Samker's Computer Forum - SCforum.info

Security Software Armory: => Anti-Virus (Security Suite) => Topic started by: Samker on 14. March 2015., 09:43:14

Title: Warning: Latest Panda AV update classified itself as malign!
Post by: Samker on 14. March 2015., 09:43:14

(http://3.bp.blogspot.com/-3yd-yYreg1s/U_aK9RFaWKI/AAAAAAAAAEc/w59ZO8dWhFc/s1600/Panda-Antivirus.png)

Panda users had a bad hair day on Wednesday, after the Spanish security software firm released an update that classified components of its own technology as malign.

As a result, enterprise PCs running the antivirus software tied themselves in something of a knot, leaving some systems either unstable or unable to access the internet. A Panda spokesman confirmed the problem while advising that the issue was well in hand.

"A bad update was published temporarily today [Wednesday] that resulted in some system files being detected by the Panda engine, a replacement update was promptly published removing the error and restoring the wrongly quarantined files," a Panda representative told El Reg.

"At present we recommend NOT rebooting systems. This will allow us to update the system with the amended update. This update will also restore files previously detected," he added.

An official advisory on the problem says that the issue was limited to Panda Cloud Office Protection, Retail 2015 products and Panda Free AV. Users are strongly advised not to restart their computer until a fix is available: http://www.pandasecurity.com/uk/homeusers/support/card?id=100045

El Reg heard about the Panda slip-up via a tip from reader Austin, who ought to be excused claiming overtime on the back of the problem.

"Dozens of installs of Panda Antivirus across multiple sites all just detected components of itself as a virus, simultaneously," Austin explained. "Perhaps 60 in total across five sites, out of an installed base of around 300."

"If you let it disinfect 'the problem' with a reboot, you have no network access post-reboot."

"Files we've seen 'detected' include psanmodrep.dll and alertsmanager.dll – both key components of Panda Antivirus itself," he added.

False positives involving antivirus updates have affected all vendors from time to time, here you have few examples:

http://scforum.info/index.php/topic,2880.0.html

http://scforum.info/index.php/topic,2980.0.html

http://scforum.info/index.php/topic,4435.0.html

The consequent problems are at their worst when Windows operating system files are falsely classified as potentially malign and quarantined, resulting in unusable Windows systems. Panda's auto-immune screw-up would have caused comparable problems.

(ElReg)