antivirus maker McAfee has fixed a problem that cut off punters' internet connections earlier this week. The snafu, caused by a dodgy update for the Intel-owned malware whack-a-mole product, also knackered enterprise versions although it didn't send users offline. For both the consumer and business builds, the error was traced …

COMMENTS

This topic is closed for new posts.
  1. Gordon Fecyk
    Stop

    So why are we still using scanners?

    Misfiring definition updates are a well-known Achilles' Heel of security scanners, akin to punctures in pneumatic tyres, and all vendors experience problems in this area from time to time.

    Apologist much?

    Why are we still using virus scanners? Why aren't anti-virus vendors affected by viruses?

    1. Anonymous Coward
      Anonymous Coward

      McAfee..... An also ran.

    2. Aaron Em

      Re: So why are we still using scanners?

      VMyths articles from 2004? It's like the other day, when I looked up the "Ural Mountains Nuclear Disaster" so-called, and the first Google result was a page that sounded perfectly reasonable for the first couple of paragraphs, and then started talking about how the Space People had to intervene to save seventeen million lives.

      1. Gordon Fecyk
        Holmes

        Because it's been a problem since 2004 and earlier, actually

        The bloody 'iLoveYou' virus from 2000, Code Red and ilk from 2001, and so on highlighted grave weaknesses in scanners that have existed to this very day. Never mind 2004.

        You can blame McAfee for spearheading that, even back in 1999:

        The market for profile-based detectors dried up ... because software reviewers recommended signature-based scanning to the exclusion of all else. That's right: jour­nalists with no exper­tise told every­body to use insuf­fi­cient virus detec­tion methods.

        Profile-based utilities shriveled when John McAfee released a signature scanner called VirusScan. [...] Signature methodologies complement profile methodologies, and vice versa — but McAfee told the media his scanner superceded generic detection. Reporters wrote countless stories saying we needed only one product: VirusScan.

        McAfee set themselves up for this failure at least thirteen years ago.

      2. vic 4

        Re: @Aaron

        Cheers for that, absolutely marvelous. I had to add "Space People" to find it (maybe google have these forums plugged into the page ranking algorithms). Never came across the aetherius society before, looks like scientology but with the suggestion that they have not had their sense of humour removed.

  2. My Alter Ego
    FAIL

    Ah, so that explains it

    I was asked to help with a friend's computer, I couldn't work it out - I could ping the router and a WAN IP, but all tcp/udp traffic was dropped. I tried disabling McAffee's firewall, to no avail, so in the end I just removed it - it's shit anyway.

    1. ed 26
      Facepalm

      Re: Ah, so that explains it

      I couldn't even get my friends to ping it's default gateway, but Windows update traffic was fine... McAfee kept bleating about missing DLL's every time I tried to start it and disabling the services had no effect.

  3. Anonymous Coward
    FAIL

    More trouble than any virus

    Seriously - I've seen more problems caused by McAffee over the years than I've ever seen caused by viruses on non-protected machines - they range from blocking email collected over SSL, dropping random internet traffic (this update isn't the first one to do this) and generally slowing the machine down to a crawl even when they're working 'correctly'.

    1. Aaron Em

      Not just more trouble...

      ...McAfee is a virus.

      I mean, let's look at it honestly: It's a program that, once installed, fucks up your computer, and then demands money to get rid of the problems you didn't have before it started running. The only part of the "scareware" definition that it misses is that it doesn't install itself when you load a dodgy Flash ad -- but, then, that's what their social-engineering, oops I mean sales, department is for!

    2. Boris the Cockroach Silver badge
      Linux

      try

      using MSE as a last resort before giving up and going pinguin shaped

      I tore McAffee out of the non-internet laptop at work because the nag screens saying it could'nt connect popped up all the time.. usually in the middle of a complex CAD model.

      Someone did a system restore on it though when the battery went flat........ argghh bloody McAffee bollox windows popping up again in the middle of my CAD models again

      1. Aaron Em

        You don't need a penguin

        You just need a bit of good sense -- Firefox + Adblock Plus + Flashblock does the job just fine for me, to the extent where I don't even bother running a virus scanner. Been doing it this way for almost a decade, and I've yet to encounter a problem.

    3. Anonymous Coward
      Facepalm

      Re: More trouble than any virus

      Lets not forget the dog egg that is NAV too!!!!!!!

      Possibly the two most fucked up anti-anti-virus programs it has ever been my displeasure to encounter...

    4. Anonymous Coward
      Anonymous Coward

      Re: More trouble than any virus

      Urg, we're forced to have this on our desktops at work, and it sludges up the machines to no end. Opening firefox or thunderbird can take minutes, and if you open task manager, you can guarantee it'll have mcshield.exe stuck at 25% cpu, with more page faults than there are atoms in the universe. Trying to save a file or attach one, if you accidentally browse back to the root of My Documents it'll decide it needs to scan everything in there, and lock your machine up for another couple minutes. So much wasted time dealing with the bollocks that is mcaffee...

