Webroot False Positive Windows Malware Bug Fix for MSPs?

Credit: Getty Images

A malware signature update issued by Webroot on Monday triggered the software into mistakenly flagging Windows system files as malware, allegedly impacting millions of managed systems around the world, according to ZDNet.

According to a support forum statement from Webroot, the system has not been breached. However, Webroot was still working to rectify the false-positive situation for MSPs as of late Monday, April 24.

According to a Webroot support forum update from 10:00 p.m. MST on Monday:

"We understand that this is a consumer and business issue. For our small business customers, the fix below will work.

We understand that MSPs will require a different solution. We are currently working on this universal solution now.

Please stay here for the latest updates."

Here's a complete look at the Webroot support forum statement.

Updated April 25, 9:15 a.m. ET: Webroot provided the following statement to ChannelE2E:

“On April 24, Webroot experienced a technical issue affecting some business and consumer customers.  A folder that is a known target for malware was incorrectly classified as bad, and Facebook was classified as a phishing site. The Facebook issue was corrected, and the Webroot team is in the process of creating a comprehensive fix for the false positive issue.  In the meantime, small business customers and consumers can follow instructions posted in the Webroot Community to address the issue.

Webroot was not breached and customers are not at risk. Legitimate malicious files are being identified and blocked as normal. We are dedicated to resolving the issue, and will provide updates as they are available in the Community.”

Updated April 25, 9:31 p.m. ET: Webroot Executive VP Michael Malloy has sent a memo about the false positive issue to registered MSP admins.

Updated April 26, 8:12 a.m. ET: Webroot began beta testing an automated fix for the problem as of late Tuesday, April 25.

ChannelE2E will continue to provide updates, particularly as they pertain to MSPs and channel partners.

Joe Panettieri

Joe Panettieri is co-founder & editorial director of MSSP Alert and ChannelE2E, the two leading news & analysis sites for managed service providers in the cybersecurity market.