Current Activity - McAfee DAT 5958 Issues

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

McAfee DAT 5958 Issues

Original release date: April 21, 2010 at 3:04 pm
Last revised: April 22, 2010 at 7:10 pm


US-CERT is aware of public reports indicating that McAfee DAT release
5958 is incorrectly identifying the valid system file,
C:\Windows\system32\svchost.exe, as containing malicious code. Reports
indicate that a false positive detection occurs on Windows XP Service
Pack 3 systems. Symptoms include a denial-of-service condition when
the McAfee software attempts to clean the file.

US-CERT encourages users and administrators to review the McAfee Virus
Profile: W32/Wecorl.a and apply the "extra.dat" and additional updates
provided by McAfee as necessary to mitigate this issue. Users should
ensure that they have installed DAT 5959 or greater before running any
on-demand scans.

Corporate users and administrators are encouraged to review the McAfee
Corporate Knowledgebase Article KB68780, while home users are
encouraged to review the McAfee FAQ Document TS100969.

Relevant Url(s):
<http://service.mcafee.com/FAQDocument.aspx?lc=&id=TS100969>

<https://kc.mcafee.com/corporate/index?page=content&id=KB68780&pmv=print>

<http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=265240#none>

====
This entry is available at
http://www.us-cert.gov/current/index.html#mcafee_dat_5958_issues

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS9Dc7T6pPKYJORa3AQIvcAf/UqSr9deOAhEFceEklPvImyXP/EVcY8V5
ZIYgzvMG17s/39VDNxYwLtKOvhj+h6+q7/+XKZqIeRlirm/cVNkNblp6zic2SyOA
30QsMGtCeTsttYpjfNOWZgxvaIVdjA8R08JfDcrDihaN7AhDdVH/CANZVMdDjEYI
6iTUtR/g8C1V9Ua35/D3FWjCeXI7rSaIY/I2MnyURiS9mWXQE+4ZXAsuA9c//QqX
cZpzPYXRdfJw5xF7xAagpUAbI3AJQS+5/f+lCtmPnyCoLKhflwBsXr/av0RsRFga
dy91U1uqeVP1R4dcUH0ZxmkX/g2UnzdYVSMbr961iaJEtemux1A0AA==
=IfjX
-----END PGP SIGNATURE-----