Bad Kaspersky antivirus update prevents business and home users from accessing websites

Users are advised to temporarily disable the Web protection component in their products and install a new update in order to fix the issue

A faulty antivirus update issued by Kaspersky Lab on Monday left many of its home and business customers unable to access any websites on their computers.

Systems administrators using Kaspersky Endpoint Security (KES) on their corporate networks started reporting the problem on Kaspersky's support forum on Monday afternoon, Eastern Time. The reports kept piling up until late in the evening.

"I have ~12,000 machines running KES8 and my help desk started getting calls about an hour ago saying users were having problems accessing various web sites," one user named bradb21 reported.

Other users confirmed the problem and attempted to troubleshoot it themselves. Some reported success after disabling the Web protection component or turning off the product's monitoring for port 80, 443 and other Web proxy ports.

Users later posted responses they had received from the company's technical support representatives. This included a recommendation to temporarily disable the Web antivirus component on the affected computers via the management console, force them to perform a new definition update and re-enable the Web antivirus.

Most users reported that the problem manifested itself only on Windows XP systems. However, the faulty update didn't just affect business antivirus products, but consumer ones as well.

"The issue was caused by a database update released on 4/2/2013 at 8:52:00 PM MSK [Moscow Standard Time] that resulted in the Web Anti-Virus component in some products blocking Internet access," a Kaspersky representative said Tuesday via email. "The problem only affected x86 systems with the following products installed: Kaspersky Anti-Virus for Windows Workstations 6.04 MP4; Kaspersky Endpoint Security 8 for Windows; Kaspersky Endpoint Security 10 for Windows; Kaspersky Internet Security 2012 and 2013; and Kaspersky Pure 2.0."

The problem was fixed with a database update released on Jan. 5 at 2:31 a.m. Moscow Standard Time (Jan. 4 at 5:31 p.m. ET), according to the Kaspersky representative.

Computers that download updates via the Kaspersky Administration Kit or Security Center management console will receive the fix automatically. However, computers that are configured to download the antivirus updates directly from Kaspersky's update servers will need to first have the Web Anti-Virus component disabled, the Kaspersky representative said.

"Kaspersky Lab would like to apologize for any inconvenience caused by this database update error. Actions have been taken to prevent such incidents from occurring in the future," she said.

Faulty antivirus updates are not uncommon and nearly every antivirus company has had to deal with them at one time or another. The impact of a bad update, however, is different from case to case and can range from a mild annoyance to hours of downtime.

There have been cases when bad antivirus updates deleted critical system files and left computers unable to boot into the operating system. In such situations, fixing the problem can require manual intervention, which can be a very time consuming task, especially on corporate networks with hundreds or thousands of computers and offsite branches.

Tags: security, kaspersky lab, antivirus

Symantec draws new security picture

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]
Comments are now closed.
CSO Corporate Partners
  • Webroot
  • Trend Micro
  • NetIQ
rhs_login_lockGet exclusive access to CSO, invitation only events, reports & analysis.
CSO Directory

Endpoint Encryption

Robust data protection for PCs, smartphones, and removable media

Latest Jobs
Security Awareness Tip

Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).


  1. Have an incident response plan.

  2. Pre-define your incident response team 

  3. Define your approach: watch and learn or contain and recover.

  4. Pre-distribute call cards.

  5. Forensic and incident response data capture.

  6. Get your users on-side.

  7. Know how to report crimes and engage law enforcement. 

  8. Practice makes perfect.

For the full breakdown on this article

Security ABC Guides

Warning: Tips for secure mobile holiday shopping

I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.