Avira has a problem on its hands. A software update the German anti-virus vendor sent to paid subscribers is apparently having the unwelcome side effect of blocking trusted processes and safe applications, and in some cases even preventing PCs from booting, H-Online reported Tuesday.
A bug in the update "results in the ProActiv behavioral monitoring component becoming oversensitive in its treatment of executable files," according to the security blog. Processes that are affected include cmd.exe, rundll32.exe, taskeng.exe, wuauclt.exe, dllhost.exe, iexplore.exe, notepad.exe, and regedit.exe, H-Online reported, while programs like Microsoft Office, OpenOffice, Google Updater, and the Opera Web browser have also been blocked after the update was installed, according to users on the Avira support forums.
Avira has stopped distributing the update and is offering instructions for how to manually fix the process-blocking issue, . However, H-Online advises users to simply disable the ProActiv module in Avira AV packages until the issue is fully resolved.
Users who can't get their PCs to boot are advised to start Windows in Safe Mode and disable ProActiv that way.
According to the security blog, Avira's buggy update was downloaded more than 70 million times before the company pulled the plug on it. Those downloads do include installations on machines running the unaffected free version of Avira's AV product, however.
More details on the issue can be found in this Avira support forum thread.