14 DAY TRIAL // A bad virus definition update from Avast released on Wednesday caused a lot of trouble, as it mistook various components in legitimate programs installed on the machine for malware.
The list of valid software affected by the signature update includes Firefox, iTunes, NVIDIA drivers, Google Chrome, Adobe Flash Player, Skype, Opera, TeamViewer, ATI drivers, as well as products from Corel and components of Microsoft Office.
Only business products received the bad update
Non-threatening DLL files were mislabeled as Krypitik-PFA Trojan, and got dumped into the quarantine section or deleted, depending on the user’s configuration for the antivirus. As a consequence, the affected programs were no longer able to run.
According to information from Avast, the bad update impacted only systems that received the VPS5 version of the virus database, which is delivered to Avast 5 as well as Avast Endpoint Protection Suite, a product for client and server protection that is currently at version 8; all product versions in between have been affected.
Avast Antivirus for personal use, which 99% of the users have, has not been impacted by the bad signature update because it relies on VPS9.
Users of the business product took to the security vendor’s forum to complain about their programs being crippled by the false positives sweep and to receive advice about remedying the problem.
Hundreds of systems impacted by the update blunder
It is worth noting that some of them rely on Avast’s solution to ensure protection for multiple computers, in some cases the number reaching even thousands of machines.
One of admins complaining of the trouble on the company’s forum said that they had about 100 systems reporting false positives and that the antivirus did not allow installation of EXE files.
In a post today, another admin, writing under the alias kaidomac, said, “I just had 200 computers blow up yesterday. It cost my client a LOT of money to have everyone go down like that. It ate everything from email to database software. Really really really bad.”
The issue has been solved by Avast via the release of a new update. Additionally, the company issued an apology on Twitter to all affected users.
We apologize to Avast 5, 6, 7, 8 users for a faulty virus signature update. Please do an Engine & virus definition/Program update.
— Avast Software (@avast_antivirus) May 6, 2015