On August 19, 2010, CPU manufacturer Intel purchased antivirus maker McAfee. At the time, few people knew why. And let’s just say fewer people were surprised when Intel unacquired McAfee in April 2017 than they were when they made the acquisition.
Who was McAfee?
McAfee was named for its founder, the infamous John McAfee. John McAfee released the first commercially successful antivirus product for PCs in 1987, initially as shareware. As computer viruses proliferated in the late 1980s and early 1990s, antivirus software went from a good idea to a necessity.
This made John McAfee wealthy, and he left the company in 1994, retired to Belize, and became just as well known for his unhinged rants as he ever was for his computer software. In their later years, McAfee didn’t like having his name associated with an antivirus product that people put up with but nobody liked. And the software company didn’t like being associated with a loud, delusional old man who seemed to have a grievance with anything and everything.
Growth continued into the late 90s and early 00s, fueled by fast-moving viruses like Melissa and Love Letter. The resulting incidents turned antivirus into a growth industry. Corporations found holes in their coverage and bought large, lucrative licenses to ensure all their PCs had current protection.
In North America, at least, McAfee and Symantec were the two biggest names in antivirus. McAfee used its profits to diversify into antispam, firewalls, encryption, and other security products, but antivirus was always what people associated its name with.
What led to Intel’s acquisition of McAfee
On April 21, 2010, McAfee had an incident where they rolled out a problematic update that crashed several million corporate and consumer computers. It wasn’t as widespread as the Crowdstrike incident of July 19, 2024, but the effect was similar. Ironically, McAfee’s COO at the time was George Kurtz, who was the CTO of Crowdstrike in 2024. “I’m not sure any virus writer has ever developed a piece of malware that shut down as many machines as quickly as McAfee did today,” Ed Bott wrote at ZDNet on April 21, 2010.
McAfee’s share price dropped, and Intel made an acquisition offer. It wasn’t surprising that someone would attempt an acquisition while McAfee’s share price was depressed. The surprise was that it was a CPU maker.
At a small local security conference in 2010 or 2011, I happened upon the McAfee booth. I asked the employee at the booth why Intel made the purchase. I was genuinely curious, as I didn’t see the synergy. He told me that Intel wanted to move security further down the stack. Meaning, they wanted some of the antivirus functionality to run at the CPU level, not the operating system level. In theory it would make antivirus harder to bypass, and also put AMD at a disadvantage.
The problem for Intel post-acquisition
The problem for Intel was obsolescence. Signature based antivirus, like what McAfee was doing, was rapidly falling out of favor in corporate environments. The problem with signature-based antivirus is that it is very easy to change the signature to evade detection. Modify the binary in subtle ways, and you can change the signature without changing its behavior one bit.
Corporations started turning to more sophisticated products that look at behavior, and provide some means for intervention in case of an incident, rather than just single-purpose antivirus. Examples of this type of product include Sentinel One, Carbon Black, and Crowdstrike.
On the consumer front, McAfee faced other struggles. A number of free antivirus products started appearing that worked about as well as McAfee, didn’t necessarily slow your system down as much as McAfee, and they didn’t cost you $40 a year. One of those companies was Microsoft, and it wasn’t long before Microsoft started including its product with Windows.
All of this meant antivirus wasn’t the revenue stream Intel expected it to be. As interesting as their idea was of moving security into the hardware, there wasn’t much point in doing it if people weren’t buying. Divesting from something so tangential from its core business just made sense.
David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.