[LINK] McAfee update problem

Stilgherrian stil at stilgherrian.com
Sat Apr 24 09:58:27 AEST 2010 

On 24/04/2010, at 9:18 AM, Jan Whitaker wrote:
> My favourite comment of those I read:
> 
> My 84 yr. old mother got hit today. Has no one 
> but me to help her with her computer. I’m 14 hrs. 
> away. She now has no internet connection to go to 
> your chat/email support for help or to update – 
> when I called there just now, I’m told that her 
> account says she is not eligible for services! I 
> understand that in normal issues. This is 
> McAffee’s doing. How is McAffee going to repair
> this for her and how soon??

I understand this commenter's anger, but "no one but me to help her with her computer" is disingenuous. Surely there's at least one other human with technical skills closer to this old woman than a 14-hour trip? Or anyone with an internet connection to download the patch and have this commenter talk them through the procedure on the phone?

McAfee has definitely screwed up. However they also responded quickly, got the patch online, got the instructions online -- and are providing the appropriate level of support for the product that the customers bought. If the support level for this customer is "Here is the procedure", then that's what that customer gets. Plus, perhaps, the ability to report a problem if the procedure that's provided doesn't work.


> I think McAfee lost a heap of customers over 
> this. AV is a commodity market now. There are 
> lots of choices out there. I use Avira's Antivir.

McAfee will certainly lose customers. Same way airlines do when one of their flights has a random accident and flyers flock to their competitor. Irrational. Any software business can release a patch which has a fault. McAfee, having done one bad patch in years, and then fixing it promptly, looks good. And McAfee are now probably less likely to have a problem any time son because they'll be ultra-paranoid.

Where fingers should be pointed here are at organisations like the Commonwealth Bank, Coles and Virgin Mobile for having ben caught. Did they not test the patch before installing it across multiple systems?

As Ed Skoudis says in SANS NewsBites today:

    We've been warning people in enterprises for
    years that they _must_ test AV updates in their
    labs before pushing them to their enterprise.
    Every year or two, one of the major AV vendors
    pushes a disastrous update. Here is another
    reminder.

Ahem.

Stil


-- 
Stilgherrian http://stilgherrian.com/
Internet, IT and Media Consulting, Sydney, Australia
mobile +61 407 623 600
fax +61 2 8569 2006
Twitter: stilgherrian
Skype: stilgherrian
ABN 25 231 641 421

More information about the Link mailing list