March 20, 2010

A faulty update  is being blamed for incapacitating an untold number of Microsoft Windows systems running anti-virus software from BitDefender.

BitDefender says the problem occurred Saturday morning with a faulty update for 64-bit Windows systems that  caused multiple Windows and BitDefender files to be quarantined. The bad update causes the anti-virus program to flag thousands of legitimate Windows and BitDefender program files as a threat called “”FakeAlert.5”.

The Romanian software firm  said the glitchy update has been removed and that the company is working on a fix for the problem.  BitDefender’s user forum has lit up with complaints from customers, and the company appears to be fielding quite a number of inquiries on the problem via its Twitter page.

“We are creating a patch that will restore all quarantined files,” the company said in a statement on its site. “The patch will be available shortly. We apologize for this error and we will work to prevent this from occurring again in the future.”

BitDefender has posted partial recovery instructions for users who are having trouble booting up Windows after this bad update, although several apparent users commenting on the company’s Twitter feed indicated they were still unable to boot after following the instructions.

Meanwhile, Bitdefender representatives on Twitter are warning users that malware writers already are taking advantage of the situation, and urging users to download the fix — whenever it is made available — only from BitDefender’s Web site.


39 thoughts on “Bad BitDefender Antivirus Update Hobbles Windows PCs

  1. Saul

    We are working to address all issues pertaining to this update WinOS-64 bit update problem.

    1. The solution update patch that we will be releasing soon will address those whose files have been quarantined causing problems with their system.

    2. We will also be sharing a solution for those people who are experiencing boot issues as a result.

  2. JCitizen

    How unfortunate! BitDefender is known as one of the best AV scanners going. I hope they recover from this!

    1. Bryan

      Never heard of BitDefender. Then again, I wouldn’t get caught surfing the Web with Windows. Sounds like the typical chaotic “weeping and gnashing of teeth” associated with people using that platform. I just laugh at them.

  3. TJ

    This a perfect example of why people should invest in a disk imaging program such as Acronis True Image or Norton Ghost. In less than ten minutes, you can restore a pristine image of Windows or (in this case) just the Windows system files using a bootable rescue disc. Acronis cost about $40 and has saved my butt countless times.

    1. JCitizen

      I’ve used Norton, but I trust Acronis more. I’m switching as soon as I get the money.

    2. Solo Owl

      That works fine until you image the disk after the infestation, or broken hotfix, occurs. Then both the original disk and the image or ghost are useless. Then where are you?

      1. TJ

        Well, the key is to ALWAYS keep at least one default image of Windows in a pristine, uncompromised state that you can refer back to in a pinch. If you continuously backup your actual data on a separate drive, restoring the default Windows image eliminates the malware infestation and gets you back up and running in a safe environment in a matter of minutes. You may need to reinstall some applications and run Windows update, but you’ll be very close to being whole again.

        That said, in addition to creating a default Windows image, I also create an image that includes all of my primary applications along with the latest Windows updates.

      2. Richard

        A single disk image backup is not enough. Acronis TrueImage makes it easy to do a full image, then daily incremental images – I start again with a full image every two weeks, and keep 2-3 backup cycles stored on a home server.

        I also use Mozy backup for data files, just in case there’s a disaster and both PC and server are lost.

  4. Raluca

    Hi, my name is Raluca and I am a BitDefender representative.
    We are very sorry for the situation created, due to our mistake we have caused many issues, and we understand and respect the magnitude of this circumstance.
    Just to give you an update, the solutions can be found here:
    http://www.bitdefender.com/site/KnowledgeBase/consumer/#638

    If the provided solution does not work for you, then please try tu run the patch in safe mode and contact our support lines with the exact error message, check out forum.bitdefender.com or our @bitdefender Twitter account.
    Thank you again for your understanding, we will keep you updated!
    raluca

  5. John

    Wow, it looks like 2 out of the 5 comments made so far are from BitDefender reps. KrebsOnSecurity is obviously well respected in the computer security field, having the anti-virus and anti-malware firms keeping tabs here. I would think that 64 bit versions of Vista and Windows 7 are relatively low (for now), percentage-wise, in the overall number of installed machines. Does anyone have a reliable number of platforms running 64 versus 32 bit versions?

  6. gareth evans

    Just to let people know. I am a Bitdefender user. This problem is *serious*. I am not a computer newbie, and used to be a programmer.

    One would expect the usual platitudes from company representatives etc. Some people can’t get back into their systems (a whole host of system files were quarantined). Program files DLL etc go missing, and the bitdefender program manages to *screw itself up* (flags itself as a virus).

    There IS NO simple solution. It depends on what order you did things, did you reboot then re-install BD, or did you un-install, re-install reboot. Did you stop DB before it hosed itself. Did you run system restore etc etc etc.

    There are posts of users on the forums stating that files in their “quarantine” folder have been deleted. Despite having applied that patch etc, the files are gone.

