Trend Micro antivirus update slows PCs worldwide
Bug created loop that sucked up processing power
IDG News Service - TOKYO -- A faulty update to antivirus software released over the weekend by Trend Micro Inc. caused PCs to slow down or stop working around the world, the company said today.
By 2 p.m. local time in Tokyo, Trend Micro had received 311,900 calls from business and consumer users in Japan saying their PCs had been affected by a faulty data file containing information about known viruses and worms, according to the company. The data file was available between 7:30 a.m. and 9:02 a.m. Tokyo time on April 23, said company spokeswoman Naomi Ikenomoto.
A bug in the file, Official Pattern Release (OPR) 2.594.00, created a loop that sucked up all or nearly all the processing power of PCs that had downloaded the update, she said.
Enterprise PCs using Microsoft Corp.'s Windows XP Service Pack 2 and Trend Micro's OfficeScan software were affected, as were consumer PCs using SP2 and Trend Micro's PC-cillin Internet Security 2005 VirusBuster software, Ikenomoto said.
"The problem was caused by our virus labs in Manila during the checking process when a part of the test wasn't performed," she said.
The company replaced the faulty file with Version 2.596.00 at 10:51 a.m. This and later OPRs issued by Trend Micro will automatically end the problem in PCs that download the new files, the company said.
The vast majority of those affected by the faulty file were in Japan, although Trend Micro has received several reports of users experiencing problems from Australia and countries in the Middle East and Europe. The company had several hundred calls from customers in the U.S., Ikenomoto said.
"It was a lot of trouble; I had to go half the day not using my PC," said Yoshimi Machida, a language instructor in Tokyo whose desktop PC was hit by the faulty update at about 9 a.m. Saturday morning, when she switched her PC on.
The PC slowed to a crawl when downloading e-mail, Machida said. She at first thought either that the PC had downloaded a virus through the e-mail software or that the PC was breaking down. After spending an hour trying to get through to the PC vendor's call center without success, she gave up, switched off her PC and left her house for an appointment she couldn't miss, she said.
"Initially, I wasn't angry; I was just worried. I couldn't do a thing," Machida said. "Then when I got home in the afternoon and I found out [from the TV news] that it was Trend Micro ... I got angry. Getting a virus is frightening. Every year Ipay money to Trend Micro, and then it turned out that they were the cause of this trouble, and this is just unbelievable."
Trend Micro has yet to make any announcement on compensation or other measures for customers affected by the problem. If the company does decide to compensate customers, the details will remain confidential between customers and the company, Ikenomoto said.
- Fight Malware, Malfeasance and Malingering Every year brings more extreme sets of threats than the last. The good news is that there are a range of mitigation options....
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope... All Malware and Vulnerabilities White Papers | Webcasts