Breaking News: Qld govt IT to be raked by audit

ZDNet / Security / Story

McAfee clients: do you have the guts?

By Ben Grubb, ZDNet.com.au on April 23rd, 2010 

Topics

security, mcafee

Top related stories

CommBank hit by McAfee bug too

CommBank hit by McAfee bug too

McAfee update causes Windows XP crashes

McAfee update causes Windows XP crashes

Coles closes stores due to McAfee bug

Coles closes stores due to McAfee bug

Related gallery

AusCERT 2012 pics: Vaders and Terminators

AusCERT 2012 pics: Vaders and Terminators

Re-tweeted by

bengrubb@bengrubb

DiscWA@DiscWA

bengrubb@bengrubb

bengrubb@bengrubb

Submit

blog McAfee customers whose systems went down yesterday should demand they get given money or an extended licence for the time they had to spend fixing the problem.

Yesterday, supermarket Coles said it had been affected by a bug contained in an update of McAfee's antivirus software. Due to this, 18 of its supermarkets had to close for a period of time in Western Australia and South Australia. That's thousands of dollars lost, and all because of a virus definition that wasn't tested properly.

Coles wasn't the only one affected, with the Commonwealth Bank and Virgin Mobile also having problems, and there's likely to be more.

McAfee has already taken the blame and said sorry on its blog, but even then you could see it was trying hard to minimise its embarrassment.

I mean, it even tried to downplay how widespread the problem was.

"We believe that this incident has impacted less than one half of 1 per cent of our enterprise accounts globally and a fraction of that within the consumer base home users of products such as McAfee VirusScan Plus, McAfee Internet Security Suite and McAfee Total Protection. That said, if you're one of those impacted, this is a significant event for you and we understand that," it had said yesterday.

The company has since retracted that statement, changing the estimate to a "small percentage" of its enterprise accounts.

This would have really annoyed me if I was an IT manager for one of what was then considered the "less than one half of 1 per cent". If I was running around trying to get machines up while users sat around and tapped their feet in anger or thousands of dollars in revenue wasn't being made, I would have thought, "You bet this is a significant event for me".

After a situation like that, I would have been thinking: "I want my money back. No, better, I want my time back." And as everyone knows, time costs money. So Coles, Commonwealth Bank, Virgin Mobile and others: do you have the guts to ask for compensation? This is how the corporate world works, right?

Should McAfee compensate clients?

Talkback

It's not that it was a mistake, it was a horrible, stupid, ugly, should-have-never-happened, virus-scanning 101, mistake.

bippibippi April 24th, 2010
Report offensive content Reply (0) (0)

It is a pity to see a large company such as Coles still tied to a vendor of such dubious quality software (Microsoft) that it needs protection from a third party company. I don't think you can blame McAfee for doing their best all these years to protect users from the zillions of types of malware for Microsoft systems. I would expect a few blips each year from suppliers such as McAfee et al .... after all Microsoft in the past has never done too much to aid these security companies in their endeavours. With the awareness of security threats to Microsoft systems now I would think it is time to move to a Unix/Linux solution in the corporate sector, and leave the buggy, virulent stuff to home users who accept it as part of using Microsoft products.
Disclaimer: I do use Microsoft systems or McAfee applications.

DigiGuyDigiGuy April 24th, 2010
Report offensive content Reply (0) (0)

@DigiGuy
You do realise that this problem isn't caused by Microsoft. While MS had its problems in the past, I won't say they're of dubious quality, that's just FUD.

hhandokohhandoko April 24th, 2010
Report offensive content Reply (0) (0)

@hhandoko - Yes I do realise that the immediate problem is a McAfee one, and it does sound pretty bad and all the IT guys going up the wall .. you have my sympathy. My point is/was that Microsoft has been producing software which is vulnerable to malware/virus/etc even if all system patches are applied, it is too easy to get into nearly all the time.It is inevitable that there will be human error along the way, from McAfee and all the others, this situation will probably repeat at great cost to corporates and the community at large. The USS Microsoft is a leaky boat, it seems that Unix style systems don't have these problems or these needs for third party help. Have a nice weekend.

