Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Symantec SEPM having 2010 date problems - Internet Security | DShield SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Symantec SEPM having 2010 date problems

Thanks to Derek to pointed us at this post from Symantec: http://www.symantec.com/connect/forums/official-status-sepm-definitions-stay-31-12-2009-last-updated-04-jan-2010 stating that Symantec Endpoint Protection Manager considers any definition update with a date newer than 11:59PM December 31 2009 will be considered out of date. They say they are working on a fix but are currently handling this by releasing new definitions with higher version numbers but the same date.

This is impacting:

  • Symantec Endpoint Protection v11.x Product Line
  • Symantec Endpoint Protection Small Business Edition v12.x Product Line

 

Toby

68 Posts
So Symantec's interim fix is to keep the definition date locked at 12/31/2009 and keep incrementing the rev. number. While that works to keep the client's updated, that is going to wreak havoc with remote access and NAC systems that check the client to make sure their defs are up to date. And if they don't get this fixed fast, everyone is going to start getting a warning that their defs are out of date.
Anonymous

Sign Up for Free or Log In to start participating in the conversation!