McAfee DAT Update for Windows XP Shuts Down Computers Worldwide; We Have the Fix

April 21, 2010, By Alex Ion

If you’re still running Windows XP along with McAfee Antivirus, you may be at risk. Yes, we know that’s a bit weird, but it’s true as we’re hearing a McAfee Update to XP customers is actually causing serious trouble by shutting down computers.

Apparently, the update (DAT update 5958) gives a false-positive that kills a Windows file, SVCHost.exe, which ultimately sets off reboot loops that can’t be stopped easily, making your computer almost useless unless you know what you’re doing.

But worry no more, unless it’s too late we have the fix for you.

Word on the street is that an Intel facility has been hit, as well as Dish Network call centers, but I have a feeling there’s more to it than we know right now — since the McAfee update kills network functionality, it’s probably hard to report how many borked PCs you have.

From what it looks like, McAfee knows about the issue, and while we think they did a great job screwing things up, they do seem like not much harm has been done. In a statement sent to Engadget, they say:

McAfee is aware that a number of customers have incurred a false positive error due to incorrect malware alerts on Wednesday, April 21. The problem occurs with the 5958 virus definition file (DAT) that was released on April 21 at 2.00 PM GMT+1 (6am Pacific Time).

Our initial investigation indicates that the error can result in moderate to significant performance issues on systems running Windows XP Service Pack 3.

The faulty update has been removed from McAfee download servers for corporate users, preventing any further impact on those customers. We are not aware of significant impact on consumer customers and believe we have effectively limited such occurrence.

McAfee teams are working with the highest priority to support impacted customers and plan to provide an update virus definition file shortly. McAfee apologizes for any inconvenience to our customers

I wonder how soon they’ll fix the problem; just imagine counseling some 100,000 people who have been affected by this faulty McAfee update. Not as easy as you think … folks.

For those with an Internet connection at hand, here is a possible fix for update 5958 courtesy of scratchfury on Twitter.

1) Root to safe mode
2) Rename mcshield.exe

3) Reboot
4) Run Virus Console
5) Pick Tools -> Rollback DAT
6) Name back to mcshield
7) Reboot

© 2008-2012 - All rights reserved | Privacy Policy