DigiGuyDigiGuy April 24th, 2010
Report offensive content Reply (0) (0)

Words like "negligence" and "incompetence" come to mind with this issue.

Why? Because a whitelist of the checksums of core system files is one of the most obvious, basic things a virus scanner should use to protect against this issue ... yet nobody seems to bother doing it.

I'm sure Microsoft would gladly provide such a checksum list, and even if they won't it's not too hard to generate one by stepping a machine through every system update one by one and checksumming all changed system DLLs and executables.

Perhaps McAfee actually does this and somehow failed to include a particular version of svchost.exe in their whitelist. That'd still be pretty pathetic for an outfit of their size and age, but at least understandable. If that was the case, though, you'd think they'd be saying so. I suspect they just don't whitelist.

ringercringerc April 25th, 2010
Report offensive content Reply (0) (0)

I agree Coles should seek compensation although I think AV on POS is a bit of a bad design, you should design so that the POS (point of sale not the other acronym) can't get infected and any infection is discovered and quickly dealt with.

changlinnchanglinn April 25th, 2010
Report offensive content Reply (0) (0)

You know what? Last time I worked for a company which required up to date systems to do business (including AV!), we had test systems. You know how many updates, from ANY vendor, got through without a thorough testing? Zero. Not from Microsoft, nor Sun, nor Oracle. If we tested THEIR updates, nobody has any business deploying an update from McAfee to a production system without thorough testing.

While I understand that people are mad, the current assumption of liability is not on McAfee. If we want that to change, we need to confront the entire industry. And you know what? AV will become a WHOLE lot more expensive.

This isn't a good thing. Let companies who need high-reliability systems spend the money on testing. Let companies who want a cheap product have it. If Coles will lose a bunch of money if their computers crash, they either need insurance or a good testing department.

LionellPackLionellPack April 25th, 2010
Report offensive content Reply (0) (0)

LionellPackLionellPack:
The level of testing for AV and security updates in general are a risk balancing act, and with how quickly exploits now appear and a virus/worm can spread, the risk is too high for customers to wait and do a full regression test before deploying virus definition updates. The AV vendors have to have a good automated set of test systems before they post the defs up on their update sites.
Because of the risk exposure current AV products (all that I've worked with) assume that definitions will automatically become available to clients as soon as the server downloads them, and several make it quite difficult to remove a definition (it's as if they just didn't seem to think that would ever need to be done?).
For client machines, in a large org, all apps should be packaged and so a machine can just be reimaged (after the def fix is in-plcae) and apps auto-install, for a quick restoration.
Most servers are another matter, and that's where having AV configured to delete files it can't clean instead of quarantining is just too much of a risk.

Anonymous readerAnonymous reader April 27th, 2010
Report offensive content Reply (0) (0)
Add your opinion

In order to post a comment, you need to be registered. (Sign In or register below)

Post your comment

Terms of Service - As a ZDNet registrant, and by using this service, you indicate that you agree to our Terms and Conditions and have read and understand our Privacy Policy.

Tech Blueprint

IT Priorities Special Report: Security

Emerging Technologies, and the New IT Security Landscape

IDC White Paper on Consumerisation Security

Get expert advice for developing or improving your BYOD security strategy.
Read white paper >

Mobile Trends and Perceptions

Survey by Decisive Analytics exposes the good and bad realities of BYOD.
Read analyst report >

ZDNet Australia Live

NBN users opt for 100Mbps http://t.co/ftKGRzye

#IT Priorities: #servers and #storage: webinar sponsored by @IBM http://t.co/BGq8LYd5 via @zdnetaustralia

Post 'social' improved speed to information and context: By Oliver Marks | May 24, 2012, 9:47pm PDT... http://t.co/VGN2hxtp #socialmedia

RT @zdnetaustralia: Should bug hunting for biometric systems be restricted to govt and industry? http://t.co/oj0oOkv7 ^ML

Exploring: http://t.co/WzikDISk

There's trouble with three major Linux desktop application developers. #Linux http://t.co/uR07K9W6

IT Priorities: servers and storage http://t.co/BGq8LYd5 via @zdnetaustralia

Couple of things: Firstly the most important one: "We expect to see that ratio shifting around a bit,"- well says it all almost. Basica...

