• Gestrid@lemmy.ca
    link
    fedilink
    English
    arrow-up
    5
    ·
    4 months ago

    Four days for an update to malware definitions is how computers get infected with malware. But you’re right that they should at least do some sort of simple test. “Does the machine boot, and are its files not getting overzealously deleted?”

    • Kissaki@programming.dev
      link
      fedilink
      English
      arrow-up
      1
      ·
      4 months ago

      One of the fixes was deleting a sysm32 driver file. Is a Windows driver how they update definitions?

      • Gestrid@lemmy.ca
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        4 months ago

        The driver was one installed on the computer by the security company. The driver would look for and block threats incoming via the internet or intranet.

        The definitions update included a driver update, and most of the computers the software was used on were configured to automatically restarted to install the update. Unfortunately, the faulty driver update caused computers to BSOD and enter a boot loop.

        Because of the boot loop, the driver could only be removed manually by entering Safe Mode. (That’s the thing you saw about deleting that file.) Then the updated driver, the one they released when they discovered the bug, would ideally be able to be installed normally after exiting Safe Mode.