|
Posted by Puss in Boots on May 18, 2007, 9:29 am
If you were Registered and logged in, you could reply and use other advanced thread options
Norton AntiVirus cripples thousands of PCs in China
By Lu EnJie - Fri, 05/18/2007 - 09:45.
A routine upgrade of anti-virus software has disabled tens of
thousands of PCs in China, according to local media reports. The
faulty upgrade caused Symantec's Norton AntiVirus software to remove
critical Windows XP system files, the reports state.
The system files moved or deleted by the software include netapi32.dll
and lsasrv.dll, according to Sohu News (in Chinese). The software
incorrectly identifies the files as being infected with the
Backdoor.Haxdoor trojan. With these files removed, Windows XP will no
longer start up, and even the system safe mode no longer functions.
Only Chinese-language versions of Windows appear to be affected so
far.
The Norton AntiVirus application is part of Norton's 360 suite and it
is pre-installed in many PCs sold in China, indicating that the
problem could potentially affect millions of users.
Patched PCs vulnerable
The problem appears to stem from an update Microsoft released in
November 2006, which contained new versions of some system files, as
PCs which have not applied this update are unaffected.
Symantec has acknowledged the issue and is working on a solution,
reports said - although there is no apparent mention of it on the
company's Chinese website.
PC owners affected by the issue may be able to restore the missing
files from their Windows XP installation CDs. However, since piracy of
Windows XP is common in China, some users may not have access to these.
|
|
Posted by Virus Guy on May 18, 2007, 7:59 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Puss in Boots wrote:
> A routine upgrade of anti-virus software has disabled tens of
> thousands of PCs in China,
Really?
Tens of thousands of PC's in China are actually running some form of
AV software ?!
> The problem appears to stem from an update Microsoft released in
> November 2006
Wow - and those PC's in China are actually configured for automatic XP
updates?
> PCs which have not applied this update are unaffected.
Presumably there are millions of those...
|
|
Posted by Puss in Boots on May 19, 2007, 2:26 am
If you were Registered and logged in, you could reply and use other advanced thread options > Puss in Boots wrote:
> > A routine upgrade of anti-virus software has disabled tens of
> > thousands of PCs in China,
>
> Really?
>
> Tens of thousands of PC's in China are actually running some form of
> AV software ?!
>
> > The problem appears to stem from an update Microsoft released in
> > November 2006
>
> Wow - and those PC's in China are actually configured for automatic XP
> updates?
You underestimated China's pirate editions of Windows. These pirate
versions are even *better* than the original Windows installation CDs
because they (1) pre-tweak many system settings (Registry values) for
a better performance, (2) pre-install all the Hotfixes Microsoft has
ever released to the creation day of the pirate edition, (3) activate
the Windows Updates feature permanently, and (4) pre-install several
desktop enhancements including several popular third-party visual
styles such as Luna Element, Mac Aqua.
>
> > PCs which have not applied this update are unaffected.
>
> Presumably there are millions of those...
|
|
Posted by Virus Guy on May 20, 2007, 12:27 am
If you were Registered and logged in, you could reply and use other advanced thread options
> You underestimated China's pirate editions of Windows. These
> pirate versions are even *better* than the original Windows
> installation CDs because ...
And that would explain why so much zombie spam and zombie DNS hosting
is coming from Chinese IP space?
|
|
Posted by Oliver Betz on May 21, 2007, 7:38 am
If you were Registered and logged in, you could reply and use other advanced thread options
>A routine upgrade of anti-virus software has disabled tens of
>thousands of PCs in China, according to local media reports. The
>faulty upgrade caused Symantec's Norton AntiVirus software to remove
>critical Windows XP system files, the reports state.
and it also deletes Pegasus Mail, see pmail.com
Incredible false positives and incredible that so many people let NAV
delete files...
BTW: F-Prot 6 can't be configured to have "only warn" as action for a
manual scan from the context menu - it forces quarantine. Stupid
IMNSHO.
Oliver
--
Oliver Betz, Munich
despammed.com might be broken, use Reply-To:
|
| Similar Threads | Posted | | Bug in Chinese anti-virus software eliminates mails on Outlook Express (China Economic Net) | November 7, 2008, 11:11 am |
| Norton antivirus under DOS | October 11, 2005, 9:16 am |
| Norton Antivirus | July 18, 2006, 12:05 am |
| Norton | August 2, 2005, 6:22 pm |
| Norton AntiVirus 2006 available | September 26, 2005, 12:14 pm |
| Packrat using Norton Antivirus | February 25, 2006, 4:26 am |
| Norton Antivirus is a scam | February 1, 2007, 11:20 am |
| RE: Norton Antivirus is a SCAM | February 2, 2007, 8:32 pm |
| Norton Antivirus 2009 | September 26, 2008, 1:45 pm |
| Re: Norton Antivirus 2009 | September 28, 2008, 10:10 pm |
|
XML site map