Scores of Windows machines crashed today after a tainted Kaspersky Lab anti-virus update severed internet access for enterprises and home users.
The update, which has since been corrected with a subsequent fix, caused HTTP traffic to ground to a halt on Windows platforms.
Angry users took to Twitter to vent steam and ask Kaspersky how to address the problem. One Australian IT manager, speaking to SC Magazine Australia on condition of anonymity, said he arrived at his business to find workstations crippled and a backlog of user support requests. He said his Windows XP and Windows 7 64-bit machines were affected.
A Kaspersky engineer told SC that users that have updates handled through the security centre will have the fix automatically applied, while others will need to disable web anti-virus first.
A Kaspersky statement said: “The issue was caused by a database update released on 4/2/2013 at 8:52 pm (Moscow time) that resulted in the web anti-virus component in some products blocking internet access.
“The problem only affected x86 systems with the following products installed: Kaspersky Anti-Virus for Windows Workstations 6.04 MP4; Kaspersky Endpoint Security 8 for Windows; Kaspersky Endpoint Security 10 for Windows; Kaspersky Internet Security 2012 and 2013; and Kaspersky Pure 2.0.
“An initial workaround, suggested immediately after the problem was identified, recommended disabling web anti-virus or rolling back updates. At 2.31am Moscow time today, the problem was fixed by a database update which has already been uploaded to public servers. Customers need to perform a database update to resolve the issue.
“If an affected machine updates from Admin Kit/Security Center, then updates will be downloaded automatically. If a machine updates directly from our servers, then the initial workaround should be applied first (disabling the web anti-virus component). Internet connectivity will then be restored and the customer will be able to download the most recent database update.
“Kaspersky Lab would like to apologise for any inconvenience caused by this database update error. Actions have been taken to prevent such incidents from occurring in the future.”