    Also I’d like to point out that when this first hit a lot of “platitudes” were being posted on the forums to try to “contain” the issue. I feel this as wholey inappropriate. A lot of users have lost files *permenantly* due to Bitdefender : FACT. No amount of statements from Bitdefender about working on the “issue” (developers euphamism) or sending out patches change the fact that users have *lost data* and had their systems made unbootable.

    How did this get pass Quality Assurance? Did they even try it on Windows 64 bit systems? No virus has ever caused me such a hassle. This also throws into doubt Bitdefenders “File Vault” service. Atfer this debacle I don’t even trust them not to screw up my computer, let alone look after my files!

    Users on the forums are begging for what to do next incase bitdefender gets them into more trouble, if you don’t believe me read the thread on their forums called “bad update or?”

    Seriously this is like being transfered into a time warp back to the 1990s era of computing, I’d expected a lot more from this product, I trusted them to provide Security Service. They have failed completely.

  7. M Henri Day

    Is it permitted to point out that not only do there exist alternatives to BitDefender, there also exist alternatives to Microsoft Windows OS ?…

    Henri

    1. JCitizen

      Sure it is permitted?! However my clients won’t switch. Partly because I am a poor salesman, but mostly because they find alternate applications to be insufficient, and won’t let me demonstrate Wine on Ubuntu – for example.

      So my clients are stuck with Windows. I have a few using Macs, but they have airport problems all the time. Apple should probably get out of the wireless/router/network business.

      1. M Henri Day

        I’m in a somewhat similar postion, JCitizen – I help retirees with their computer problems and while I’ve been able to show them that certain alternative applications meet their needs as well as, if not better, than legacy apps, I find myself diffident about suggesting changing to a non-Windows OS. So can it go ! As to why I asked if it was permitted to suggest an alternative, note that I’ve already received one negative vote for having the temerity to indicate that the navel of the known universe may not be located in Redmond….

        Henri

        1. JCitizen

          Sorry you received negative there M Henri! I think folks are worried that this blog will turn into the typical flame war on Windows vs. OSS that we are ALL tired of, so they may be sensitive.

          I am open minded about it, myself. I like Kubuntu for the KDE interface. The newbies don’t seem to recoil from it as much.

          Myself, I’d probably like Gnome better, but just haven’t had the time to test my favorite distro yet! =)

          1. BNSGuy

            I agree. I’m tired of the constant devolution into windows/ms vs . But this is NOT about the OS. This is about a software vendor that failed miserably. Lets stay on target!

      2. Jeff Groves

        Strange that I’ve had zero problems with Airport equipment on the 3 Macs and TimeCapsule at my house for quite some time.

        Have they installed all of the updates for their OS and TimeCapsule?

        1. JCitizen

          Yeah we checked that, something about his guest account, I only helped him with the usual simple checks, like pinging the ISP. I knew he’d figure it out, and it turned out to be some kind of uncommon brain fart. I never noted it, because, as you say, it is pretty rare. My apple clients rarely need any help as they are usually competent PC techs, themselves. However these incidents have all been in the last six months.

          In the other cases, my clients never reported the fix, as I had the local apple store number, and they would be better served that way. I just run them trough the troubleshooting listed at the Apple website for airport routers to make sure it isn’t something simple.

  8. mhenriday

    «But this is NOT about the OS. This is about a software vendor that failed miserably. » You are assuming, BNSGuy, that failures in the security tool discussed in the article have nothing whatsoever to do with vulnerabilities in the OS on which it operates. Would you care to present any evidence which would make so convenient an assumption plausable ?…

    Henri

    1. BattleChicken

      <>

      How are you not doing the same thing?

      Would you care to present any evidence that this problem is the fault of Windows, as opposed to sloppy testing from the AV vendor?

    2. BNSGuy

      Henri, the most compelling evidence falls into two parts. First: The vendor admitted culpability. Second: AFAIK, there are no reports of similar failures from other AV vendors. If the issue had been OS related (as in a newly discovered vulnerability) it is unlikely this would be the case.

  9. gareth evans

    This is NOT a Windows issue.

    I has to do with a non “type tested” patch and virus signatures being released. No matter what the OS, a non tested patch/update can cause problems.

    This is an issue with the Bitdefender company releasing a product to their customers that they had not even bothered to test on a *single 64 bit Windows 7 machine*. As far as I am aware the issue affected anyone running Windows 7 64 bit.

    When I worked in the NHS in the UK, products would often have to be regression and type tested against several builds and configurations before it was released. In this case, they did not even test it on *a whole operating system*!!

    It’s that negligent. We are not talking about users with custom DLL , or a beta or development release, or users of product XYZ. No its just anyone with plain vanilla Windows 7 64 bit.

  10. Andy

    I just fixed this problem. It really got me to wondering what’s trusted and what’s not. Anyway, wasted a few hours of my life in fixing the problems that could have been avoided by thorough testing before the patch was released. I’m still ready to keep my faith in BitDefender but just hope that this never happens again.
    Thanks for posting the solution guys.

