Subscribe

Panda detects own software as malware

Jon Tullett
By Jon Tullett, Editor: News analysis
Johannesburg, 12 Mar 2015
Panda users received persistent error messages after the AV software mistakenly disabled itself as malware.
Panda users received persistent error messages after the AV software mistakenly disabled itself as malware.

Panda Antivirus users struggled to repair their systems this week after the Spanish firm's products began detecting its own system files as malware, crippling "infected" systems until the company could rush out an emergency update.

"Do not reboot!" came an urgent missive from Panda support, warning that users who rebooted their systems in an attempt to resolve the problem could be faced with more complex recovery problems, since a fix might not automatically install.

Support forums around the world erupted with complaints, and ITWeb has received reports from local users who were affected - not for the first time either: Panda customers struggled with persistent bluescreen crashes late in 2014 and again early in 2015, caused by bugs in the company's Web filtering software.

In a media statement, Panda Security apologised for the incident and said "Panda Security has deployed an automated solution for all the products affected [and] a manual tool has been published...We have reviewed all the certification processes and have put [in place] all needed measures to avoid this from happening again."

"We had five sites affected by this," said one local IT manager who requested his company remain anonymous. "About 20% of all our Panda client machines. At least none of my servers, as we moved them over about two months ago because they were affected by the Panda bluescreen issue last year and after numerous attempts by Panda to fix the problem we made the decision to rather remove it from our servers and replace it with another antivirus software."

The user is struggling to recover systems, despite the quick action by Panda. "The update has not really worked. Impact on productivity has been severe as some departments have no computers to work on. Data has luckily not been affected adversely as yet. We are going to review our antivirus tomorrow as our subscriptions are expiring at the end of the month and we most probably will not renew at this stage."

The company's official advisory notes that several products are affected, including Panda Cloud Office Protection and retail editions of Panda 2015. The product should have automatically received updates to fix the problem, the advisory states, but describes manual steps to effect a recovery if it persists.

With this episode, Panda has joined the ranks of antivirus vendors who have mistakenly detected their own products or core system files as malware and taken user-crippling remedial action.

Unfortunately, it is not a particularly exclusive club: many vendors including Sophos, AVG, Symantec, Kaspersky, and Trend Micro have had similar issues over the years.

Share