Send the link below via email or IMCopy
Present to your audienceStart remote presentation
- Invited audience members will follow you as you navigate and present
- People invited to a presentation do not need a Prezi account
- This link expires 10 minutes after you close the presentation
- A maximum of 30 users can follow your presentation
- Learn more about this feature in our knowledge base article
When antivirus software cripples your computers
Transcript of When antivirus software cripples your computers
is a prominent antivirus software and computer security company based in Santa Clara, California. Its popular VirusScan product is used by companies and individual consumers across the world, driving its revenues of $1.93 billion in 2009.
The company has worked to compile a long track record of good customer service and strong quality assurance.
At April 21, 2010, McAfee made a blunder that threatened to destroy that track record and prompted the possible departure of hundreds of valued customers. McAfee released what should have been a routine update for its flagship VirusScan product that was intended to deal with a powerful new virus known as "W32/wecorl.a". Instead, McAfee's update caused potentially hundreds of thousands of McAfee-equipped machines running Windows XP to crash and fail to reboot.
How could McAfee, a company whose focus is saving and preserving computers, commit a gaffe that accomplished the opposite for a significant portion of its client base? That was the question McAfee's angry clients were asking when their computers were crippled or totally non-functional.
The updates mistakenly targeted a critical Windows file, svchost.exe, which hosts other services used by various programs on PCs.
To make matters worse, without svchost.exe, Windows computers can't boot properly. Companies using McAfee and that relied heavily on Windows XP computers struggle to cope with the majority of their machines suddenly failing.
Angry network administrators turned to McAfee for answers, and the company was initially just as confused as its clients regarding how such a monumental slipup could occur. Soon, McAfee determined that the majority of affected machines were using Windows XP Service Pack 3 combined with McAfee VirusScan version 8.7.
McAfee conducted a more thorough investigation into its mistake and published a FAQ sheet taht explained more completely why they had made such big mistake and which customers were affected. The two most prominent points of failure were as follows: first, users should have recieved a warning that svchost.exe was going to be quarantined or deleted. Next, McAfee's automated quality assurance testing failed to detect such a critical error because of what the company called "inadequate coverage of product and operating systems in the test systems used."
The only way tech support staffs working in organizations could fix the problem was to go from computer to computer manually. McAfee released a utility called "SuperDAT Remediation Tool," which had to be dowloaded to an unaffected machine, placed on a flash drive, and run on Windows Safe Mode on affected machines. Because affected computers lacked network access, this had to be done one computer at a time until all affected machines were repaired.
The total number of machines impacted is not known but it doubtless involved tens of thousands of corporate computers. Needless to say, network administrators and corporate tech support divisions were incensed.
Regarding the flaws in McAfee's quality assurance processes, the company explained in the FAQ that they had not included Windows XP Service Pack 3 with VirusScan version 8.7 in the test cnfiguration of operating systems and McAfee product versions. This explanation flabbergasted many of McAfee's clients and other industry analysts, since XP SP3 is the most widely used desktop PC configuration.
McAfee was criticized for its slow response to the crisis and for its initial attempts to downplay the issue's impact on its customers. The company released a statement claiming that only a small fraction of its customers were affected, but this was soon shown to be false. Two days after the update was released, McAfee executive Barry McPherson finally apologized for customers on the company's blog. Soon After, CEO David DeWalt recorded a video for customers, in which he apologized for and explained the incident.
Case Study Questions
What management, organization, and technology factors were responsible for McAfee’s software problem?
Management Factor: When the test simulation were done, management didn’t run these for windows XP with service pack 3. Users using the McAfee Virus Scan were using Widows XP service pack 3 and the viruse scan version 8.7, these affected to faulty update download.
Organization Factor: The only way tech support staffs working in organizations could fix the problem was to go from computer to computer manually.
Technology factor: McAfee released a utility called “SuperDAT Remediation Tool,” which had to be downloaded to an unaffected machine, placed on a flash drive, and run in Windows Safe Mode on affected machines.
What was the business impact of this software problem, both for McAfee and for its customers?
The customers were angry because their computers were crippled or totally non-functional. The updates mistakenly targeted a critical Windows file, svchost.exe, which hosts other services used by various programs on PCs. And it automatically damages the customers files.
The impact for McAfee is that its reputation becomes worse and McAfee was criticized for its slow response to the crisis and for its initial attempts to downplay the issue’s impact on its customers. It only takes a single slip up or oversight to cause significant damage to an antivirus company's reputation.
If you were a McAfee enterprise customer, would you consider McAfee’s response to the problem be acceptable? Why or why not?
In some instance the response of McAfee to the problem is acceptable because they have a reputation to protect and that explains their evasive behavior. However, in reality the company's response to the problem was not really acceptable because a lot of customers and companies were affected, lost their data and were unable to reboot their computers. They also lost countless opportunities which are supposed to be generated by the computer.
What should McAfee do in the future to avoid similar problems?
They need to check every details of their products, test their software before they sell it in the market. When it comes to responding to problems like what had happened, they should be fast in order to avoid great chaos. Also they should not take for granted even the smallest thing or problem because sometimes it's one of the reasons why the situation becomes worse.