cryptogon.com

news – analysis – conspiracies

• Home
• About
• Archives
• Contact
• Support Cryptogon
• Story Suggestions

Symantec False Positive Cripples Thousands of Chinese PCs

May 20th, 2007

Not as destructive as a powerful EMP weapon, but this is an impressive result for a software bomb.

Via: Computerworld:

A signature update to Symantec’s anti-virus software crippled thousands of Chinese PCs Friday when the security software took two critical Windows .dll files for malware.

According to numerous blog entries from Chinese computer users, a virus signature database seeded yesterday mistook two system files of a Chinese edition of Windows XP SP2 as a Trojan horse which Symantec dubs “Backdoor.Haxdoor.” The anti-virus software — Norton AntiVirus, for example, or the anti-virus component of the Norton 360 or Norton Internet Security suites — then quarantined the netapi32.dll and lsasrv.dll files.

“With these files removed, Windows XP will no longer start up, and even the system Safe Mode no longer functions,” said one user writing to the alt.comp.anti-virus newsgroup this morning.

Sign in | Register

The New Zealand Copyright Act 1994 specifies certain circumstances where all or a substantial part of a copyright work may be used without the copyright owner's permission. A "fair dealing" with copyright material does not infringe copyright if it is for the following purposes: research or private study; criticism or review; or reporting current events. If you are a legal copyright holder, or a designated agent for such, and you believe a post on this website falls outside the boundaries of "fair dealing," and legitimately infringes on your or your client's copyright, please contact Kevin Flaherty. Cryptogon contains both original material and material from external sources. Original material: Copyright Kevin Flaherty. Material from external sources: Copyright the respective owners / authors.

Design by Andreas Viklund | Ported by Matteo Turchetto