![]() ![]() "I've not seen any reports from customers who had left this setting disabled," said Samantha Price, a manager of McAfee's global threat response team, in a message on the firm's support forum for VirusScan Enterprise. If you're running an older version, including the earlier Enterprise 8.5, you were in the clear.Ī McAfee manager shed some additional light on why some Windows XP SP3 systems were clobbered, while others kept on running. Only machines running VirusScan 8.7 were affected, users reported and McAfee confirmed. Why were only some crippled? Good question. ![]() There are, however, scattered reports on the McAfee support forum of Vista machines also going down. McAfee also said even older editions - such as Windows 98 - were unaffected. Other version of Windows XP, including SP1 and SP2, were not nailed by the update, nor were systems running Windows 2000, Vista, Windows 7, Windows Server 2003 and Windows Server 2008. What machines were affected? Only PCs running Windows XP Service Pack 3 (SP3), says McAfee. Most also lost all network capability, and some were unable to "see" USB drives, a major problem since recovery may require the reinstallation of svchost.exe, something that could be done more easily by walking a flash drive from one crippled computer to the next. When users applied the update, then rebooted, they were toast: The machines crashed and rebooted repeatedly. Why did the PCs crash and burn after getting the bad update? Without svchost.exe - a generic host process for services that run from other Windows DLLs (dynamic link libraries) - a Windows PC won't boot properly. Think of the snafu as if the police pinned a crime on a suspect based on flawed DNA testing, only to find out they'd got the wrong guy. In some cases, the update actually deleted the file. Instead, it went rogue, wrongly fingered the critical "svchost.exe" file in Windows XP Service Pack 3 (SP3) as malware, and then quarantined it by removing it from its normal location. ![]() Wednesday's update - McAfee pushes daily updates to its corporate customers - was meant to detect and destroy a relatively minor threat, the "W32/wecorl.a" virus. Much of this info is discussed within the ReadMe.txt file.What happened? Short answer: McAfee screwed up. Additionally, there is a ReadMe.txt associated with the. Most likely you don't need the scan engine re-installed, so XXXXxDat.exe is probably the easiest to use.Įach tab for Dat and SuperDAT lists the most recent available file. No particular reason to use SDatxxxxx.exe over the smaller XXXXxDat.exe file if the Scan Engine is installed. Sdatxxxx.exe is about 5.5 MB larger than XXXXxDat.exe because sdatxxxx.exe also contains the Scan Engine (v5400). Well, I am assuming you already have a base install of VSE.īoth files contain the Signature (DAT) files. What would be the best prefered DAT file to download? The SuperDAT (sdatXXXX) or the DAT (XXXXxdat) ? If I am offline, then what do I need to download? I would suggest reading the Readme.txt from McAfee's site for each download where many of these details are documented. The SuperDAT is useful if ever you encounter a situation where the signature files or the runtime has become corrupted, or the engine files have updated improperly, leaving the system unstable or unprotected. (That's if you initial VSE image is using an old version of the Scan Engine, which hopefully is not true.) Similarly, you could download the Scan Engine once, and periodically download the smaller xDat signature file, saving time and money (on both sides). So, after an image restore, you could update the signatures and engine in one download. The SuperDAT (sdatnnnn.exe) also contains the Scan Engine in addition to the Signature files, whereas the xDat (nnnnXDAT.exe) does not contain the Scan Engine.Ĭurrent SuperDAT files contain the 5400.exe ( ) scan engine. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |