"It can cause the CPU (central processing unit) utilisation of the machine to go to 100 per cent, effectively freezing the system for an extended period of time," said Simon Leech, an Amsterdam-based security engineer for Network Associates.
The problem occurs when virus definition file 4102, which was released on Nov. 1, is installed on a machine running VirusScan engine version 4.0.02. The scan engine and the definition file are incompatible.
"We update our engine roughly every three months. Unfortunately we have discovered this definition file doesn't work with this engine," Leech said. The current scan engine version is 4.0.70.
When the computer is restarted the incompatibility causes the system to freeze. On servers running Microsoft's Windows NT the administrator can stop the anti-virus service remotely from another machine using the server manager, or use a tool from the resource kit to remotely kill the service, Leech suggested. On desktop computers the user can start Windows in Safe Mode and disable VirusScan.
After getting access to the system the scan engine will have to be updated manually. "Updates of the scan engine are free," said Leech.
"Version 4.0.02 is a more than two year-old version of our engine. We generally do not test new definition files with engines over two years old," Leech said to explain the cause of the problems. "With all the hype around viruses lately we were hoping our customers would have already updated their scan engines."
Leech couldn't say how many customers were affected by the incompatibility. "Some companies, large as well as small and around the world, have had the problem. We are still assessing the exact number," Leech said.
Computer users who have not updated their antivirus engines for several years, however, may be in for a nasty surprise, Leech said. "Those customers have a false sense of security. Their systems could be infected with all kinds of viruses like Melissa and Love Letter." New versions of the scan engines are made to detect newer viruses. "Love Letter and Melissa required an engine update," Leech said.