Categories: SecurityWorkspace

Buggy Symantec AV Update Crashed Windows XP

Symantec has confirmed that an update to its Endpoint Protection 12.1 and Norton antivirus software for business products crashed PCs and left users to suffer the infamous “blue screen of death (BSOD)”

The flaw only affected those running Windows XP, who were also subject to the BSOD following a Patch Tuesday update issued by Microsoft in 2010.

The security firm says that it has identified the issue and that it is reviewing it compatibility and quality assurance testing to ensure that it doesn’t happen again.

Compatibility issues

“On July 11th, 2012 Symantec Security Response started receiving reports of customers experiencing blue screens after applying the July 11th revision 18 definitions,” said Orla Cox of Symantec Security Response. “After a full evaluation and root cause analysis of the issue, we have determined that the issue was limited to machines running a combination of Windows XP, the latest version of the SONAR technology, the July 11th rev11 SONAR signature set, and certain third party software.”

“Only customers running this combination of technologies and who downloaded the July 11th rev11 SONAR signature set via LiveUpdate between 6:25PM PT and 2:51AM PT on July 12th were affected,” she added. “The root cause of the issue was an incompatibility due to a three way interaction between some third party software that implements a file system driver using kernel stack based file objects – typical of encryption drivers, the SONAR signature and the Windows XP Cache manager. The SONAR signature update caused new file operations that create the conflict and led to the system crash.”

It said it acknowledged the inconvenience that the issue had caused and has posted updated signatures to the LiveUpdate servers that resolve the issue for Symantec Windows XP users.

The incident is reminiscent of a 2010 incident when rival McAfee issued an update to its VirusScan Enterprise which falsely identified a core Windows file as a threat, causing it to quarantine and reboot the file, meaning many Windows XP users were trapped in an endless reboot cycle.

Symantec suffered embarrassment earlier this year after Anonymous released what it claimed was source code obtained from a 2006 security breach that led to concerns about the vulnerability of Symantec’s PCAnywhere software.

How well do you know Internet security? Try our quiz and find out!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Apple Sales Rise 6 Percent After Early iPhone 16 Demand

Fourth quarter results beat Wall Street expectations, as overall sales rise 6 percent, but EU…

24 hours ago

X’s Community Notes Fails To Stem US Election Misinformation – Report

Hate speech non-profit that defeated Elon Musk's lawsuit, warns X's Community Notes is failing to…

1 day ago

Google Fined More Than World’s GDP By Russia

Good luck. Russia demands Google pay a fine worth more than the world's total GDP,…

1 day ago

Spotify, Paramount Sign Up To Use Google Cloud ARM Chips

Google Cloud signs up Spotify, Paramount Global as early customers of its first ARM-based cloud…

2 days ago

Meta Warns Of Accelerating AI Infrastructure Costs

Facebook parent Meta warns of 'significant acceleration' in expenditures on AI infrastructure as revenue, profits…

2 days ago

AI Helps Boost Microsoft Cloud Revenues By 33 Percent

Microsoft says Azure cloud revenues up 33 percent for September quarter as capital expenditures surge…

2 days ago