6 minutes ago by AWY on NBN users opt for 100Mbps

Exploring: NBN users opt for 100Mbps: Customers are picking the top fibre plan that is available o... http://t.co/9PwLO0NU #ICTChallenge

Exploring: NBN users opt for 100Mbps: Customers are picking the top fibre plan that is available o... http://t.co/JWTrVow1 #ICTChallenge

Exploring: http://t.co/8iFmRUbZ

NBN users opt for 100Mbps http://t.co/atP8fi1L

Can #Windows Phone bring a new challenge? http://t.co/CpTjZ2lk via @zdnetaustralia

NBN users opt for 100Mbps - ZDNet Australia http://t.co/eVVB5xyS

NBN users opt for 100Mbps - ZDNet Australia http://t.co/4oaTruaN

Where's Mathew whats-his-face complaining about how the secret nasty NBNCo plan is all about "forcing" people onto higher ARPU? Sounds l...

34 minutes ago by Gwyntaglaw on NBN users opt for 100Mbps

Story filed for @zdnetaustralia. Please don't tell @engochick that I've waffled on for 1200 words. I'm exhausted now.

RT @markjohnston_au: Australian Privacy Laws catching up with the world http://t.co/OCU7uwqe but will this help change tickbox security to real protection?

Given the early priority given to Tasmania, it is around 90% likely that the entire state will receive the full NBN rollout as originally...

37 minutes ago by Gwyntaglaw on NBN's Tassie upgrade to cost $1.3 million

NSW outlines datacentre migration plans - ZDNet Australia: NSW outlines datacentre migration plansZDNet Australi... http://t.co/MosIfczQ

NBN users opt for 100Mbps - ZDNet Australia: Brisbane TimesNBN users opt for 100MbpsZDNet AustraliaCustomers are... http://t.co/T5oBSVZQ

A relevant lesson for NZ - NBN users opt for 100Mbps http://t.co/KScaSdRI via @zdnetaustralia

RT @zdnetaustralia: #NBN users are opting for 100Mbps plans on fibre more than any other, according to NBN Co http://t.co/oTl5R1UY ^jt

RT @ninefold: Interesting Q&A on #cloud security, debating Patriot Act & more: ZDNet Australia http://t.co/qc933yKJ

#DataCentre NSW outlines datacentre migration plans - ZDNet Australia: NSW outlines datacentre migration plansZD... http://t.co/ViOllBWa

Interesting Q&A on #cloud security, debating Patriot Act & more: ZDNet Australia http://t.co/qc933yKJ

NBN users opt for 100Mbps http://t.co/YwwtyyNP

NBN users opt for 100Mbps http://t.co/5pkGDfHq via @zdnetaustralia

RT @zdnetaustralia: #NBN users are opting for 100Mbps plans on fibre more than any other, according to NBN Co http://t.co/oTl5R1UY ^jt

If you’re running 1:1 then whoever it was that did the original design did not future proof. You should aim to 10:1 for small use stati...

58 minutes ago by amckern on 30 servers to 7: BUPA redoes virtualisation

NSW outlines datacentre migration plans - ZDNet Australia http://t.co/uM54858G

NSW outlines datacentre migration plans - ZDNet Australia http://t.co/2F4qnFnF

RT @zdnetaustralia: #NBN users are opting for 100Mbps plans on fibre more than any other, according to NBN Co http://t.co/oTl5R1UY ^jt

RT @zdnetaustralia: #NBN users are opting for 100Mbps plans on fibre more than any other, according to NBN Co http://t.co/oTl5R1UY ^jt

RT @zdnetaustralia: #NBN users are opting for 100Mbps plans on fibre more than any other, according to NBN Co http://t.co/oTl5R1UY ^jt

Yes, after all when you do your personal tax return, you don't say to your accountant: "oh, give the government a couple of thousand out...

1 hour ago by meski on Much ado about Google's tax

That would be Ayn, not Ann. And if you read Atlas Shrugged and came away with the impression of selfish, there's not much I can say to c...

