McAfee reacted by warning users not to download today's update if they haven't already, and by posting recovery instructions and a signature update to suppress the defective one seeded to users earlier. "Apply the EXTRA.DAT to all potentially affected systems as soon as possible," the company recommended. "For systems that have already encountered this issue, start the computer in Safe Mode and apply the EXTRA.DAT. After applying the EXTRA.DAT, restore the affected files from Quarantine." Unfortunately, those instructions and the suppression EXTRA.DAT update file are not currently available, again because McAfee's support site has gone dark.
Instead, users can reach the instructions and EXTRA.DAT file from elsewhere on McAfee's site.
"The faulty update has been removed from McAfee download servers for corporate users, preventing any further impact on those customers," Evers said. "We are not aware of significant impact on consumer customers and believe we have significantly limited such occurrence."
The company has yet to produce an updated signature definition file to replace the one that crippled computers. A month ago, a BitDefender update clobbered 64-bit Windows machines. In 2005, Trend Micro released a flawed signature update that slowed PCs to a crawl, and McAfee is far from the first anti-virus vendor to ship a flawed signature update. In May 2007, a Symantec definition file crippled thousands of Chinese computers when the software mistook two critical Windows .dll files for malware.
McAfee is working on helping customers affected by the rogue update, said Evers. "McAfee apologizes for any inconvenience to our customers," he added.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer or subscribe to Gregg's RSS feed. His email address is email@example.com.
Read more about security in Computerworld's Security Knowledge Center.