Buggy McAfee Update Is Shutting Down XP Machines Worldwide

On Wednesday (April 21st, 2010), the popular antivirus product McAfee released an update for Windows XP that flags the system file svchost.exe as a virus. As a result, XP systems with SP3 that have downloaded this update will enter a reboot loop and have no networking capabilities. Affected users will either see a Blue Screen of Death or get a DCOM error followed by a shutdown message.

The update with the false positive is the “5958 DAT file”, it was released on April 21, 2010 and will mark svchost.exe as the “w32/wecorl.a” virus.

Here is the official statement from McAfee:

McAfee is aware that a number of customers have incurred a false positive error due to incorrect malware alerts on Wednesday, April 21. The problem occurs with the 5958 virus definition file (DAT) that was released on April 21 at 2.00 PM GMT+1 (6am Pacific Time).

Our initial investigation indicates that the error can result in moderate to significant performance issues on systems running Windows XP Service Pack 3.

The faulty update has been removed from McAfee download servers for corporate users, preventing any further impact on those customers. We are not aware of significant impact on consumer customers and believe we have effectively limited such occurrence.

McAfee teams are working with the highest priority to support impacted customers and plan to provide an update virus definition file shortly. McAfee apologizes for any inconvenience to our customers

There is currently no fix available, however there are steps you can take to prevent it from happening if you have downloaded the update but it is yet to detect svchost.exe as malicious.

16,500+

free

Signup Now!

Your Blogmaster is Bryce Whitty
Bryce Whitty is a Professional Computer Technician who started his business when he was 17 year old. Bryce writes Technibble articles about Business How-to's and stories from "the trenches".

Other Blog posts by Bryce Whitty

Ron Nader says:

April 22nd, 2010 at 12:58 am

There are fixes for this issue.

http://bit.ly/9Ijx9Z

Nathan says:

April 22nd, 2010 at 7:03 pm

My friends from Intel here in the PDX area say they were hit hard and lost a lot of office productivity and the IT staff was in a tizzy. Manufacturing apparently was not hit.

Luther says:

April 23rd, 2010 at 7:16 am

McAfee is not good antivirus software to begin with, the only reason it’s in such widespread use is it’s popularity.

shielah says:

April 23rd, 2010 at 4:25 pm

well im and individual and my pc has been hit by this….i thought it was something else..not my anti virus..who would have thought…I am using a differnent pc looking for a fix, have spent HOURS on this, now i find out it was mcafee…
thanks for posting

Randy Fromm says:

April 25th, 2010 at 9:05 am

It seems to me that in the “real world” when someone accidentally causes you harm or damages something of yours, they are ultimately responsible for reimbursing you for the damages. If someone hits your car with theirs and it’s their fault, they must pay. Courts award damages in settlements all the time.

It seems reasonable to me that McAfee owes everyone affected some real money for the loss of productivity (aka stolen time) that this has caused.

I wonder if this affected any attorneys at law? Can you say “Class Action Lawsuit”? I thought you could! lol

Guillermo Gonzalez says:

April 25th, 2010 at 8:14 pm

Here is the blog post on McAfee’s site to fix this issue.

Blog Post