Current Activity - McAfee DAT 5958 Issues

[Current Activity <us-cert () us-cert gov>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

McAfee DAT 5958 Issues

Original release date: April 21, 2010 at 3:04 pm
Last revised: April 21, 2010 at 3:04 pm


US-CERT is aware of public reports indicating that McAfee DAT release
5958 is incorrectly identifying the valid system file,
C:\Windows\system32\svchost.exe, as containing malicious code. Reports
indicate that a false positive detection occurs on Windows XP Service
Pack 3 systems. Symptoms include a denial-of-service condition when
the McAfee software attempts to clean the file.

McAfee has released an extra DAT file to rectify the detection of the
false positive. US-CERT encourages users and administrators to review
the McAfee Virus Profile: W32/Wecorl.a and apply the extra DAT file as
necessary to mitigate this issue.

Relevant Url(s):
<http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=265240#none>

====
This entry is available at
http://www.us-cert.gov/current/index.html#mcafee_dat_5958_issues

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS89NJD6pPKYJORa3AQJwoAf/b5avT+CysYZ/CE+aApo8cTUw1hejpSLo
1Q+NvW0QhysUMslRnlTf5cn7uUY3HsA6OAxIBT0It2dz9T2N6zu0sB4rUWCRsi7h
8vpciUXr2m9ZwN7FnjbihTdTXXzKamBljmnw/eddMUzGyTothIpdc2qiYhQfQ5Rz
U3Xb0y2Gwps+AV6TV6aKWOd0ELiiSJdjjTBSK2tGNcXZZ73qxBxNS2+WtfudcrvN
qNVPYTEiGjyrHDZwL/QN+n5q1oKHUjNAw0mrVGge4fnj7yspxIHVhr9bXhYwGhqo
UBzX18AD7cyKL4Pn82AZ0BAnyTqDQFHHVDNzjP1Mv4DKkt0US25h2A==
=OtoZ
-----END PGP SIGNATURE-----