McAfee DAT 5958 Issues

US-CERT is aware of public reports indicating that McAfee DAT release 5958 is incorrectly identifying the valid system file, C:Windowssystem32svchost.exe, as containing malicious code. Reports indicate that a false positive detection occurs on Windows XP Service Pack 3 systems. Symptoms include a denial-of-service condition when the McAfee software attempts to clean the file.

US-CERT encourages users and administrators to review the McAfee Virus Profile: W32/Wecorl.a and apply the “extra.dat” and additional updates provided by McAfee as necessary to mitigate this issue. Users should ensure that they have installed DAT 5959 or greater before running any on-demand scans.

Corporate users and administrators are encouraged to review the McAfee Corporate Knowledgebase Article KB68780, while home users are encouraged to review the McAfee FAQ Document TS100969.

This product is provided subject to this Notification and this Privacy & Use policy.

Recent Posts

Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA, Australia, and Partners Author Joint Guidance on Securely Integrating Artificial Intelligence in Operational Technology

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

CISA Adds One Known Exploited Vulnerability to Catalog