Symantec Ships Norton SystemDoesn'tWorks 2007
Looks like Symantec’s antivirus software is a bit more “comprehensive” than we’d thought. A signature update to Norton AntiVirus, the antivirus component of the Norton 360 and Norton Internet Security suites, crippled thousands of Chinese PCs Friday, causing the software to flag two critical system files as hostile and erroneously quarantine them. “It’s a terrible day for lots of Chinese users (especially Enterprise Users) who use Norton products today,” a member of the Chinese Internet Security Response Team wrote. “Since this morning, we have received many reports from lots of users. They meet the same problem that Norton detects two system files ‘netapi32.dll’ and ‘lsasrv.dll’ as Backdoor.Haxdoor when they finish upgrading their database to May 17, 2007, and these two files will be deleted. After reboot, the operate system will be loaded into blue screen.”
Though Symantec was quick to remedy the false update, it didn’t do such a great job of notifying its users. In fact, it didn’t even bother to publish information about the error on its Web site–a bad idea when the Chinese media is running reports with headlines that translate roughly as “Norton manslaughter to be Chinese WinXP system to collapse.”
“I’d like to find out what specific products cause the crash (most of our clients run Symantec Corporate Edition), but the Symantec Web site notes nothing about it,” wrote one sys admin. “You’d think if you accidentally killed a few hundred thousand PCs in China, you’d mention it on your Web site hmm?, and put some links on how to recover from it.”