This definition update was posted at around 10 PM last night and was out for approximately 90 minutes. There was a false positive on a Zbot detection. The detection was pulled as soon as security response discovered the FP, and was replaced with 5475.
The issue only affects certain foreign language versions of Windows. We maintain a robust whitelist repository of all versions of Windows in every language. How this detection passed through our false positive testing is still unknown and we are researching the issue. It is obviously a very high priority internally to figure out how and why this happened. Alex From: Eric Wittersheim [mailto:[email protected]] Sent: Thursday, October 29, 2009 9:40 AM To: NT System Admin Issues Subject: VIPRE DEF 5474 is blue screening computers Anyone who runs Vipre Enterprise should make sure to update to 5475. 5474 is quarantining winlogon.exe and blue screening computers. Check out http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=27&threa did=1802&enterthread=y plus it has happened to me on one system so far. Sunbelt is working on this as I type this. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
