Security firm Symantec released malware signature updates for it antivirus software that caused some Windows XP machines to crash into a Blue Screen Of Death — BSOD.
The update was sent out to users of Symantec’s security products over about an eight hour period between July 11th and 12th. “The root cause of the issue,” writes Symantec’s Orla Cox, “was an incompatibility due to a three way interaction between some third party software that implements a file system driver using kernel stack based file objects – typical of encryption drivers, the SONAR signature and the Windows XP Cache manager. The SONAR signature update caused new file operations that create the conflict and led to the system crash”.
SONAR stands for “Symantec Online Network for Advanced Response” and is technology that is used to identify potentially malicious behavior exhibited by software. According to Symantec, the problem the following products:
The “certain third-party software” have been identified by Symantec to include the following products:
For systems that refuse to run following the installation of this update Symantec has published a workaround to help get people’s XP machines back up and running. Most of the time, antivirus programs protect us from hassles, but this is one in a long line of examples where faulty signature updates can render a PC inoperable. Over the years almost every major antivirus vendor has shipped dodgy updates that have caused problems on the PC they end up being installed on.