A faulty McAfee antivirus software update has caused thousands of computers around the world to slow down, freeze or reboot repeatedly.
The company has confirmed that an update caused its antivirus program for corporate customers to target a harmless Windows operating system file.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
McAfee has issued a replacement update, but said the incident had impacted less than 0.5% of enterprise accounts globally and a fraction of that within the consumer base of products.
"That said, if you are one of those impacted, this is a significant event for you and we understand that," the company said in a statement.
Among those affected were hospitals in Rhode Island in the US, which were forced to postpone elective surgeries and to stop treating patients without traumas in A&E, Kentucky state police, who were told to shut down the computers in their patrol cars as technicians tried to fix the problem, and the National Science Foundation headquarters in Virginia, which lost computer access, according to the Daily Mail.
McAfee is not the only security software supplier to suffer this kind of problem, which comes just a month after antivirus software from Bitdefender locked PCs running several different versions of Windows.
"The flawed McAfee update is another symptom of the increasing sophistication of malware writers and is a problem that will continue to escalate over time, said Mel Morris, chief executive at security firm Prevx.
Criminals are essentially either hijacking or mimicking core operating system components by giving malware the same name as many of these components. This not only makes it harder for research labs to spot attacks, but also increases the chances of a false positive, whereby something is wrongly identified as malware, he said.
"In the pressure to act quickly and release a cure, suppliers inadvertently remove critical OS components and disable millions of PCs in one go," said Morris.
These suppliers need a technology that can more effectively identify these types of malware attacks by tracking them in real time and automating the process of detection, he said.