CHAPTER 8 - CASE 1 (WHEN ANTIVIRUS SOFTWARE CRIPPLES YOUR COMPUTERS)

 1.

• Management Factor which causing the McAfee’s software is when the test simulation were done, management didn’t run these for windows XP with service pack 3. Users using the McAfee Virus Scan were using Widows XP service pack 3 and the viruse scan version 8.7, these affected to faulty update download. 

• Organization Factor is when the staff didn’t work efficiently. McAfee update  the virus scan that was intended to deal with the new virus named ‘w32/wecorl.a”. but the company doesnt detect the problem that this virus could make itself appears as the name svchost.exe, which a windows file that is critical to PC’s performance. 
• Technology problem is without thesvchost.exe, windows can’t boot properly. McAfee determined that the majority of affected machines were using windows XP  service pack 3 combined with MCAfee Virus scan 8.7. they also noted that  the “Scan Process on Enable” opyion of virus scan, off by default in most Virus scan installation, was turned on in the majority of effected computers.

2.  The business impact is the reputation to the McAfee company was dropped. Besides that, the customer also get the impact because the users’ computer were crippled or totally not functional.

   3. If i were an enterprise customer, I would consider McAfee’s response to the problem is not be acceptable. Because the slipup caused the system becomes unsecured. McAfee also makes a mistake that without the svchost.exe, windows can’t boot properly. Virus scan users applied the update, tried rebooting their systems, and were powerless to act as their systems went haywire, repeatedely rebooting, losing their network capabilities and their ability to detect USB drivrs, which is the only way of fixing affected computers.

    4. They should implement the additional QA protocols for any releases that directly impact critical system files. McAfee is also rolling out additional capabilities in Artemis that will provide another level of protection against false positives by leveraging an expensive whitelist of critical system files and their associated cryptographic hashes.