Symantec goofs up!

A defective signature file update by security firm Symantec caused havoc when it started booting a number of users off their AOL internet connections.

Symantec admitted that the problem began with a 15th March intrusion detection signature file sent by LiveUpdate to the customers of Norton Anti-virus and Norton Internet Security. The file caused the traffic coming from AOL to be interpreted as malicious thereby preventing users from connecting to dial-up and broadband services. The bug was eventually traced to the area that prevents hackers from entering a computer through open ports. Seven hours after the first file was distributed, Symantec released an updated signature file fixing the problem. Unfortunately the users who were affected without a connection were not able to access the fix. If anyone cannot get onto the Internet because AOL is their ISP, Symantec recommends disabling the security software to fetch the patch. Another solution that Symantec has offered is that the users update their Norton software, which should enable them to go online and download the corrected signature file. Detailed instructions are available in the company's advisory, which, sadly, will not be accessible to those affected. Users can also call a US toll-free number for support, Symantec said - the number is 1-800-927-3991. AOL's UK call centres have received around 4,000 calls about the problem, according to a spokesperson. This happens to be the second time when an anti-virus company has blundered. Last week it was a signature update by Symantec rival McAfee that proved to be problematic. It quarantined a number of executable files including Microsoft Excel and Macromedia Flash Player.