Trend false alert cripples users’ systems, Sophos sites taken out by DNS mixup.
Two of the larger security firms,
Trend Micro
and
Sophos
, had a busy weekend cleaning up after troubles hit them on Friday.
Trend Micro
released a pair of signature updates which led to its products erroneously identifying several
Windows
system files as malware, resulting in some systems becoming unusable. Meanwhile, some
Sophos
customers were left unable to access updates thanks to DNS problems which impacted access to the firm’s websites for up to 48 hours.
The
Trend
false positive resulted from a pair of faulty definitions, and hit
XP
and
Vista
users around the world. An update to fix the problem was released promptly on Friday, but not in time for some, who found their systems frozen as access to the required DLL and Javascript files was denied by the security software.
Although the exact number of customers affected remains unclear, one correspondent told
ComputerWorld
the
Trend
support lines were overflowing with demands for assistance. The incident is not thought to be as major as one suffered by
Trend
three years ago
, which severely affected many users in
Trend
‘s home market of Japan and led to public apologies from the
Trend
board. More details and comment on the recent problems are in
ComputerWorld
here
or
The Register
here
, with an official support article at
Trend
here
.
Sophos
users found access to some of the company’s websites, including those used to provide security updates, interrupted after what was apparently an error made by an external DNS management company. The slip meant that the
sophos.com
domain was unreachable for a time, although local versions of the site were unaffected. Even once the problem had been spotted and fixed, users in some areas continued to have problems into the weekend as the changes propagated.
Sophos
issued statements making it clear that the problems were not the results of any malicious activity, and reassuring customers that updates would be caught up with as soon as the DNS changes settled in. The advisory is on the
Sophos
site
here
.
Posted on 10 September 2008 by
Virus Bulletin
Leave a Reply