|
By Mel Duvall
Antivirus software vendor McAfee issued a formal apology for the mess it created when a software update it released crippled thousands of computers around the globe.
In the first public apology issued since problems surfaced last week, McAfee blamed the issue on inadequate software quality assurance.
"As you know, McAfee on [April 21] released a faulty signature update file (DAT) that caused problems for a number of our customers," said Barry McPherson, McAfee's vice president of support and customer service. "First off, I want to apologize on behalf of McAfee and say that we're extremely sorry for any impact the faulty signature file may have caused you and your organizations."
It is difficult to get a handle on how much damage the update caused as some organizations suffered complete meltdowns while many others reported no effects. Only machines running Windows XP Service Pack 3 were affected. Those running earlier service packs for Windows XP, including SP1 and SP2, were not affected. Nor were computers running Windows 2000, Vista, or the latest Microsoft operating system, Windows 7.
A Gartner analyst estimated about 10 percent of corporate desktops were hit by the glitch and news reports indicated a wide range of businesses, government agencies, hospitals and schools were affected by the faulty update. MSNBC reported that about one-third of the hospitals in Rhode Island had to postpone elective surgeries and stop treating patients without traumas in emergency rooms on Wednesday as a result of the glitch.
McAfee's McPherson said the company was able to publish a SuperDAT remediation tool early Thursday morning to help customers fix affected systems. The tool suppresses a driver causing the problem, restores the original Windows file, and then quarantines the file creating the issue.
"Of course many of you are asking how the faulty DAT made it past our quality assurance checks," McPherson said. "The problem arose during the testing process for this DAT file. We recently made a change to our QA environment that resulted in a faulty DAT making its way out of our test environment and onto customers systems."
"To prevent this from happening again, we are implementing additional QA protocols for any releases that directly impact critical system files," he added. "In addition, we plan to add capabilities to our cloud-based Artemis system that will provide an additional level of protection against false positives by leveraging an expansive whitelist of critical system files."
Judging by some of the comments posted on McPherson's blog, customers were not in a forgiving mood.
"First of all let me say I am glad we have switched nearly 75 percent of our clients away from your product prior to this happening," wrote a poster identifying himself as Charles. "I can't imagine the chaos if we hadn't. It was chaos enough for us running all over town and billing our client's for a software glitch on a program that we recommended to them."
Only registered users can write comments.
Please login or register. |
