Destroy Computer Malwarebytes update destroys thousands of computers

A faulty security update to Malwarebytes' software has cause it to mistake legitimate files for malware code, leading to thousands of ruined computers

Malwarebytes makes security software meant to detect and clean your computer of unwanted malware. Unfortunately, a recent security update confused the software into thinking that legitimate system files were actually unwanted code. This lead to thousands of computers being wiped of files necessary to keep them running. The security update specifically confused the software into thinking that Windows .dll and .exe files were malicious. When the software stopped these files from running, it effectively disables the computer. All in all, thousands of systems across the globe were affected.

results page Malwarebytes update destroys thousands of computers

"Exterminate! Deleting folder system32!"

 

Malwarebytes' Marcin Kleczynski issued a statement about the incident: "It saddens me to report that at around 3PM PST yesterday, Malwarebytes released a definitions update that disabled thousands of computers worldwide. Within eight minutes, the update was pulled from our servers. Immediately thereafter, users flocked to our support help desk and forums to ask us for a fix." Kleczynski has stated that new policies will be put in place to prevent something like this from happening again: "We are commissioning several new resources to stop this from happening again. We are building more redundancy to check our researchers' work and improving our peer review."

 

Despite quickly acting to remove the update, the damage was done. Many IT managers have reported massive disruptions to their computer systems. A UK organization stated that 80% of their company's servers had been knocked out. Rik Ferguson at Trend Micro Systems stated that this isn't an isolated incident; faulty security updates like this do tend to happen, and they happen industry-wide. The need to combat new and fast moving security threats means updates aren't always scrutinized as well as they should be.