McAfee offers payments to cover FP cleanup costs

Posted by   Virus Bulletin on   May 4, 2010

Compensation for faulty update victims could set precedent.

Victims of the erroneous McAfee DAT update last month are being offered cash payments to cover costs incurred in fixing the problem.

The issue emerged on 21 April, when users of McAfee's corporate solution VirusScan Enterprise found their machines rendered inoperable after the common process svchost tripped a faulty detection algorithm. The problem apparently only affected users of Windows XP SP3 using a scanning setting disabled by default, and the dodgy DAT was recalled swiftly, but the error struck large numbers of users around the world.

In response to the predictable wave of anger and frustration, McAfee offered support and assistance, setting up a dedicated support line and providing software via mail for those unable to access their machines at all to download fixes. In an unusual step, the company has also promised to reimburse 'reasonable expenses' to those who have already shelled out for professional help - a move which could set a precedent for security firms offering compensation to those hit by such errors. A number of firms have in the past offered 'insurance' against malware sneaking past the protection they offer, but the problem of damage caused by false positives is rarely addressed in this way.

An early report on the false positive issue can be found in The Register here, with details of some of those affected here. An open letter from McAfee CEO David DeWalt, explaining some of the measures being taken to ensure no repeat incidents, is still prominently linked on the McAfee homepage and can be found here. The announcement of the assistance and compensation plan is here, although no further details seem to have emerged as yet.

Posted on 04 May 2010 by Virus Bulletin



Latest posts:

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.