Faulty Malwarebytes update leaves VARs picking up pieces
US-based anti-malware vendor looking to grow UK channel but faulty update knocks out thousands of users' computers worldwide
Global resellers of security vendor Malwarebytes have been left picking up the pieces as thousands of their customers' computers were brought down by a faulty update.
The update definition, which was released on Tuesday, marked legitimate files as malware code, leaving many of its millions of customers and free users worldwide with crippled machines.
The firm insists it pulled the faulty update off its servers after eight minutes, but conceded that "superior procedures" around its updates needed to be followed in future.
US-based Malwarebytes has recently entered the UK channel, signing its first VAR Computerworld Business Solutions (CBS) in a move the vendor hopes will drive sales of its enterprise and SMB product in the region.
Although CBS was not hit by the fallout, one US partner, Arizona-based Clarke Computers, told CRN that more than 200 of its customers had been affected.
The firm's operations manager Carlos Ferris said that since the faulty update's release on Tuesday, some of his customers had still not been able to boot up their machines.
"A lot of files went into false positive mode and made the system think it was full of viruses when it wasn't. Some of [their systems] are still down, and we are in the process of repairing them all now. Some are worse than others; some still cannot even boot their machines," he explained.
He added that the vendor posted a variety of fixes on its website but the pair had not been directly in touch.
In a grovelling apology posted on its website, Malwarebytes' chief executive Marcin Kleczynski said he was sorry for letting users down.
"I want to offer my sincere apology to our millions of customers and free users. I started this company because I thought everyone was entitled to malware-free computing. We acted overzealously in that mission and realise far superior procedures around updating are needed. More was expected of us, and we failed," he wrote.
"[By] working day and night, we are commissioning several new resources to stop this from happening again. We are building more redundancy to check our researchers' work and improving our peer review."
Some users on the vendor's forum praised the firm for its speed in providing customers with updates, and claimed it dealt with the problem well.