AV Definition update caused error

Wooo, thats a bit unfair...

its ok people like me, who are sat here playing on one machine, but some of these guys are in control of 30 to a 100 servers...

Now it has to be said, this isnt a free programme and people do rely on it for protection, they dont expect it to bring the servers to its knees

Bad call

 

I've been working in IT for 15 years and I've never seen anything like this. This is more like a couple of broken legs than a skinned knee.

No excuse for this.

 

From what I can see on our network the problem occurs when you got to update to the next av definition is when the crash occurs. we've manage to halt the crashes by halting updates to our clients and rebooting the ones that have updated. We are going to wait for Eset to publish an update

 

Agreed.

Pushing 5819 and rebooting fixed it here (~300 clients).

 

Shut up.

 

Have to agree but let's concentrate on a fix instead of recriminations.

 

Security is "do not trust anyone".

How many of us test the antivirus updates before deploying them? in the same way everybody should test a hotfix or a patch or service pack.
Since there are at least 3 updates/day for the antivirus updates, it is mission impossible. It would be a full time position.

There should be a way to automate this: push the updates on a group of computers, 3 hours later to the rest of the enterprise. And more than anything else, there should be a way to rollback an update and to push a previous version.

 

It's OK for them to not test an broken definition cause this is 'what we do'?!

Is it then OK for the only decent support to be the community? If all this is OK why are we paying for this product? 'this is what we do...' no this is affecting BUSINESS. This is not ok.

 

jmcvay clearly doesn't have a network of users to respond to when things like this happens.

Half our Windows PCs blue screened with the exact same error when the ekrn.exe error appeared.

Our PDC (running SBS 200 has been trying to update to v5419 for the past half hour. Guess I'm going to have to reboot it during office hours with unnecessary downtime.

Thanks a lot ESET.

 

i am having problems on some of my servers that are now on 5419. when i open the eset client software on the computer to check the version, it is blank. i have toggled between basic and advanced and still blank. seems to be the ones that the update from *&&%^%%^& caused the worse problems with. anyone seen this or is it just isolated to me......

 

It happens...but when it happens over and over again....several times a year....there's a problem.

You see, I've been reselling and installing and supporting business managed AV products since..well, experience prior to, but I can recall back to Symantec Corporate Edition version 5.0. Yup...version 5! So I didn't start IS/IT today, I've been at it for a long time. With many different brands. A few years ago, back when Eset was version 2.5, we flipped most of our clients over to Eset (we're a reseller of the biz edition). I'm talking a LOT of business/company networks around the US.

As resellers (silver partner)....we do fixes like this for free, since we feel an obligation towards products that we recommend/resell. So at 125 bucks an hour, how good do I feel wasting my time on volunteer work for 1/2 of today fixing a bug that QC should have caught?

"If technology worked flawlessly, YOU WOULD NOT HAVE A JOB."
Uhm...if you think the peak of IT is playing fireman putting out fires...you're doing it wrong. Good proper IT (at least what I'm used to) is design/implement/deploy/grow) Playing "break-fix-it geek squad" is for the bottom feeders.

We have a loooot of customers to convert over to Forefront this winter.

 

This is an absolute nightmare.

 

While I agree this is a bad situation I for one am pleased with the speed of the response to the issue from Eset.

 

I'm not a business user or an admin, but I thought posting a new thread about this would be highly frowned upon.

I just wanted to verify: Definitions 5417, 5418, and 5419 all cause freezes, hangs and BSoDs from what I'm seeing here? I still have a machine on 5416, so I'm wondering if I ought to yank the ethernet before booting it to prevent it's causing damage.

 

After another reboot client worked fine for me.

 

Solution is to update to 5419 RESTART and everything is back to normal operation. And it have been said many times in this thread now.

Though, this is nothing compared to the Sig update Mcafee released a couple of months ago, but I guess everyone have forgotten about that!

 

I have seen this on a couple of XP workstations, reboot solved it.

 

The last time I remember this exact issue happening was with XMON (there's a post on here somewhere). A definition update was released and XMON flapped, resulting in the Exchange Mail Stores shutting down. To resolve the issue every Sys Admin on the planet had to reboot their servers, regardless of what time of day it was.

Clearly ESET don't learn from their mistakes else they would put something in place to prevent these issues from happening again (like extra QA - assuming they do currently test defs before releasing them).

 

Phone off the hook this morning. However, 5419 pushed out to all workstations and no problems so far. Thank christ I resisted putting it on our servers! I'm sure all the Exchange/AD admins are loving it this morning!

 

LOL @ the subtle threat at the end. I'm sure you and the rest of the people who consider this unacceptable never brought up a server, deployed an application, etc that had a problem. This is simply because you are all perfect and infallible. Have fun with Forefront/Vipre/*insert AV*, I'm sure you will be gracing their forums with your divine perfection in the near future.

 

This was pretty easy to fix compared the McAfee incident, blah.

I feel bad for everyone with large environments. I had to fix 2 servers and 30 PC's in a doctors office. Everything was fine after updating and rebooting.

Hopefully they can give some kind of explanation of what happened and what they plan on doing about it.

I guess it is a good day for competitors of ESET

 

Never thought I would see the day... ALL our Windows servers are currently in a state of "not responding". According to ERA they last connected ages ago... Can't even access them via RDP... Having to go in manually via Xen Center (console access)!!!

EDIT: We can't access the servers via console to shut them down safely! Windows just hangs at logon!

 

Seriously, shut the hell up, troll.

 

Yeah, I've had blank Eset GUI screens too, and servers completely hang up with 5419!

I've had to brave the chilly server room and use the highly technical thumb on power button for 10 seconds approach... then on the floor on knees praying Exchange didn't corrupt.

Thankfully all servers have come back up, workstations where a bit more tricky, some took 2 reboots AFTER 5419, one or two REALLY didn't want internet access initially.

Most of it's over now... I think.

Anyone else nervious about 5420 ??!!

 

I just spent a year convincing my employer/boss to switch to NOD32 because it was a much more manageable and stable platform compared what we were using before. 3 months of flawless performance and now this... I never expected this, looks like I will have to add testing NOD32 updates before pushing them to production to my never ending to do list.