Antivirus provider Webroot is causing quite a headache to customers today after a security update mistakenly flagged crucial Windows system files as malicious and moved them to quarantine. The company said the technical error propagated for 13 minutes starting at 11:52 a.m. MT on Monday, and that a kill switch within its systems kicked in to stop more systems from being affected.
The result was thousands of users with unstable or outright unusable machines as well as hundreds upon hundreds of complaints on social media and the Webroot community forum. There are also reports that Webroot misidentified Facebook and Bloomberg as phishing websites and blocked access to them.
The company has since posted a fix for its small-business customers on its community message board. It is also warning customers not to uninstall the security software or delete what was in the quarantine, which would make the files unrecoverable, and asked them to keep systems connected to the internet.
“The entire Webroot organization is dedicated to addressing this issue. Webroot is rolling back the false positives and is making progress on a comprehensive resolution. Customers should ensure that endpoints are on and connected to the internet to receive the automated fix. Users should not uninstall the product or delete quarantine. Businesses who would like to address the issue immediately can follow instructions posted on Webroot Support. Consumers who would like to address the issue immediately can follow instructions posted on the Webroot Community.”
Image credit: HavenLabs