Tuesday, 25 April 2017

Webroot software flagging Windows files as malicious

Webroot upset many of its customers when one of its signature updates caused its anti-virus solution to flag critical Windows files as malicious.

The endpoint security provider's anti-virus platform melted down between 13:00 and 15:00 MST on 24 April. In that time span, Webroot began detecting legitimate Windows files, some of which are essential for Microsoft's operating system to function, as W32.Trojan.Gen, its generic name for a Windows trojan. The anti-virus platform responded by moving all these falsely flagged files into quarantine, rendering an untold number of computers inoperable.

The flawed update was in place for 13 minutes before Webroot pulled it. Subsequently, the security firm released a workaround that users can implement to recover their files. This solution works for home users who have one or two affected PCs. But it doesn't do much good for managed services providers (MSPs) that cater to hundreds or thousands of clients. For those clients, Webroot said in an update posted to its forums that it's "still working to resolve this issue through the night and will keep you updated as soon as more information becomes available."