April 22, 2010 by openbytes
Readers to this site may remember that recently we covered the issue of Bitdefender identifying Window system critical file as being malicious code. Personally I thought the original diagnosis was correct and the software identifying Windows as a virus was a testament to the “intelligence” of its coding.
I am sure that McAfee also had a few words to say to their coders when the same thing happened to them, with reports today stating that McAfee antivirus software is identifying and “fixing” what it believes to be malicious.
The serious issue here is that with the latest .dat update (5958) is being reported to cause SP3 of XP to go into endless reboot. Whats more worrying though is whilst the issue allegedly is predominantly XP SP3, McAfee have said:
We have individual reports of other versions of Windows being affected as well
So we have another incident here where Windows is crippled not by malicious code, but by the very software designed to protect it. Of course Microsoft will be quick to point out that the fault wasn’t theirs and a third party - which of course is correct, however you could also argue that if Windows was better secured in the first place there would not need to be so many updates of virus software in order to protect it. Maybe if Microsoft had better taken the “baton” in the first place, people would not have to look to third parties for a sense of security.
It gets worse?
So thats the end of the story? – Well no. As if Windows users didn’t have enough problems with the code created to protect them rebooting their systems, the criminal element is also at it. Taking advantage of unfortunates by playing on their desperation to get Windows working again Grahame Cluley said in his blog today:
By using blackhat SEO techniques, cybercriminals have managed to get poisoned webpages high in the search rankings if you hunt for information on the McAfee false positive. If you click on a dangerous link like this then you risk the chance of your computer being hit by a fake anti-virus attack (also known as scareware) which may attempt to con you out of your credit card details or trick you into install malicious code onto your computer.
Poor Windows users, falling foul of both cyber-criminals and also the software designed to protect them. How many more issues will users put up with? Regardless of who is to blame, is it of any consequence to the user who merely wants their computer to function and have a safe experience?
These are answers only a Windows user can give, I left it years ago and have never looked back.
Goblin – firstname.lastname@example.org
If you are new to this blog (or have not yet read it) please take time to view the Openbytes statement, here.