Webroot Antivirus Program Mistakenly IDs Windows as Threat, Creating Chaos

Popular Antivirus Program Mistakenly IDs Windows as Threat, Creating Chaos
by ALEX JOHNSON TECH  APR 25 2017, 7:53 AM ET
     
An antivirus service used by tens of thousands of businesses and millions of home users shut down an untold number of computers around the world Monday after it mistakenly identified core parts of Microsoft Windows as threats, the company confirmed.

Webroot Inc. of Broomfield, Colorado, didn't immediately respond to a request for comment. But it confirmed on its support forum for customers that it issued an updated detection rule that "identified false positives" for critical Windows operating files Monday afternoon, resulting in those files' being "quarantined" and inaccessible to Windows.

@SwiftOnSecurity, an anonymous but well-respected tech security Twitter account, reported that it appeared that the rule somehow allowed genuine "signed Microsoft files to be removed."

The rule was distributed and applied by Webroot systems around the globe for about 13 minutes, the company said — long enough for businesses, users and administrators to find their files unavailable. Webroot reported serving about 30 million customers last year.

"The rule was removed and we are in the process of rolling back all of the false positives that reside in the Webroot Threat Intelligence platform," the company said.

To make matters worse, Webroot's own systems became "overloaded" by a mammoth backlog of customers' requests to restore affected files from its cloud servers, it said.

 Follow
 Webroot @Webroot
@DueMarauder We're working on a universal fix now. Follow our Community thread to stay up-to-date: http://wbrt.io/lj2x .
3:35 PM - 24 Apr 2017
  6 6 Retweets   2 2 likes

The glitch first manifested itself as customers complained that Webroot was mistakenly flagging Facebook.com as a dangerous identity-fishing site.

Follow
 Billy Rountree @TreeBilliam
I think Webroot is on to something @Snowden
4:59 PM - 24 Apr 2017
  4 4 Retweets   4 4 likes

 Follow
 Sean Porcher @SeanPorcher
@Webroot I'd love to connect with you on facebook (actually no I wouldn't) but it won't let me - sorry. LOL LOL
4:50 PM - 24 Apr 2017
  2 2 Retweets   likes

The company said Monday night that it had resolved that problem. But at 10:40 p.m. ET, Webroot said it was still working to resolve the larger issue "and will keep you updated as soon as more information becomes available."

15h
 Keith Sieman @KeithSieman
> Tfw @Webroot gives you a link to their @facebook page on the very same screen that's blocking access to Facebook... 🙃 pic.twitter.com/6tued4BKu1
 Follow
 Webroot @Webroot

@KeithSieman @facebook A live fix has been released for the Facebook issue and is propagating through to customers now. Learn more here: http://wbrt.io/lj2x .
6:45 PM - 24 Apr 2017
W32.Trojan.Gen. False Positive Fix - April 24

Webroot has recently identified false positives for multiple programs as W32.Trojan.Gen. If you have an endpoint with a file that was quarantined or
community.webroot.com
  2 2 Retweets   1 1 like

It said it had ruled out that it had been the target of hackers.

Webroot's customers — including numerous so-called managed service providers, or MSPs, which use Webroot to manage security for multiple clients of their own — flooded social media to complain.

 Follow
 Torbjørn Remmen @torbjornremmen
#Webroot is setting a new record in false positives.. Apparently flagging business applications and OS files in bulk. No QA on signatures?
4:42 PM - 24 Apr 2017
  3 3 Retweets   2 2 likes
18h
 Webroot @Webroot
@DueMarauder We're working on a universal fix now. Follow our Community thread to stay up-to-date: http://wbrt.io/lj2x .
 Follow
 Pat Moore @DueMarauder
@Webroot Any update on a fix for MSP's? I've got well over 1,000 devices affected by this.
4:41 PM - 24 Apr 2017
  Retweets   likes
19h
 Webroot @Webroot
@jerrichculli Hi - how can I help you? ~LV
 Follow
 Josh Cullitan @jerrichculli
@Webroot i work for a small software company,webroot has targeted our exe and is removing it from pcs
is there anyway to do like a blanket exclusion
2:17 PM - 24 Apr 2017
  1 1 Retweet   2 2 likes
 Follow
 Jordan Hall @DivineOmega
.@Webroot has gone bonkers, flagging signed system executables as malicious, and marking legitimate sites as phishing. 😬 #security #netsec
4:25 PM - 24 Apr 2017
  2 2 Retweets   likes
At least none of my customers use Webroot (oh please don't let Bitdefender have dependencies...) https://t.co/Wk95OwJrEo
— Ben Weston (@psiphyr)

FIRST PUBLISHED APR 25 2017, 12:06 AM ET


Comments

  1. It's good to see your valuable blog regarding Webroot antivirus and you have written well, keep updating with new webroot blog here...Thank you.....Webroot Phone Number

    ReplyDelete
  2. Nice to read you blog post for the Webroot antivirus information and you have done pretty impressive work which is nice....webroot customer care | webroot customer care phone number

    ReplyDelete
  3. I have found your blog on the google while searching about the webroot antivirus program with complete information as i was looking for, you have done pretty work on this blog, thank youWebroot Helpline Number | Webroot Toll Free Number

    ReplyDelete
  4. With McAfee antivirus software user can protect his computer world from all kinds of internet based threats. your blog have helpful information about the McAfee antivirus which is really impressive to read it.....Keep doing well...Webroot Contact Number | Webroot Technical Support

    ReplyDelete
  5. Webroot antivirus is one of the most rising antivirus programs, which has become well-known in no time. It is helpful to protect your PC, Laptop and mobile etc.
    Webroot Antivirus Support Number
    Quickbooks Payroll Support

    ReplyDelete
  6. Hi
    I need to peruse your blog. There is a ton of good data on this blog, I adored understanding it and I figure individuals will get a great deal of help from this blog. Sam, I have composed this sort of blog, you will get an administration and Support from this as well. I trust you like this Facebook customer support blog, Users will get a great deal of data from this blog. I trust you get a great deal of Fully bolster and assistance from this blog.

    ReplyDelete
  7. "mcafee is an antivirus software providers that secure your computer for virus , worms ,trojens and other mailcious program .it provides full range of
    security product like antivirus , firewall etc .you have to do mcafee antivirus download "

    ReplyDelete
  8. "Kaspersky Free is a completely free security solution that does not show any
    third-party advertisements. Kaspersky Free also does not collect your personal data.
    We value your privacy. Kaspersky Total Security is an overall good internet security suite. to click this link kaspersky antivirus"

    ReplyDelete
  9. Amazon is an American multinational technology company which focuses on e-commerce, cloud computing, digital streaming, and artificial intelligence. It is one of the Big Five companies in the U.S. information technology industry, along with Google, Apple, Microsoft, and Facebook. amazon .com

    ReplyDelete

Post a Comment

Popular posts from this blog

Report: World’s 1st remote brain surgery via 5G network performed in China

Visualizing The Power Of The World's Supercomputers

BMW traps alleged thief by remotely locking him in car