    1. Raluca

      @Andy, thank you for keeping your faith in us. I want also to let you know that this issue with Windows 64 bit OS experienced on Saturday was isolated and the update withdrawn shortly afterwards.

      Our teams have been working around the clock to minimize the impact, including one-on-one support to fix the issue as quickly as possible.

      1. Andy

        Hello Raluca,

        I understand that you guys are working hard to fix this issue. Appreciate your help and support at all times.

        Regards.

    2. Leona

      Hi Andy,
      My pc still won’t boot. The techs are just blowing me off now. Can you please tell me how you got yours fixed? I’ve been working on this almost 24/7 since Sat. doing everything the techs suggested, nothing has worked. Any help you can give me would be greatly appreciated.

      1. Raluca

        Hi Leona,

        Try to run the BitDefender rescue CD- you will find complete instructions here:
        http://www.bitdefender.com/site/KnowledgeBase/consumer/#650
        We also have a video walkthrough that you can find here:

        http://www.youtube.com/watch?v=yvSmZdmrUc8
        Please do not hesitate to contact us directly trough the BitDefender support forum or trough our @BitDefender Twitter account as well. Thank you for your understanding and let me know if there is anything I can help you with.
        Raluca

  11. Rohit Prakash

    BitDefender’s update mechanism has remained a trouble for me. When I used to sell BitDefender products few years back, my customers always complained about update failures.

    Even today, sometimes I notice that the update progress bar crosses 100% mark and start showing 500%.

  12. Phoenix

    Speaking of updates, Firefox 3.6.2 just arrived on my desktop ahead of schedule (rushed out?). I suppose the patches the problem Secu8nia has reported.

  13. M Henri Day

    Thanks for yet another tip, Phoenix ! I’ve been using the FF 3.6.2pre nightly builds as my default browser and had expected the update to the standard 3.6 version to come next week as stated earlier by Mozilla. Kudos, in any event, to the foundation for the speed with which the vulnerability was patched !…

    Henri

  14. Mr. DAD

    How come it appears that I’m the only one suffering when this happened to me since I have a 32 BIT System, not a 64 BIT system? Anyone else?

  15. tommy townsend

    Well, here we are almost a year later and it has happened again! Don’t these idiots know how to test their software before they release it?

    1. JCitizen

      Maybe it is time to switch to Avast! I know I did! Avast has never let me down in the four years I’ve used it since I gave up on Bit Defender.

  16. BD Carmen

    @tommy townsend:

    First and foremost I would like to assure you that we learned much since the False Positive alert and we took strict measures to prevent such things in the future.

    We definitely did not release any faulty update since then which could detect system files as being infected. It is true we have sometimes, as any other security solution, false positives. However this would not effect the Operating System.

    The heuristic engines, that provides extra level of protection against unknown infections without virus signatures, can cause sometimes false positives at this point in time. We are constantly working to improve the scanning engines and release updates.

    If you are encountering any issue with the scanning process and detection we are more than glad to assist. Please feel free to contact us by any of our Support Channels: phone, Live Assistance, email or Forum.

    Thank you,
    Carmen

    1. tommy townsend

      Carmen,
      It depends on what you mean by “faulty update”. I’m sure that the BDIS heuristics engine is comparable to your competitors but no matter how good they are, if your software crashes you are left with no protection at all. That is exactly how two of my PC’s were infected with viruses recently. Check out the BitDefender Forums for “gray ball” issues. It’s ridiculous how many people are complaining about this problem and yet it never gets fixed permanently. This problem just keeps coming back. And yes, I have submitted complaints in the BD Forums and have submitted problem tickets to the support group. I’m tired of having to help trouble shoot their software. I’m tired of the excuses. I’m tired of the Hangs and Gray Balls that I’m supposed to pay attention to (and reboot if it happens). I’m tired of having my PC unresponsive because VSSERV is using up 90% of the CPU. I’m just plain tired!
      However, I’m not too tired to continue posting, in any Forum that will allow me, my personal experiences with BitDefender 2010/2011 so that others do not make the same mistake that I did and that was to purchase this product. BitDefender continues to refuse to acknowledge that this product has it’s problems. They should offer refunds to those of us that are experiencing problems with this product but instead try to convince users that the problem is with conflicting applications that they have failed to remove from their PC. Give me a break!

      My next complaint will be to the folks that rate these Security tools. I don’t know how BitDefender gets the good ratings that it does but it certainly does not deserve it. I’m hoping that I can change that.

      One really pissed off BD customer,
      Tommy Townsend

  17. BD Carmen

    We are sorry for your experience Tommy. BitDefender has hundreds of millions of customers worldwide and it is inevitable that sometimes some encounter issues which are due to the product but that can also be due to system requirements, OS updates, and many others.

    However most of our customers are very happy with our product and evidence of that are the millions of positive reviews we get every year from customers and also independent testing agencies. It is unfortunate that we couldn’t make you happy like other customers.

Comments are closed.