Panda antivirus update causes software to flag itself

Posted Mar 13, 2015 by James Walker
An update to Panda's antivirus software programs has led to the software recognising some of its own core files as malicious malware. It then quarantined them, leaving itself unable to run and preventing computers from starting up.
Beware  computer viruses. Many computer users don t update anti-virus software
Beware, computer viruses. Many computer users don't update anti-virus software
Kacper Pempel / Reuters
As the issue became apparent, the company was forced to resort to Twitter to advise users "Please, don't reboot PCs. We'll keep you posted." For many affected users, their machines were left unable to boot once shutdown with the Panda update installed.
The number of affected users is not known. The issue began on Wednesday when an update to Panda's free antivirus, retail antivirus and enterprise cloud antimalware services was issued. A bug caused the software to detect its own signature file as invalid and malicious. Six separate Panda products were affected.
The program not only flagged up its own files as malware but removed files from the core Windows installation folder, System32. This left machines with no internet access post-reboot - making it impossible to automatically update Panda to resolve the issue - or in the worst cases completely unable to boot Windows successfully.
An advisory issued by the company on its website stated that "The signature file was repaired immediately" but warns that despite the publication of an automatic fix "in certain environments, it is possible for the incident to persist." Help is available to remove the faulty signature manually.
ZDNet notes how the incident seems reminiscent of McAfee's 2010 blunder when an update to its antivirus software led to the deletion of a critical Windows XP file from the system directory. This also caused loss of network connectivity or failure to successfully start affected computers.
A Panda spokesperson told ZDNet on Friday that 90 percent of the incidents are now believed to be fixed. The spokesperson did not give an indication of how many incidents there were, saying that "only a small part" of installations of the software had experienced issues.