McAfee blacklists chunk of web

January 3, 2008 // 10:18 a.m.

Tags: #anti-virus #bug #mcafee #software #update #virus #virusscan #windows

It seems that security software vendor McAfee has made a bit of a boo-boo with the latest update to its flagship anti-virus package: it's a little too good at what it does.

Several websites, including (but by no means limited to) Ars Technica, ESPN.com, Friendster, and Mootools, are being erroneously reported as purveyors of insidious JavaScript exploit JS/Exploit-BO. Accordingly, the anti-virus product is preventing access to such sites; it's just a shame that they're not infected, really.

It seems that the latest batch of virus definitions – version 5197 - for the signature-based AV McAfee VirusScan hadn't had quite enough testing, and was rolled out with a flaw giving the scanner a hair-trigger when checking websites on-the-fly. Users of the software will have had trouble accessing not-inconsiderable chunks of the web since installing the update, which is performed automatically at regular intervals without prompting the user.

Users affected by the bug are recommended to upgrade to DAT file version 5198 or newer, which will be done automatically at the next scheduled check.

So far the only official word from McAfee on the matter has been an alert to enterprise customers announcing an emergency DAT file release to correct “false detection (JS/Exploit-BO) on certain javascript files.

Does anyone here use McAfee VirusScan and was wondering what the heck happened to the web today or are we all using Avast, AVG, or something even more secure? Let us know via the forums.

QUICK COMMENT

View this in the forums

SUBSCRIBE TO OUR NEWSLETTER

WEEK IN REVIEW

TOP STORIES

SUGGESTED FOR YOU