1 hour ago by meski on Much ado about Google's tax

by http://t.co/vmlLt4bh: NBN users opt for 100Mbps: Customers are picking the top fibre plan that is available on... http://t.co/5GJcYYte

NBN users opt for 100Mbps: Customers are picking the top fibre plan that is available on the National Broadband ... http://t.co/dvPawsBi

RT @zdnetaustralia: #NBN users are opting for 100Mbps plans on fibre more than any other, according to NBN Co http://t.co/oTl5R1UY ^jt

NBN users opt for 100Mbps: Customers are picking the top fibre plan that is available on the National Broadband ... http://t.co/3rJ41YBn

Download Angry Birds Space free

1 hour ago by EminnyAssence on iiNet undercuts Internode with NBN pricing

I think the CBA point here is fairly much moot now. There was some, limited, argument for it before the NBN began, but as many people hav...

2 hours ago by seven_tech on NBN cost-benefit analyses are so 2011

Reading this article is like stepping back in time. If I was Paul Berryman I would hang my head in shame. How embarrassing!!! I can’t b...

5 hours ago by MikeSkoey on 30 servers to 7: BUPA redoes virtualisation

The registration sticker provided a visual reminder to the driver to renew regardless of what happened to the renewal letter. The experie...

5 hours ago by dccharron on NSW ditches rego stickers for tech

"xfire: Why is telecommunications being treated different to roads, water and electricity?" Good question, my guess is AUS is far behind...

5 hours ago by ngoctranminh on Five pros and cons of the NBN

Thanks for the response Luke, Given that the quotes are accurate, then the person in charge of the Vic Health App needs to find another j...

5 hours ago by butterflyeffecs on Android fragmentation steers Vic Health

Nice analogy. Another factor is whether you can find 50 people with powerful enough weapons. Minassian's argument is essentially that the...

5 hours ago by Mukimu on National Botnet Network coming: Earthwave

It's nice to see Tas finally get some decent internet connectivity, for too long Tas has been stooged on decent internet connectivity but...

6 hours ago by Jingles on NBN's Tassie upgrade to cost $1.3 million

Who is Luke Hartsuyker? He must be the Apprentice FUDster. As PaulPC has already said regional consumers want, deserve and are entitled...

6 hours ago by dickster on Regional review highlights NBN, mobile

Its good to see the NBN keeping up with the latest equipement & letting the people benefit from it. After all thats why it was a trial, ...

6 hours ago by fibretech on NBN's Tassie upgrade to cost $1.3 million

Shadow Minister for Regional Communications Luke Hartsuyker has got it wrong. Regional consumers want improved mobile services AND the NB...

7 hours ago by PaulPC on Regional review highlights NBN, mobile

Just remember that Google haven't broken any laws here, they're just doing what all their other multinational competitiors do; minimise t...

8 hours ago by Pachanga on Much ado about Google's tax

ルイヴィトン バッグ : http://www.lovebagjp.com/ Louis Vuitton bags, Louis Vuitton pretension nose about,Louis Vuitton daydre...

8 hours ago by bundLourb on Reservoir blogs: Fan fakes Tarantino diary

シャネル バッグ : http://www.bagssalejp.org/ Chanel trap,chanel shekels,gucci bags,direct purse,poor recent Louis Vuitton keep...

10 hours ago by bybrinkLync on Reservoir blogs: Fan fakes Tarantino diary

This story has been voted 12000 times in the last 24 hours!

1 day ago, Is Bill Gates a great leader?

This story has been voted 10 times in the last 24 hours!

2 days ago, CeBIT 2012 opens: photos

This story has been voted 15 times in the last 24 hours!

2 days ago, Lenovo ThinkPad 3G tablet (32GB)

Facebook Activity

Keep up with ZDNet Australia

LinkedinLinkedin Join our network

RSS FeedsRSS Feeds Subscribe now

NewslettersNewsletters Subscribe today

AlertAlertsSubscribe now

ZDNet Events Calendar

ZDNet Events Calendar

Plan Comparison

Prev Next
Loading...
Deals powered by WhistleOut

Sponsored resources