Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - BitDefender 2010 Update Problem InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

BitDefender 2010 Update Problem

Published: 2010-03-20
Last Updated: 2010-03-21 00:44:19 UTC
by Scott Fendley (Version: 2)
0 comment(s)

We have started to receive reports this morning concerning a popular consumer antivirus product has caused some grief today.  BitDefender 2010 appears to have released a set of bad definitions.  Unfortunately, these bad virus definitions appear to detect core DLL files and even parts of BitDefender, itself, as infected by "Trojan.FakeAlert.5".  There is quite a thread discussing this issue on the BitDefender Forums.

If you or your organization uses BitDefender, I would heavily recommend that you disable auto-update of the definitions until corrected ones are released soon.  Also, I would recommend preparing to do a lot of hands-on clean up to reverse those files which were quarantined by accident.

Update:  BitDefender has been sharing more information about this incident involving 64-bit architecture via their twitter account.  They point users to their knowledge base for more details on how to recover from this problem.  I hope that beyond the initial response of this major issue,  BitDefender and all antivirus vendors will recheck how they test, do quality assurance, and prepare to use social media as a communication tool for their customers in the case of an emergency.

Scott Fendley ISC Handler

Keywords: bitdefender
0 comment(s)
Diary Archives