McAfee offers payments to cover FP cleanup costs

Posted by   Virus Bulletin on   May 4, 2010

Compensation for faulty update victims could set precedent.

Victims of the erroneous McAfee DAT update last month are being offered cash payments to cover costs incurred in fixing the problem.

The issue emerged on 21 April, when users of McAfee's corporate solution VirusScan Enterprise found their machines rendered inoperable after the common process svchost tripped a faulty detection algorithm. The problem apparently only affected users of Windows XP SP3 using a scanning setting disabled by default, and the dodgy DAT was recalled swiftly, but the error struck large numbers of users around the world.

In response to the predictable wave of anger and frustration, McAfee offered support and assistance, setting up a dedicated support line and providing software via mail for those unable to access their machines at all to download fixes. In an unusual step, the company has also promised to reimburse 'reasonable expenses' to those who have already shelled out for professional help - a move which could set a precedent for security firms offering compensation to those hit by such errors. A number of firms have in the past offered 'insurance' against malware sneaking past the protection they offer, but the problem of damage caused by false positives is rarely addressed in this way.

An early report on the false positive issue can be found in The Register here, with details of some of those affected here. An open letter from McAfee CEO David DeWalt, explaining some of the measures being taken to ensure no repeat incidents, is still prominently linked on the McAfee homepage and can be found here. The announcement of the assistance and compensation plan is here, although no further details seem to have emerged as yet.

Posted on 04 May 2010 by Virus Bulletin



Latest posts:

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

VB2021 localhost is over, but the content is still available to view!

VB2021 localhost - VB's second virtual conference - took place last week, but you can still watch all the presentations.

VB2021 localhost call for last-minute papers

The call for last-minute papers for VB2021 localhost is now open. Submit before 20 August to have your paper considered for one of the slots reserved for 'hot' research!

New article: Run your malicious VBA macros anywhere!

Kurt Natvig explains how he recompiled malicious VBA macro code to valid harmless Python 3.x code.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.