Bad Kaspersky antivirus update prevents business and home users from accessing websites

Users are advised to temporarily disable the Web protection component in their products and install a new update in order to fix the issue

A faulty antivirus update issued by Kaspersky Lab on Monday left many of its home and business customers unable to access any websites on their computers.

Systems administrators using Kaspersky Endpoint Security (KES) on their corporate networks started reporting the problem on Kaspersky's support forum on Monday afternoon, Eastern Time. The reports kept piling up until late in the evening.

"I have ~12,000 machines running KES8 and my help desk started getting calls about an hour ago saying users were having problems accessing various web sites," one user named bradb21 reported.

Other users confirmed the problem and attempted to troubleshoot it themselves. Some reported success after disabling the Web protection component or turning off the product's monitoring for port 80, 443 and other Web proxy ports.

Users later posted responses they had received from the company's technical support representatives. This included a recommendation to temporarily disable the Web antivirus component on the affected computers via the management console, force them to perform a new definition update and re-enable the Web antivirus.

Most users reported that the problem manifested itself only on Windows XP systems. However, the faulty update didn't just affect business antivirus products, but consumer ones as well.

"The issue was caused by a database update released on 4/2/2013 at 8:52:00 PM MSK [Moscow Standard Time] that resulted in the Web Anti-Virus component in some products blocking Internet access," a Kaspersky representative said Tuesday via email. "The problem only affected x86 systems with the following products installed: Kaspersky Anti-Virus for Windows Workstations 6.04 MP4; Kaspersky Endpoint Security 8 for Windows; Kaspersky Endpoint Security 10 for Windows; Kaspersky Internet Security 2012 and 2013; and Kaspersky Pure 2.0."

The problem was fixed with a database update released on Jan. 5 at 2:31 a.m. Moscow Standard Time (Jan. 4 at 5:31 p.m. ET), according to the Kaspersky representative.

Computers that download updates via the Kaspersky Administration Kit or Security Center management console will receive the fix automatically. However, computers that are configured to download the antivirus updates directly from Kaspersky's update servers will need to first have the Web Anti-Virus component disabled, the Kaspersky representative said.

"Kaspersky Lab would like to apologize for any inconvenience caused by this database update error. Actions have been taken to prevent such incidents from occurring in the future," she said.

Faulty antivirus updates are not uncommon and nearly every antivirus company has had to deal with them at one time or another. The impact of a bad update, however, is different from case to case and can range from a mild annoyance to hours of downtime.

There have been cases when bad antivirus updates deleted critical system files and left computers unable to boot into the operating system. In such situations, fixing the problem can require manual intervention, which can be a very time consuming task, especially on corporate networks with hundreds or thousands of computers and offsite branches.

Join the CSO newsletter!

Error: Please check your email address.

Tags securityantiviruskaspersky lab

More about KasperskyKasperskyPure

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucian Constantin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place