Information Security Advisory
ITS Security Office – BGSU  4/21/2010 - Updated 4/23/10

McAfee anti-virus update DAT released 4/21/10 was corrupted which impacted computers worldwide, not just BGSU.
As of 4/22/10, McAfee has released new DAT updates and anti-virus products are operating normally.

Systems Affected
Microsoft Windows XP with Service Pack 3 (SP3.)

Overview
McAfee released an anti-virus update DAT 5958 on 4/21/10. A wide range of system problems were reported shortly after installing this update.

Impact
This caused systems to reboot or act erratically. It was determined that problems were due to McAfee falsely detecting infection of w32/wecorl.a.

Solutions
McAfee has released a fix that can be applied to individual systems. If your university system is affected, contact The Technical Support Center located in Hayes Hall 110 at 372-0999.

Home users can also find links, files and information provided by McAfee Corporate Knowledge Base to solve the issue and apply updates.

As of 4/22/10, McAfee has released corrected DAT files and anti-virus products are updating normally.

For more updated information:
McAfee apologizes for crippling PC's with bad update - ComputerWorld
SANS Internet Storm Center
McAfee Community Thread regarding this issue.
Massive manual PC cleanup expected after McAfee error - Technology Live
Few answers after McAfee antivirus hits Intel, others - PCWorld
Software update shuts down thousands of University of Michigan Health System, Medical School computers - AnnArbor.com
McAfee false positive bricks enterprise PCs worldwide - The Register
Broken McAfee DAT update cripples Windows workstations - ars technica
McAfee update shutting down Windows XP computers - SlipperyBrick
Buggy McAfee anti-virus update slams Windows XP PCs - CNet News
McAfee Antivirus Program Goes Berserk, Reboots PCs - New York Times
McAfee security update crashes corporate XP machines - TGDaily
McAfee antivirus program goes berserk, reboots PCs - USA Today
Twitter posts about McAfee issue


DISCLAIMER:   Information Security Advisories and related resources provide technical and administrative advice to protect sensitive information on the University network and to help BGSU comply with regulations pertaining to information security.  Failure to comply with these advisories may directly or indirectly increase the risk of exposure or compromise of sensitive University information.  These advisories and resources do not provide legal advice – contact the BGSU Office of General Counsel or other appropriate legal advisor for interpretations of regulations.