Today a big surprise early in the morning: some virtual servers in our farm had a fault.
All of them were implied in “loop without end” very similar to a malware infection.
Windows Machines… updated… with antivirus updated… with antiexploit installed… with firewall on… but unusable.
Symptoms: full use of RAM, both on poor amount and huge ones, a “Critical error” just after the login, exception with reboot after one minute, properly working on safe mode startup.
After a day of down, with a thought to a zero day malware exploit, we found the answer in Symantec bullettin “KB91642 – Reboot loop after installing or upgrading to Endpoint Security 10.5.5 July Update or 10.6.1 July Update”.
The antivirus feels OS part as treat…