Now Reading
Panda Antivirus Mistakes Itself as Malware

Panda Antivirus Mistakes Itself as Malware

by Neil SardesaiMarch 15, 2015

A number of Panda Security’s antivirus products were recently affected by a bug where the software would label itself as malware. After a recent buggy Panda software update, the antivirus flagged core files as malware and put them in quarantine, effectively causing the antivirus to stop working. However, as many users noticed, Panda also incorrectly flagged Chrome, Firefox, and Windows Update as suspicious. The company posted a warning on Twitter urging users not to restart their PCs, as doing so left many machines unusable.

“Please, Don’t reboot PCs. We’ll keep you posted.”

Panda Deploys a Fix, Too Late for Some Users

Panda Antivirus Mistakes Itself as MalwareAccording to Panda, the issue was due to the signature file in the company’s Cloud Office Protection and Retail 2015 suites becoming corrupted. To Panda’s credit, the company has already deployed a fix for the buggy update. A company spokesperson told The Register,

“A bad update was published temporarily today [Wednesday] that resulted in some system files being detected by the Panda engine, a replacement update was promptly published removing the error and restoring the wrongly quarantined files.”

However, many users have ended up with bricked machines after rebooting since the bug caused Panda to remove core Windows files such as those in system32. Although Panda rolled out an automatic update to fix the bug, the company’s support documentation regarding the issue states that “in certain environments it is possible for the incident to persist.”

A Panda Security spokeswoman told the BBC, “We have solved 90% of the incidents, and support is being given in real time to the ones that still have some issues.” The company additionally stated that only 8% of “millions” of Panda customers were affected. However, 8% of a million is still a large number, and the issue has become a nightmare for many sysadmins.

“[Panda’s] detecting windows updates, office, chrome, firefox all as “suspicious items” and nuking them.

I’m just in awe how almost 170 users can get [****]ed like that. Just amazing. Looks like I’m going to be making a bunch of trips to the other offices now too. The next few weeks will be funnnnnnn.”

-Reddit user and sysadmin benderunit9000

Images from Shutterstock.

Advertised sites are not endorsed by us. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
What's your reaction?
Love it
Hate it