The latest update sent out by Internet Security company McAfee has locked up thousands of PCs worldwide.
The McAfee 5958 update has wrongly tried to fix the svchost file, which is required by Windows, thinking it was a malicious virus called wecorl.a
Impact of the McAfee 5958 Update
The w32/wecorl.a McAfee false positives have been confirmed by both McAfee and Microsoft to only affect the Windows XP SP3 platforms. This issue has caused significant disruptions for users, as the svchost file is a critical component of the Windows operating system. The svchost.exe process is used to host multiple Windows services, and its removal or corruption can lead to system instability and crashes.
Many businesses and individual users rely on Windows XP SP3 for their daily operations, and the sudden malfunction caused by the McAfee update has led to widespread frustration and downtime. The problem has been particularly challenging for organizations with large numbers of affected machines, as the manual fix requires significant time and effort to implement on each PC.
Steps to Resolve the Issue
Microsoft has released a manual method for XP SP3 users to correct the problem:
“Restart the computer in safe mode by pressing F8 before the Windows splash screen appears. Log on to the computer. Then, press CTRL+ALT+DEL, and then click Start Windows Task Manager. Select New Task (Run…) from the File menu. Type cmd.exe, and then press ENTER. Run the following command: ren “%programfiles%Common FilesMcAfeeEngineavvscan.dat” avvscan.old. This behavior removes McAfee virus definitions. Make sure that you update to the latest definitions (5959 DAT or newer) after you complete these steps to restore virus definitions. Run the following command: copy %systemroot%system32dllcachesvchost.exe %systemroot%system32 and press ENTER.”
This manual fix involves renaming the McAfee virus definitions file to prevent the faulty update from causing further issues. After renaming the file, users must update to the latest virus definitions (5959 DAT or newer) to ensure their systems are protected against actual threats. The final step involves copying the svchost.exe file from the system’s DLL cache to the system32 directory, restoring the critical file needed for Windows to function correctly.
Preventive Measures and Future Considerations
This incident highlights the importance of thorough testing and quality assurance in software updates, especially for security software that interacts closely with the operating system. Users and organizations can take several preventive measures to mitigate the impact of similar issues in the future:
1. Backup Systems Regularly: Regular backups can help restore systems quickly in case of software malfunctions or other issues.
2. Test Updates in a Controlled Environment: Before deploying updates across all systems, test them in a controlled environment to identify potential problems.
3. Stay Informed: Keep up-to-date with news and announcements from software vendors to be aware of any known issues or fixes.
In response to this incident, McAfee has likely reviewed and improved its update testing processes to prevent similar occurrences. Users affected by the 5958 update should follow the provided steps to resolve the issue and ensure their systems are running the latest virus definitions.
Via BBC
Latest Geeky Gadgets Deals
Disclosure: Some of our articles include affiliate links. If you buy something through one of these links, Geeky Gadgets may earn an affiliate commission. Learn about our Disclosure Policy.