A botched update to the ESET NOD32 Virus Signature Database Update 5418 today is causing mayhem on thousands of Windows XP SP3 machines and Windows Servers alike.
The problem is still ongoing and rears its ugly head when the Windows XP SP3, Windows Server 2003 or 2008 R2 system gets pushed today's update definition 5418. Windows 7 seems unaffected. After a while your PC will throw a memory read error to which you are invited to agree with or debug. Shortly after this will cause freezes, crashes and - some report - BSODs.
The main problem, of course, being that the anti-virus actually locks up your explorer and unless you are the 1 per cent of users who are nimble-minded enough to hit the Ctrl+Alt+Del combo, you won't go anywhere and much less remember to use Task Manager to switch between apps manually and save your hard work.
Naturally, support forums like this one, have been flooded with irate system admins who've seen their sites freeze, crash or otherwise give up the ghost.
Server-side this represents a big problem. Without the ability to stop the service in its tracks, servers are being powered down manually, or as one poster put it: "I've had to brave the chilly server room and use the highly technical thumb on power button for 10 seconds approach... then on the floor on knees praying Exchange didn't corrupt."
In an eerily- IT Crowd-like way, users and admins alike have been told to remedy the situation by restarting their PCs and if that doesn't work, restart them again. If you think the third time's a charm, you can uninstall and reinstall the app - a solution that would require pulling the app from your enterprise server and then reinstalling it.
In the last few hours, ESET has issued the definitions update 5419, but that one too remains borked, fuelling even more posts on support forums throughout. Oh, did we mention there's no roll-back capability inbuilt?
Honestly, this is in no way different from most AV vendors' attitude, but it does imply that virus definition updates aren't properly tested before being made available to the paying customers.
You can follow the company's official announcements here.