Chinese users sue Symantec over update blunder

Company's working on making things right after update meltdown

At least two lawsuits seeking compensation have been filed against Symantec by Chinese users whose PCs were crippled by a faulty virus update last month, the company confirmed Wednesday.

According to reports filed by the state-controlled Xinhua news service, a lawyer in southern China and another user in Beijing have submitted lawsuits to local courts. Liu Shihui, a lawyer with the firm Hongmian in southern Guangdong, is seeking 1,644 yuan (AUD$255) as compensation for technical help he had to hire to restore his Windows XP machine to working order.

The second lawsuit's plaintiff was not identified, but Xinhua said the filing sought 50,000 yuan for data lost on a laptop running Symantec antivirus software.

Cris Paden, a spokesman for the Cupertino, Calif.-based security company, confirmed the two lawsuits but had no other information. "There are two we know about," he said.

Symantec's China troubles started around 1 a.m. Beijing time May 18, when it delivered a flawed virus-signature update to customers running the Simplified Chinese edition of Windows XP Service Pack 2. The new signatures mistook two critical system files as a Trojan horse and quarantined both files. That in turn crippled Windows and made the machines impossible to reboot. Symantec reworked the update and re-released it the same day at 2:30 p.m. Beijing time, but the fix was too late for many machines. Those systems needed new copies of the two files restored to the hard drive in order to start up.

An automated threat analysis system was to blame for creating the buggy signature update, which incapacitated thousands -- maybe millions -- of Chinese computers.

Within a week, Symantec representatives on the scene had left the door open to compensating users. Once technical support staff had helped get PCs back up and running, said Vincent Weafer, a senior director of Symantec's security response team, the company would "consider other issues".

"We're haven't decided" on any compensation plans, said Paden Wednesday. "We're still reaching out to customers. There were a lot of ripple effects, as you'd imagine, and we're also contacting the appropriate government agencies to answer any of their questions." Last week, Symantec extended technical support hours for individuals needing assistance with any virus update problems, and it again issued an apology on its Web site.

Symantec announced May 23 that it would open a security response center in China before the end of the year. The timing was coincidental, said Paden. "We had been planning on doing that all along," he said. "You don't just open one of these overnight."

Symantec hopes that by locating one of its response centers in China -- it has others in the U.S., Japan and Ireland -- it may help prevent a recurrence of such flawed updates. An updated FAQ on the company's Chinese-language site also says the new center will allow more thorough testing of updates intended for distribution in the region.

"But false positives will still happen," Paden said. "No matter what you do, you can never prevent this from ever happening again."

Join the newsletter!

Error: Please check your email address.

More about Symantec

Show Comments

Market Place