In a message on its Web site aimed at consumers, McAfee promised to pay for repairs. "If you have already incurred costs to repair your PC as a result of this issue, we're committed to reimbursing reasonable expenses," the company said. "Steps to process your reimbursement request will be posted in the next few days."
There is no similar message on the flawed update help pages dedicated to businesses.
Since last Wednesday, when a McAfee anti-virus signature update wrongly identified a critical Windows system file as a low-threat virus, the company has stressed that few consumers were affected. Most of the PCs crippled by the flawed update, McAfee has said, were in corporations.
Some businesses reported that thousands of systems refused to boot properly, had lost their network connections, or both. According to comments added to a blog post by CEO David DeWalt, many were still trying to resuscitate PCs three days into the incident.
"We are now going on day three of fixing YOUR issue," wrote someone identified only as Amanda in a comment Friday. "Four people working much overtime, sending out disks to our satellite employees, and just plain dealing with junk that we shouldn't have to. I am personally three days behind on my work, and every time I get an angry phone call, I want to patch it through to your office."
Although McAfee apologized to customers last week -- which DeWalt repeated Friday in letter to customers -- it has revealed few details about how the defective update slipped through testing.
McAfee wouldn't be the first anti-virus vendor to pay for its mistakes.
In 2005, Trend Micro spent more than $8 million compensating customers, most of them in Japan, for a similar update fiasco. In 2007, Symantec gave free backup software and extended Norton anti-Virus licenses by 12 months to compensate Chinese users when a buggy updated knocked out their computers.
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, or subscribe to Gregg's RSS feed. His e-mail address is firstname.lastname@example.org.
Read more about security in Computerworld's Security Knowledge Center.