Earlier this week, Russian anti-virus vendor, Kaspersky Lab released a faulty signature update to its software which then proceeded to falsely identify Windows Explorer as containing the Huhk-C virus.  This led to problems for some users as a majority of Windows features were now disabled.

Windows Explorer goes by the process explorer.exe in the task manager and is responsible for the user interface of the operating system.  If Windows Explorer becomes disabled, the start bar, icons and many basic system functions can no longer be accessed.

Kaspersky claims the false alarm lasted about two hours before the update was pulled from the database.

David Emm, a senior technology consultant at Kaspersky Lab spoke with Cnet about the issues saying that his company is currently examining why and how the false positive “slipped through the net.”

He went on to say that Kaspersky will reexamine its systems to see if they can be tightened up to prevent this from happening in the future.  Just about every anti-virus company has had its share of false positives, however, he all but said that is no excuse.

A handful of enterprise customers received the faulty update as well as a few home users.  For those affected by the issue, Kaspersky has provided procedures for a local and remote fix.  Users who have not changed the default behavior of the program simply have to remove explorer.exe from the quarantine list.

Further assistance in rectifying any issues is available from Kaspersky support.

Related:

Entry was posted on Saturday, December 22nd, 2007 at 11:04 am under Antivirus, Uncategorized.

Read more entries by Jonathan Schlaffer.
Stumble It!