Categories: SecurityWorkspace

Buggy Symantec AV Update Crashed Windows XP

Symantec has confirmed that an update to its Endpoint Protection 12.1 and Norton antivirus software for business products crashed PCs and left users to suffer the infamous “blue screen of death (BSOD)”

The flaw only affected those running Windows XP, who were also subject to the BSOD following a Patch Tuesday update issued by Microsoft in 2010.

The security firm says that it has identified the issue and that it is reviewing it compatibility and quality assurance testing to ensure that it doesn’t happen again.

Compatibility issues

“On July 11th, 2012 Symantec Security Response started receiving reports of customers experiencing blue screens after applying the July 11th revision 18 definitions,” said Orla Cox of Symantec Security Response. “After a full evaluation and root cause analysis of the issue, we have determined that the issue was limited to machines running a combination of Windows XP, the latest version of the SONAR technology, the July 11th rev11 SONAR signature set, and certain third party software.”

“Only customers running this combination of technologies and who downloaded the July 11th rev11 SONAR signature set via LiveUpdate between 6:25PM PT and 2:51AM PT on July 12th were affected,” she added. “The root cause of the issue was an incompatibility due to a three way interaction between some third party software that implements a file system driver using kernel stack based file objects – typical of encryption drivers, the SONAR signature and the Windows XP Cache manager. The SONAR signature update caused new file operations that create the conflict and led to the system crash.”

It said it acknowledged the inconvenience that the issue had caused and has posted updated signatures to the LiveUpdate servers that resolve the issue for Symantec Windows XP users.

The incident is reminiscent of a 2010 incident when rival McAfee issued an update to its VirusScan Enterprise which falsely identified a core Windows file as a threat, causing it to quarantine and reboot the file, meaning many Windows XP users were trapped in an endless reboot cycle.

Symantec suffered embarrassment earlier this year after Anonymous released what it claimed was source code obtained from a 2006 security breach that led to concerns about the vulnerability of Symantec’s PCAnywhere software.

How well do you know Internet security? Try our quiz and find out!

Steve McCaskill

Steve McCaskill is editor of TechWeekEurope and ChannelBiz. He joined as a reporter in 2011 and covers all areas of IT, with a particular interest in telecommunications, mobile and networking, along with sports technology.

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

3 days ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

3 days ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

3 days ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

3 days ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

4 days ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

4 days ago