    5. Chunky Lafunga
      FAIL

      Re: More trouble than any virus

      Spot on

  4. Just a geek
    Unhappy

    Ah good glad that one is fixed. I mean, it's only the fourth (or more?) times that McAfee have released an update thats broken a PC. Anyone recall the definition file that required an engine upgrade? If you didn't upgrade the engine the definition file would trash McAfee and cause PC problems.

    Or the Engine update that tanked the PC

    or the definition update that broke the application

    and so on. McAfee are a joke now.

  5. Sureo
    Thumb Down

    Bah

    "...either left without a functioning internet connection or unable to perform any actions in the McAfee Security Center console..."

    So, how is an affected user supposed to download or apply the update that fixes it?

    [abandoned McAfee years ago]

  6. Dem

    Thank You

    Ta for this, Reg. You prevented me hurling my computer out of the window in a fit of 'why won't this f***ing thing connect to the Internet' pique.

    Funny how McAfee can get 'please buy more from us' emails out but not 'we have screwed your computer'.

    Still, to be fair, once you had pointed me in the right direction, the fix was quick and painless.

  7. DanceMan
    Holmes

    Re: hurling my computer out of the window

    Couple of months ago I found a Dell tower, lcd and keyboard in the cardboard recycling bin at work. Much to my surprise all are working, though XP would not boot at first. It was some problem with either Norton or McAfee, which I solved by removing it. Tower is going to a workmate who needs a better computer, after I put in a bit more ram.

    Imagine trying to run even XP on 512Mb of ram (as shipped by Dell) and either of those boated AV's. No wonder it went into the bin, aside from the boot issue.

    1. Jean-Luc
      Facepalm

      Re: hurling my computer out of the window

      No imagination necessary. I was consulting at a client with just that - 512 MB Dell laptops + Norton.

      Every morning, sure as the sun rises in the east, NAV would take 45 minutes to scan everything and use 200MB of those measly 512 to do so. Couldn't really expect to really start working before 10 as a result.

      Us contractors had actually proposed buying the effin RAM for the customer, on our dime. Just to skip the aggravation. Dell being Dell however, the RAM was long since discontinued. Neither did the customer's accounting department fully grasp the difficult concept of 50% efficiency loss x 0.75 hours x $100/hour x 200 days was far more than the RAM would have cost.

      NAV and McAfee are far more destructive of productivity than any virus can realistically dream of being.

  8. Medium Dave
    Coat

    Typo in article:

    "Misfiring definition updates are a well-known Achilles' Heel of McAfee, akin to having your tyres slashed by the local Kwik Fit, and all versions brick your PC from time to time."

    There, much better.

  9. Robert Helpmann??
    Childcatcher

    Thanks to McAfee

    I recently shifted to IS from more general network and desktop admin work. I am quite happy about this as problems of this nature actually increase my job security. From a purely cynical perspective, riding herd on dodgy software equates to bigger paychecks.

    On a more practical note, delaying the implementation of DAT files across your enterprise by a day or two will prevent this crap from happening to you. Treat DAT files like any other change to your environment: test first, then deploy to the field.

  10. Chunky Lafunga
    FAIL

    Utter Muppets

    McCrappy have a history of this clueless stuff. Had to use this terrible software for 7 years in an Enterprise Environment and all the problems we have had caused by McCrappy DAT updates not tested before they send them out. Beggars belief. When it actually works it fails to deal with infections.

    1. Captain Scarlet

      Re: Utter Muppets

      Why didn't you stagger the releases, epo can do that and so can Symantec etc...

      Although not my preferred choice of AV (Eset) ePo was very easy, the only problem I found was every support contract renewal a feature included suddenly became seperate and meant having to buy an add-on. In the end was forced to go with our group's choice Symantec.

  11. Anonymous Coward
    Anonymous Coward

    It isn't just the operation that's bad

    Its the design.

    Why not distribute updates over http so you can use proxies to ease the load on your main servers and wan links?

    A major corp I worked at had issues a few years ago when the update client didn't shut down network connections as expected. Thousands of hosts tried to connect at around the same time and DOS'ed the firewall (I know, don't get me started on that config...) which took out LOB services too (and there's another thing not to get me started on).

  12. PeterM42
    FAIL

    If McCrapAfee actually TESTED their software......

    ...... these problems would not arise.

    But then, I no longer have these problems because after years of suffering McCrapAfee, I now use AVG.

    END OF PROBLEMSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSSS.

    1. Anonymous Coward
      Anonymous Coward

      Re: If McCrapAfee actually TESTED their software......

      Start of BUY NOW

      You can't use this feature

      Why didn't it block that virus

  13. MyronC

    When will signature scanning end?

    I've posted this idea before, but will signature based scanning ever end? It's trivial to get around now; 'whack a mole' characterizes it perfectly. The question is, what's the answer? White listing/digital signatures? Heuristics?

This topic is closed for new posts.