Webroot Antivirus Misidentifies Windows as Threat, Shuts Down Computers

Microsoft announced that Windows software is being opened to partners interested in building devices for "mixed reality" experiences

Webroot’s antivirus service accidentally misidentified core parts of Microsoft Windows as threats to the rest of the computer, shutting down thousands of customer’s systems on Monday evening.

Twitter user @SwiftOnSecurity was one of the first to spot the error:

Webroot confirmed on a support forum that an updated detection rule had flagged crucial Windows operating files as “false positives” in the system. It proceeded to “quarantine” the data from being accessed by the rest of the OS, stopping the computers from functioning properly.

While the update was only available for 13 minutes, this was more than enough time to affect tens of thousands of users. Webroot’s help service was then “overloaded” with people demanding their cloud system restore the inaccessible data.

Some users noticed the glitch when Facebook was mistakenly flagged as a “high-risk site,” usually displayed when websites attempt to steal the identity of any visitors.

Users took to Twitter to complain about the glitch, including many managed service providers, also known as MSPs, who were using Webroot to help manage the security of their own clients’ computers.

“How am I supposed to do this across 3 GSM’s with over 3 thousand client sites????? NOT GOOD ENOUGH,” user jhartnerd123 said on Webroot’s own forums regarding the solution that they had proposed.

Webroot has said that they do not believe they were hacked.

Jack Hadfield is a student at the University of Warwick and a regular contributor to Breitbart Tech. You can like his page on Facebook and follow him on Twitter @ToryBastard_ or on Gab @JH.