BitDefender update wipes Windows
Users of the BitDefender anti-virus package have been left with broken Windows installations following a bad update.
As reported over on ITworld, the update caused heartache for users of 64-bit editions of Windows by incorrectly assessing vital systems files as being examples of Trojan.FakeAlert.5 - causing the system to crash and fail to reboot.
Ironically, among the files detected as Trojans by BitDefender are files used by the software itself - meaning that the update can even cause BitDefender to stop working.
Unfortunately for those who chose to delete or quarantine the 'infected' files, it left their systems unable to boot - as several BitDefender users have bemoaned on the company's forums. Users who haven't rebooted are advised to restore the files from quarantine before doing so; users who are left with an unusable system are asked to try running Windows' System Restore feature or the Last Known Good Configuration boot option.
This kind of issue isn't restricted to a single vendor, of course - instead, all signature-based anti-virus applications are vulnerable to an improperly tested update going haywire. Software from vendors including Computer Associates and Grisoft have also resulted in users being unable to reboot their systems in the past.
For those BitDefender users who have not yet been bitten by the bug, the latest update corrects the signatures and prevents the misdetection.
Are you amazed that anti-virus companies can continue to release updates which cause such problems for their users, or is it simply impossible to perform enough testing on something as complicated as virus signatures to guarantee they won't trigger prematurely? Share your thoughts over in the forums.
Previous Article
39 Comments
Discuss in the forums ReplyWe are very sorry for the problems people may have had in regards to this issue.
We have been providing information to our users via support articles that are updated regularly as we implement solutions:
Home users will find solutions here: http://www.bitdefender.com/site/KnowledgeBase/consumer/#638
BitDefender Business Client users will find solutions here: http://www.bitdefender.com/site/KnowledgeBase/consumer/#643
BitDefender Security for File Servers users will find solutions here: http://www.bitdefender.com/site/KnowledgeBase/consumer/#642
If anyone has further problems please let me know here and I will help you to deal with them.
Best,
Matt Hicks
BitDefender UK
Edit: I'm not on my home computer at the moment
copy and paste only taeks 5minsto fix this
Providing you have access to another machine this is simple to fix, but it should never happen in the first place.
My own personal setup is currently MSSE and Spybot for browser security and to cover the holes missed by MSSE. WHS backup makes a full disk restore take 10 mins or so.
Remember kids always look at what the AV has identified before you click remove/quarantine. Stay safe out there.
Nuff said.
Avast ftw :)
I'm more used to the larger companies trying to hide the issues.
Having said that, it does highlight the issue that there is no safety out there other than education and a little luck.
zero-day exploits are increasingly common and no matter how good your AV prog is, if its relying up signature updates to catch things, its still a reactionary process.
This means there's always a window for the user's PC to contract the virus before a signature can be written for it.
Or, the other extreme is that they rush out poorly tested sigs due to time pressures and mistakes can be made.
I see AV going the way of firewalls.
Originally, firewalls were set to allow all and block specific threats.
Now they're generally block all and allow specific ports.
Anyway, I'm AV free for now and happy.
I use Linux when I can, can't wait til all AAA games are released for Linux and Windows simultaneously then I'll be Linux exclusively. :D
1 post and join date today? Does that not ring any alarm bells for anyone else here that it may be 1 of 2 things, 1) He's a spammer and 2) He wants people to think that he is a bitdefender employee and while he's "help[ing] you deal with them" he might be trying to scam you into doing something you shouldn't?
Maybe I'm just more wary of these things than other people but I wouldn't trust him as far as I could throw him.....
to the person spouting linux, will only be a matter of time before, like any other operating system, you will need antivirus.
even mac users are not totally protected, ok at the moment there are a small number of viruses that attack mac, but as it becomes more popular, so the virus writers will target more and more.
Hi,
You make a good point - we have had some problems with scammers trying to direct people to false url's over this isssue.
If anyone is in doubt about my previous post, please just find BitDefender through a search engine and visit one of our official sites - you should get the information you need from the news section on there.
Thanks,
Matt Hicks
BitDefender
Being that he's not trying to direct us to websites like bitdefender.net or biitdefender.com, I'd hazard a guess that he's legit.
Whilst it is true that more people will try to compromise a mac or 'nix system as it grows in popularity, the amount of damage a virus can do to a typical unix system is minimal thanks to everyone using a user account. Its the people who use XP or turn off UAC in Vista or Service Pack 3 that give any executable free reign over their system.
There will always be browser exploits letting the side down, but any damage a virus can do to nix is limited to the user's home folder, unless they are silly enough to put the admin password in when prompted.
Willing to be proved wrong, but that's the way I see it.
I wasn't questioning the links I'm just wary about getting help from someone claiming to be from an anti-virus company.
He seems genuine enough I'm just an extremely cautious person :P
With you average user being conditioned on windows that they have to click allow to work, I don't see Joe Bloggs doing anything different on *nix he'll just be conditioned that he has to enter a password to allow programs to run and will do the same when a virus prompts.
The reason Windows is constantly being pumped is due to the fact most users run as admins and simply double-clicking specific types of files gives those files free reign to modify anything it likes on the system.
The reason Macs and linux are more secure is that they dont run users as admins as default.
So you can double-click your nasty file but unless you type in your root password, its severely limited in what it can do.
Of course the argument of a much smaller target pool making nix/mac less appealing as a target is a strong one, but I do believe as their userbases get larger (which I think will happen faster and faster) they will remain more resilient than windows ever will be.
Time will tell I guess... :)
Just a suggestion.
***continues working on his unix box***
If i were a bad guy i would use that to my advantage
To hell with your company and your ****ed up quality assurance.
No, Matt is actually from Bit Defender in the UK.
I must say, they are being very proactive about replying and informing - so kudos!
Perhaps not even 1 tester rebooted.
But seriously, these sorts of mistakes shouldn't happen. If i didn't have a recent system restore id be buggered.
Agree we all make mistakes it how you handle them that shows your true colours.
But you can turn it off, and people DO turn it off, because they can and because they think that their time is too precious to click an extra button. Vista had UAC right, it was just a big change after their XP seive. With Windows 7 they've dumbed it down so much it is almost meaningless.
Unless it asks for your password, you are not in a user account and are in some weird quasi admin account, so airchie is right.
Again, I can only apologise for the problems people have experienced. The update in question was isolated to 64-bit OS and was withdrawn shortly after being issued, which meant very few users were affected.
Anyone still having problems can get support here -
http://www.bitdefender.com/site/KnowledgeBase/consumer/#638
Please feel free to let me know here if this does not fix things for you.
Best,
Matt Hicks
BitDefender UK
If it had hit me I too would be fuming but nothing is infallable.
I dare say your average BD user has been saved numerous times from infections etc so arguably they are allowed one slip up?
Providing they learn from it and improve their working practices it hasn't been a complete waste of time.
People are idiots, and click everything you tell them to click to watch their precious pr0n. Most of them don't even read what they click, I actually once made a popup with several lines of text saying that "your PC will be infected and all your details will be submitted to online databases." 96% of people (from about 45.000) clicked it.
And gavomatic57, UAC can be avoided by adding ONE short line of code to your virus. Well, four actually (one for each system - Vista and 7, x86 and x64 versions), I've never seen a virus to trigger UAC, besides very noobish ones.