On Wednesday there was a two-hour period where Kaspersky had pushed out antivirus signatures that contained a major flaw. They inadvertently identified Windows Explorer (Explorer.exe) as a virus, which many of you know is pretty darn critical for Windows. The virus alert will look like the one in the screenshot above, which was taken by a Kaspersky forum member. It essentially says:
Detected: virus Worm.Win32.Huhk.c
Running module: explorer.exe\Explorer.EXE
Kaspersky made a point to say that this only affects a portion of XP users out there:
The version of explorer.exe which was falsely detected was released via Microsoft Windows Update service as an Update for Windows XP on 24.07.2007.
If you were caught in the storm, as many were, there shouldn’t be too much of a problem since Kaspersky quarantines viruses by default. That means you can restore the Explorer.EXE file with little issues, but the real pain is if users have set Kaspersky to automatically delete viruses that are found!
After restarting the computer the Start Menu, Taskbar, System Tray, and Desktop will not be visible. Kaspersky has instructions on how you can fix the issue, but it will take a good amount of work to get things back to normal. My condolences go out to all of the IT administrators who have to deal with this issue on dozens of computers.
I guess this is a good lesson as to why backing up your files is extremely important. You never know when an important system file will accidentally be quarantined or deleted, and it could upset your entire day if you’ve never made a backup of your documents.
[via The Register]