Microsoft Says Symantec Software Is Spyware
Microsoft has corrected the false flagging, it said Monday. Symantec, meanwhile, announced that it had crafted a free tool to repair damaged installations of its Symantec AntiVirus (SAV) Corporate Edition and Symantec Client Security (SCS).
The problem stemmed from a Windows AntiSpyware Beta 1 update late Thursday, Feb. 9, dubbed "5805, which incorrectly identified a registry key for SAV and SCS as belonging to a password-stealing keylogger known as PWS.Bancos.a, which harks back to 2003.
Microsoft's anti-spyware program prompted users to remove the misidentified registry key; if they did, SAV and SCS stopped working.
"Once this issue was discovered, Microsoft quickly released a new signature set (5807) to remove this false positive," said a Microsoft spokesman Monday. "Both companies are working jointly together to identify the number of affected customers, which we believe to be very limited."
Early Monday, Microsoft recommended that affected users call on Windows XP's System Restore to restore to a time before the keys were deleted, or reinstall the Symantec software. In a separate statement later Monday, Symantec said it had come up with an automated tool to repair affected systems. "This tool is available at no charge from Symantec Product Support Services," a Symantec spokesman said.
Coincidentally, Microsoft and Symantec -- longtime partners -- last week took jabs at each other over the former's official entrance into the consumer security market.
Symantec made a point, however, to stress that its consumer titles, including Norton Antivirus and Norton Internet Security, were not affected by the Microsoft mistake.