A faulty virus pattern file that Trend Micro released on Friday resulted in higher-than-normal CPU consumption, causing system slowdowns and problems for some of its OfficeScan, PC-cillin and ServerProtect customers. According to Trend Micro, the problems were caused by “insufficient work in compatibility testing” before the update was publicly released.
“Approximately 3:30 p.m. Pacific time Friday, we posted a virus pattern file that unfortunately had the potential to interact with certain computing configurations and cause computer performance issues for some customers running Microsoft Windows XP SP2 [Service Pack 2],” said Michael Sweeney, a spokesman for Trend Micro Inc. in Cupertino, Calif.
Sweeney said Trend Micro provided a set of solutions for customers on its Web site Friday evening, extended support hours throughout the weekend and worked with its channel partners in the United States to help solve the problem.
“We apologize for the impact we may have caused, and weve certainly begun making investments and improvements to ensure such a problem doesnt happen in the future,” Sweeney told eWEEK.com.
Trend Micros OPR (Official Pattern Release) 2.594.00 was designed to target the growing number of “bot” threats that infect computers, which can be controlled remotely by hackers to spread viruses or spam. One of the patterns within the OPR caused as much as 100 percent CPU utilization, with the potential to lock up users machines. The update was available for roughly 90 minutes, and users had to have automatic updates enabled or had to manually download the file during that time in order to receive the file.
“We brought it down, removed it from our update servers and Web sites, and subsequent pattern file downloads dont cause these issues,” Sweeney said. The company has advised customers to upgrade immediately to OPR 2.596.00 or higher, which it released about two hours after removing the flawed file.
Specific computer configurations also had to be met, and so far, Trend Micro has found issues with several versions of OfficeScan, ServerProtect and PC-cillin running on XP SP2, Windows 2003 SP1, Windows 2000 SP4 and Windows ME. The file could cause issues for both enterprises and consumer customers.
The company isnt sure how many customers were affected, but because the file was available for a short time, Sweeney said it was likely a “subset of a subset of a subset.” Nevertheless, the company said it continues its work with those customers still experiencing problems due to the faulty OPR.
Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.