Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cloud
    • Cloud
    • Cybersecurity
    • Networking
    • PC Hardware

    Symantec Explains Why an Antivirus Update Crashed Windows XP Machines

    By
    Brian Prince
    -
    July 16, 2012
    Share
    Facebook
    Twitter
    Linkedin

      Symantec has shed more light on why an update to its security software spawned the infamous “blue screen of death” for some of its customers.

      An antivirus software update that Symantec issued on July 11 was discovered to be crashing Windows XP machines. According to Symantec, the problem was a compatibility issue in SONAR (Symantec Online Network for Advance Response) definitions. Once the cause was identified, the signature was removed from the definition set and an updated set was released July 12. No new issues have been reported since, according to the company.

      “The root cause of the issue was an incompatibility due to a three-way interaction between software that implements a file system driver using kernel stack-based file objects,” Symantec explained in a blog post. “The three-way interaction is between the software that implements a file system driver (using kernel stack-based file objects), the SONAR signature and the Windows XP Cache manager. The SONAR signature update caused new file operations that create the conflict and led to the system crash.”

      The blue screen of death describes what happens when various flaws cause Windows to crash, the computer locks up and displays a blue screen with some diagnostic data, which forces the user to reboot and often results in the loss of any data in the applications the user was working on when the crash occurred. The blue screen of death was much more prevalent in earlier versions of Windows, including XP, when it would be caused by a wide range of application and memory conflicts. The latest versions of Windows are generally more stable.

      In this case it appears the blue screen of death was triggered due to interactions with several products, such as PGP Whole Disk Encryption, Sophos LanCrypt, SlySoft Virtual Clone Drive and Novell ZenWorks. The problem was isolated to certain Windows XP machines with file system drivers running Symantec Endpoint Protection Small Business Edition (SEP SBE) 12.1, Symantec Endpoint Protection (SEP) 12.1, Symantec Endpoint Protection.cloud (SEP.cloud). Mac customers and users of Symantec Endpoint Protection 11 were not impacted.

      The incident caused a bit of an uproar among some of the company’s customers, with several posting comments to a Symantec blog posted after the issue’s discovery. A technology manager with Dutch company PSO Beheer BV told Reuters that the situation impacted some 150 PCs and forced the company to close a laboratory with equipment running Windows XP. Workers were sent home so they could access the network remotely, the manager, Ron van den Broek, told a reporter.

      “It did have quite an impact on our business,” he said last week. “My first impression is Symantec is downplaying the effects of this issue.”

      In response to the incident, Symantec detailed its assurance process for SONAR updates, which includes false positive and compatibility testing.

      “The compatibility-testing part of the quality-assurance process for SONAR signatures missed catching this compatibility issue,” noted Orla Cox of Symantec Security Response. “It is this part of our process that we will be improving to avoid future issues. We are currently restructuring our testing process to improve compatibility testing and will not be releasing new SONAR signatures until this new process is in place.”

      Editor’s Note: This story was updated to clarify the description of the blue screen of death.

      Brian Prince

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Big Data and Analytics

      Alteryx’s Suresh Vittal on the Democratization of...

      James Maguire - May 31, 2022 0
      I spoke with Suresh Vittal, Chief Product Officer at Alteryx, about the industry mega-shift toward making data analytics tools accessible to a company’s complete...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×