Webroot antivirus flags key Windows files as malware, chaos ensues

Jos

Posts: 3,073   +97

Antivirus provider Webroot is causing quite a headache to customers today after a security update mistakenly flagged crucial Windows system files as malicious and moved them to quarantine. The company said the technical error propagated for 13 minutes starting at 11:52 a.m. MT on Monday, and that a kill switch within its systems kicked in to stop more systems from being affected.

The result was thousands of users with unstable or outright unusable machines as well as hundreds upon hundreds of complaints on social media and the Webroot community forum. There are also reports that Webroot misidentified Facebook and Bloomberg as phishing websites and blocked access to them.

The company has since posted a fix for its small-business customers on its community message board. It is also warning customers not to uninstall the security software or delete what was in the quarantine, which would make the files unrecoverable, and asked them to keep systems connected to the internet.

“The entire Webroot organization is dedicated to addressing this issue. Webroot is rolling back the false positives and is making progress on a comprehensive resolution. Customers should ensure that endpoints are on and connected to the internet to receive the automated fix. Users should not uninstall the product or delete quarantine. Businesses who would like to address the issue immediately can follow instructions posted on Webroot Support. Consumers who would like to address the issue immediately can follow instructions posted on the Webroot Community.”

The company is posting updates on the issue here. Those who need to address the issue immediately manually are advised to follow the instructions posted on Webroot Support.

Image credit: HavenLabs

Permalink to story.

 
Lol this is what happens when ppl think you need av to begin with. ms have been giving av for free since 2010. 8 and 10 alrdy come with it. most think a paid version will be better, it wont be.
apple and google also have their own av.
 
How did this happened in the first place. Are they using Mac or linux when testing the update before releasing. Or they just release updates without testing it first? Might be someone flagged the windows file and submitted it to webroot and webroot automatically added it to its virus list without even proper testing or QA.
 
I cant imagine being an average uneducated end user and having to deal with this, this kinda thing pushes people towards macs.
 
Lol, I was just about to say the same thing. Let's not forget, Windows is a nasty type of malware.

And the most secure and stable OS from MS to date.
Not sure where all this Windows telemetry backlash is coming from. Almost every piece of software and business spies on you.

Selling your data for profit is what bothers me more than a company using analytics to improve their product since no one wants calls from someone asking you to do it manually over the phone at dinner time.
 
Not sure where all this Windows telemetry backlash is coming from. Almost every piece of software and business spies on you.
just because 'everyone else does it' still does not mean it is acceptable, nor is it unfair that one company faces a backlash while others do not, it has to start somewhere.....maybe it is Windows because of its prominence and that it never used to be quite this bad (telemetry wise)
 
Must not happen often enough then, because Windows has 80%+ of the market... worldwide.
I didnt mention market share anywhere lmao, all I said was this encourages people to think twice before buying their next PCs
Anyone who goes from Windows to MAC cold turkey will come running back. Way too many differences for the average user who has only experienced Windows.
 
just because 'everyone else does it' still does not mean it is acceptable, nor is it unfair that one company faces a backlash while others do not, it has to start somewhere.....maybe it is Windows because of its prominence and that it never used to be quite this bad (telemetry wise)

I'm okay with it if it's used to improve the product.
 
just because 'everyone else does it' still does not mean it is acceptable, nor is it unfair that one company faces a backlash while others do not, it has to start somewhere.....maybe it is Windows because of its prominence and that it never used to be quite this bad (telemetry wise)

I'm okay with it if it's used to improve the product.
100% agree, especially if, as you mentioned, they are not selling the data
 
We had multiple clients report very important software was getting quarantined by Webroot. This created a lot of work for us so lets hope Webroot figures out what happened! Webroot has been great until now. :/
 
I have heard Windows 10 has lots of ADs and spyware in it.
Webroot just proved it!

Maybe Microsoft did try to do something sneaky and got caught by the detection system.
 
Back