Face-palm time. Panda Antivirus accidentally labels itself malware and damages an undisclosed number of PCs
There were red faces at Panda Security this week after it admitted an update problem had caused part of its antivirus software to misidentify itself as malware.
Indeed, the problem was so serious that an undisclosed number of business computers were reportedly left unstable and even ‘bricked‘ after users rebooted the machines.
The problem occurred on Wednesday after the Spanish security specialist issued an update, which caused certain components in three Panda Security antivirus programs to become corrupted.
To make matters worse, the AV program mistakenly identified those components as malign and quarantined them.
“We are working on solving the problem as fast as we can. We’ll keep you posted. Sorry for the inconvenience,” Panda tweeted urgently on Wednesday.
But then it emerged that rebooting the affected PCs, a commonly used practice when dealing with problematic PCs, would only make things worse.
“Please, Don’t reboot PCs. We’ll keep you posted,” a panicky Panda tweet read.
Panda then deployed a solution to all the affected products which automatically restored the quarantined files. It then had to develop a tool to help customers who could not restart their computers, and for those customers who were still experiencing DLL errors.
The company issued the following advisory about the problem, which it said affected its Panda Cloud Office Protection, Retail 2015 products and Panda Free AV. Panda said the erroneous signature file was “repaired immediately,” but warned under certain conditions it is possible for the “incident to persist.”
“We have solved 90 percent of the incidents, and support is being given in real time to the ones that still have some issues,” a Panda Security spokeswoman told the BBC. The company said that only 8 percent of the “millions” of PCOP and Retail 2015 customers were affected by the issue.
However the spokeswoman refused to be more precise about the figures.
Update problems like this thankfully pretty rare, but it should be noted that this is not the first time that an update to a security system designed to protect computers has caused problems.
Back in April 2010, thousands of Windows XP PCs running McAfee VirusScan Enterprise were disabled after a security update.
That particular update caused VirusScan to falsely identify a core Windows file as a threat. Like the Panda problem, it then quarantined the file and shut down the computer. But when the user restarted the computer, Windows was unable to load and the PC either crashed or entered an endless reboot cycle.
But some experts point out that this type of problem demonstrates how it is nowadays quicker and easier to recover virtual machines instead of traditional systems.
“Today’s example of how simple things gone wrong can create havoc with computer systems underscores the need for businesses to always have a solid business continuity plan,” explained Steven Harrison, lead technologist at a British Cloud and connectivity provider called Exponential-e.
“What many businesses may not realise, is that by moving away from bare metal or “thick” servers to desktops and virtualising those IT systems into the Could, recovering from these types of problems becomes easier and quicker,” said Harrison. “A traditional system can only really be re-booted in its current state, which in this case only made things worse.”
He pointed out that a virtual system can be rebooted several “snapshots” back in time, which means organisations can instantly restore the system to a previous functioning state.
Are you a security pro? Try our quiz!