Bad Kaspersky antivirus update prevents business and home users from accessing websites
Kaspersky antivirus update users are advised to temporarily disable the Web protection component and install a new update in order to fix the issue
IDG News Service - A faulty antivirus update issued by Kaspersky Lab on Monday left many of its home and business customers unable to access any websites on their computers.
Systems administrators using Kaspersky Endpoint Security (KES) on their corporate networks started reporting the problem on Kaspersky's support forum on Monday afternoon, Eastern Time. The reports kept piling up until late in the evening.
"I have ~12,000 machines running KES8 and my help desk started getting calls about an hour ago saying users were having problems accessing various web sites," one user named bradb21 reported.
Other users confirmed the problem and attempted to troubleshoot it themselves. Some reported success after disabling the Web protection component or turning off the product's monitoring for port 80, 443 and other Web proxy ports.
Users later posted responses they had received from the company's technical support representatives. This included a recommendation to temporarily disable the Web antivirus component on the affected computers via the management console, force them to perform a new definition update and re-enable the Web antivirus.
Most users reported that the problem manifested itself only on Windows XP systems. However, the faulty update didn't just affect business antivirus products, but consumer ones as well.
"The issue was caused by a database update released on 4/2/2013 at 8:52:00 PM MSK [Moscow Standard Time] that resulted in the Web Anti-Virus component in some products blocking Internet access," a Kaspersky representative said Tuesday via email. "The problem only affected x86 systems with the following products installed: Kaspersky Anti-Virus for Windows Workstations 6.04 MP4; Kaspersky Endpoint Security 8 for Windows; Kaspersky Endpoint Security 10 for Windows; Kaspersky Internet Security 2012 and 2013; and Kaspersky Pure 2.0."
The problem was fixed with a database update released on Jan. 5 at 2:31 a.m. Moscow Standard Time (Jan. 4 at 5:31 p.m. ET), according to the Kaspersky representative.
Computers that download updates via the Kaspersky Administration Kit or Security Center management console will receive the fix automatically. However, computers that are configured to download the antivirus updates directly from Kaspersky's update servers will need to first have the Web Anti-Virus component disabled, the Kaspersky representative said.
"Kaspersky Lab would like to apologize for any inconvenience caused by this database update error. Actions have been taken to prevent such incidents from occurring in the future," she said.
Faulty antivirus updates are not uncommon and nearly every antivirus company has had to deal with them at one time or another. The impact of a bad update, however, is different from case to case and can range from a mild annoyance to hours of downtime.
There have been cases when bad antivirus updates deleted critical system files and left computers unable to boot into the operating system. In such situations, fixing the problem can require manual intervention, which can be a very time consuming task, especially on corporate networks with hundreds or thousands of computers and offsite branches.
- Top 10 Reasons to Strengthen Information Security with Desktop Virtualization Regain control and reduce risk without sacrificing business productivity and growth
- Preventing Sophisticated Attacks: Anti-Evasion & Advanced Evasion Techniques McAfee Next Generation Firewall applies sophisticated analysis techniques specifically to detect advanced evasion techniques (AET).
- The Security Industry's Dirty Little Secret The debate over advanced evasion techniques (AETs) This report summarizes the findings of a McAfee commissioned research group to determine the level of understanding IT security professionals have about AETs...
- Demand More, Get the Most from the Move to a Next-Generation Firewall Beyond the basics in a next generation firewall, to protect your investment you should demand other valuable features: intrusion prevention, contextual rules, advanced...
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!