'Webroot made my PCs s*** the bed' – AV update borks biz machines hard

tim one

Level 21
Thread author
Verified
Honorary Member
Top Poster
Malware Hunter
Jul 31, 2014
1,086
Workaround is to disable the thing – no fix just yet for unlucky corps hit

Updated

Anti-malware firm Webroot has apologized after an update pushed out this week borked computers at unlucky companies, leaving the PCs unbootable.

El Reg learned of the issue through reader Andrew, who reported that the Webroot 9.0.15.43 update for enterprises has "s*** the bed," creating all sorts of problems on corporate networks. Windows systems crash with the following memory access error:

0x50: PAGE_FAULT_IN_NONPAGED_AREA
"It causes boxes to BSOD [Blue Screen of Death] in an unrecoverable state," Andrew explained. "Webroot have acknowledged the issue and are currently investigating it."

We're told affected machines struggle to boot up properly. There are workarounds described here, which involves disabling antivirus protection. Webroot confirmed to The Reg that there was an issue but said that only a minority of its customers are hit:

Webroot released a routine update on Tuesday 31 January, containing general fixes and minor feature enhancements. For most of our millions of customers, the service has run as normal. However, some customers have experienced a problem with the update, so Webroot's 24-hour support team has been working with them directly to remedy this quickly. If you are one of those customers, we sincerely apologize.
Essentially, the problem isn't fixed.

Another tipster, a sysadmin in the UK, wrote in today to tell us: "I'm currently dealing with some of the fallout from this, and scared about tomorrow as we have 700-plus installs of Webroot – including 130-plus in the US where we don't have any IT staff."

It sounds like a low-level component used by Webroot is touching memory it shouldn't, causing the kernel to stop. Typically, antivirus tools break computers by removing crucial operating system files, believing them to be malicious. This latest screwup is unusual in that not every customer appears to be affected. We're keeping a close eye on it. ®

Updated to add
Webroot has emitted version 9.0.15.50 to apparently fix the cockup:

Following reports of difficulties installing the latest Webroot SecureAnywhere Business (WSAB) update v9.0.15.43, a new agent release titled v9.0.15.50 has been deployed automatically to all of our WSAB customers on Thurs 2nd Feb 2017. This version provides relief to those customers experiencing installation problems.

Webroot apologizes for any inconvenience caused by this updated release. Our 24/7 Support team is briefed and available to customers who may have any questions or concerns about this update.
 
D

Deleted member 178

It was not the first time, and will not be the last. This my reason why i don't use 3rd party AVs anymore, i can't let other to "manage" my security.

You will see those kind of issues more often in the future, especially with AI fancy stuff; a bad algorithm and the system is smashed.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
It was not the first time, and will not be the last. This my reason why i don't use 3rd party AVs anymore, i can't let other to "manage" my security.
You can't let any antivirus to "manage" your security but you can let Windows 10 and Microsoft to "manage" your computer ("allow" Microsoft to install Windows Updates when they want, reset settings when they want...). Great! :D
 
D

Deleted member 178

You can't let any antivirus to "manage" your security but you can let Windows 10 and Microsoft to "manage" your computer ("allow" Microsoft to install Windows Updates when they want, reset settings when they want...). Great! :D
i was talking about security if you read carefully... and it install updates when i want , because i can block Windows Update totally. Don't assume people can't manage their OS because you cannot. :D

My OS is static and evolve only if i allow it.
 
Last edited by a moderator:
D

Deleted member 178

It's actually a security feature, if you can't boot your computer you can't get infected.
ROFL

remind me a guy saying is had 0% chance to be infected ever even by the most targeted virulent military-grade malware; everybody asked how? he just said, this machine never go on internet and never use or connect to external devices :D
 
Last edited by a moderator:

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
i was talking about security if you read carefully... and it install updates when i want , because i can block Windows Update totally. Don't assume people can't manage their OS because you cannot. :D

My OS is static and evolve only if i allow it.
Well, I'm using Windows 7 so that means that I have full control on Windows Updates. I can turn it off if I want, I can choose which updates I want install and when. On Windows 10 there is no official way of turning updates off (you can only pause it for X days) so the only way is by "hacking" something (probably changing registry keys) or by using 3rd party software. In fact, Windows 10 users can't even choose which updates they want to install because all updates are important for them. That's also the reason why users often have problems (like with webcam and DHCP). :cool:
 
D

Deleted member 178

On Windows 10 there is no official way of turning updates off (you can only pause it for X days) so the only way is by "hacking" something (probably changing registry keys) or by using 3rd party software. :cool:

Indeed, some knowledge of the OS is required... or just buy Win10 Pro; after all MS is a business. They gave a free version , so if you want keep it for free , you have to accept the bad sides.

Most of the malware infections vectors are from unpatched OS , lacking security updates; so i totally support forced (security) updates; however features-oriented updates shouldn't be forced.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
Indeed, some knowledge of the OS is required... or just buy Windows 10 Pro; after all MS is a business. They gave a free version , so if you want keep it for free , you have to accept the bad sides.

Most of the malware infections vectors are from unpatched OS , lacking security updates; so i totally support forced (security) updates; however features-oriented updates shouldn't be forced.
I have all security patches installed and there are still ways to get free Windows 10. I can just download ISO, create bootable USB and during installation enter Windows 7/8.1 key, that's it. Windows is activated. :cool:
 
  • Like
Reactions: tim one
D

Deleted member 178

Not sure i got what you meant. I was saying if you want control over Windows Updates , you have to upgrade to Win10 Pro (aka buy it)
 
  • Like
Reactions: omidomi

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
Not sure i got what you meant. I was saying if you want control over Windows Updates , you have to upgrade to Windows 10 Pro (aka buy it, unless you have bought Windows 7/8 pro)
I don't get it. Why would I need to upgrade to Windows 10 to have control over Windows Updates? I have full control now, on Windows 7. There is still plenty of time to upgrade. Windows 7 support ends in 2020. ;)
 
D

Deleted member 178

I don't get it. Why would I need to upgrade to Windows 10 to have control over Windows Updates? I have full control now, on Windows 7. There is still plenty of time to upgrade. Windows 7 support ends in 2020. ;)
i meant IF you were on Win10 Home and want control of the updates ,so you have to upgrade to Win10 Pro. i never mentioned Win7 or other OS.

my point : you complain about Windows Updates , go buy Win10 Pro. you can't have everything for free.
 

Marko :)

Level 23
Verified
Top Poster
Well-known
Aug 12, 2015
1,263
i meant IF you were on Windows 10 Home and want control of the updates ,so you have to upgrade to Windows 10 Pro. i never mentioned Windows 7 or other OS.

my point : you complain about Windows Updates , go buy Windows 10 Pro. you can't have everything for free.
I don't think you can completely disable or select updates to install in Windows 10 Pro but ok. :)
 
D

Deleted member 178

it is what they say on various forums; anyway im not scared by M$ potential botched updates :p
 
  • Like
Reactions: _CyberGhosT_

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Possible issue as the specific file did not handle well on integration of Windows, to obtain stable performance of a product.

Since a typical AV revolves with numerous multi-task that can cause problematic behavior when not configured or mishandle on the library code.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top