Webroot Antivirus Marked Facebook as Phishing Site and Windows as Malware

April 25, 2017

2 minute read

You may remember Google’s Safe Browsing Site Status mistakenly marking Google.com as a potentially dangerous domain to visit or the Google Maps mistakenly labeling Berlin Square as Hitler Square. Now another firm has joined this list, it’s Webroot Inc., a private American company, that provides Internet security software for consumers and businesses.

It all happened on 24th April, when Webroot flagged Windows system files as malicious (W32.Trojan.Gen trojan) and began moving some of the files into quarantine list resulting in computers to crash worldwide. Typically, an anti-virus software is programmed to skip Windows system files, since these files are critical and without which a computer system may not operate correctly.

Webroot’s update, however, went bad and changed the way antivirus software work. Although the firm pulled the update, it still caused its users, including companies and businesses, a big headache. According to the official Webroot forum, the update affected thousands of devices worldwide.

Facebook a phishing site

Windows users were not the only one who watched Webroot’s antivirus going rogue. The update also marked the social media giant, Facebook, as a phishing website and dangerous for users to visit it. Here’s a screenshot shared by one of the users showing how Webroot blocked access to Facebook by labeling it as a phishing website:

Good news is that the issue has been solved and the users have got their files back, however things would be otherwise if Webroot has permanently deleted system files rather than temporarily removing them.

Here are some Twitter reactions on Webroot’s epic fail update:

https://twitter.com/K3WPGaming/status/856624284382507008

https://mobile.twitter.com/EODguydave/status/856665987369881600

.@Webroot @WebrootSupport Uh… Whoops! I don't think your snafu is fully fixed yet… pic.twitter.com/2MR0uhwivf

— Aaron Burke (@UrbanScallywag) April 24, 2017