Webroot Accidentally Trashes Customers’ Windows Installations
It’s been discussed before whether running third party always-on antivirus is still practical or even necessary at any level — but if you’re one of the 30 million in the reported Webroot install base, then you’re probably wishing you’d beaten that dead horse more thoroughly right now.
Last night an update was pushed to the security product that incorrectly marked critical system files as viruses, taking down millions of otherwise healthy systems across the globe.
Oops and Consequences
The faulty configuration was only live for a few minutes, but that was enough to cause plenty of havoc — The software incorrectly flagged several hundred core windows files as W32.Trojan.Gen and blocked reputable sites like Bloomberg and Facebook on managed systems.
The cascade’s ruinous effect came to light on their forums and twitter as angry users and sysadmins took them to task over it.
Three hours later Webroot issued a fix for both their home and business editions, but has yet to volunteer a fix or further information on those systems that were affected by the bug, whose windows installations may be irreparably damaged.
Webroot Isn’t The Only Pain Point
False positives are a regular occurrence with anti-virus software, but it’s been a while since one so bad has surfaced in such a widespread, destructive manner. Labeling huge chunks of the Windows operating system malicious clearly isn’t intended behavior, but it highlights the biggest problem with antivirus software (at least for the individual.)
That problem is that they typically only serve to make your system less reliable and secure nowadays. The Vault 7 leaks show us that they’re considered by the intelligence community (and, by extension, cyber-criminals) consider them an easy attack vector, and the privileges they need to operate give them license to be potentially (or in the case of Webroot, Practically) very harmful.
At any rate, Webroot’s PR and Development branches have a long, long week ahead of them.
Do you use anti-virus software? Is it still necessary? Let us know in the comments.
Images courtesy Webroot