Big News: Norton AntiVirus cripples thousands of PCs in China

[Puss in Boots]

Norton AntiVirus cripples thousands of PCs in China
By Lu EnJie - Fri, 05/18/2007 - 09:45.

* Asia
* General
* Technology
* P

A routine upgrade of anti-virus software has disabled tens of
thousands of PCs in China, according to local media reports. The
faulty upgrade caused Symantec's Norton AntiVirus software to remove
critical Windows XP system files, the reports state.

The system files moved or deleted by the software include netapi32.dll
and lsasrv.dll, according to Sohu News (in Chinese). The software
incorrectly identifies the files as being infected with the
Backdoor.Haxdoor trojan. With these files removed, Windows XP will no
longer start up, and even the system safe mode no longer functions.
Only Chinese-language versions of Windows appear to be affected so
far.

The Norton AntiVirus application is part of Norton's 360 suite and it
is pre-installed in many PCs sold in China, indicating that the
problem could potentially affect millions of users.
Patched PCs vulnerable

The problem appears to stem from an update Microsoft released in
November 2006, which contained new versions of some system files, as
PCs which have not applied this update are unaffected.

Symantec has acknowledged the issue and is working on a solution,
reports said - although there is no apparent mention of it on the
company's Chinese website.

PC owners affected by the issue may be able to restore the missing
files from their Windows XP installation CDs. However, since piracy of
Windows XP is common in China, some users may not have access to these.

 

[Homer J. Simpson]

<sarcasm>
I think the bigger news here is that thousands of PC users in China have
started using Norton AntiVirus...not that Norton cripples thousands of
PCs...that's not news.
</sarcasm>






(Then again, I don't suppose my <sarcasm> tag was really needed)

 

[Poprivet]

Norton AntiVirus cripples thousands of PCs in China
By Lu EnJie - Fri, 05/18/2007 - 09:45.

That's great news since most of the world's spam is routed through China and
many asiatic countries!

 

[Wesley Vogel]

LOL

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In

 

[witan]

<sarcasm>
I think the bigger news here is that thousands of PC users in China have
started using Norton AntiVirus...not that Norton cripples thousands of
PCs...that's not news.
</sarcasm>

(Then again, I don't suppose my <sarcasm> tag was really needed)

Who was it that said, "Dog bites man" is not news, "Man bites dog" is.

 

[Malvern]

A Chinese computer set-up and a set-up in non-oriental countries are vastly
different. So the relevant, now affected, files are different.

The problem appears to stem from an update Microsoft released in
November 2006, which contained new versions of some system files, as
PCs which have not applied this update are unaffected.

So it may not be entirely Symantec's fault then...

Has a problem like this occurred in the U. S. or Europe yet ? If it does,
woe be someone...

Malv

 

[Lil' Dave]

A Chinese computer set-up and a set-up in non-oriental countries are vastly
different. So the relevant, now affected, files are different.

Has nothing to do with The Americas/Europe.

So it may not be entirely Symantec's fault then...

Makes sense that MS would inform the virus software manufacturers in advance
of releasing an update that may be sniffed as virus. And providing the
sample to them for their virus definition updates.

Has a problem like this occurred in the U. S. or Europe yet ? If it does,
woe be someone...

Malv

No. If it did, would be all over the newsgroups. The version of NAV that
comes with Norton 360 is NAV 2007. I have NAV 2007 on one of my PCs. Both
windows updates mentioned by the OP are installed.

The original post was intended for starting flame wars in my humble opinion.
Such replies would be knee-jerk. Ignoring what you've pointed out.
Dave

 

[Puss in Boots]

Antivirus software is actually a lie.

* Can you feel free to download and run any EXE file from the net just
because you have antivirus software?
* Without antivirus software, you can still get a very very high
security level by running those suspicious EXEs in a virtual machine.

Therefore, antivirus software is one of the biggest lies in computer
history...

 

[Homer J. Simpson]

Antivirus software is actually a lie.

* Can you feel free to download and run any EXE file from the net just
because you have antivirus software?
* Without antivirus software, you can still get a very very high
security level by running those suspicious EXEs in a virtual machine.

Therefore, antivirus software is one of the biggest lies in computer
history...

Anti-virus != anti-user stupidity

 

[AJR]

China - number source and use of pirated software.

Interesting statement "...security level by running those suspicious EXEs in
a virtual machine...." - a function of UAC, included with Vista, is to check
if an application was designed with "Administrative" rights - meaning it can
be a source of malware, spyware, etc.

If the application does and is not "certified or signed, UAC asks permission
to "Allow" the application to run - if granted UAC creates "Virtual" copies
of any system value, such as the Regisrty, that the application requires and
has the application use the virtual sites thereby protecting the "real"
system

Yet - users complain want to get rid of or turn off UAC - not fully
understanding its function.

 

[Homer J. Simpson]

Yet - users complain want to get rid of or turn off UAC - not fully

understanding its function.

I've always argued that the problem with UAC is that it's so damned chatty
most people will just end up blindly clicking 'ok' out of sheer habit, or
turning it off entirely...leaving the system as vulnerable as any previous
version.

Leaving security as an end user decision hardly constitutes any security at
all.

 

[AJR]

Homer - you got it!

I've always argued that the problem with UAC is that it's so damned chatty
most people will just end up blindly clicking 'ok' out of sheer habit, or
turning it off entirely...leaving the system as vulnerable as any previous
version.

Leaving security as an end user decision hardly constitutes any security
at all.