Y2.01K bug trips up Symantec

Schoolboy error causes red faces

By Chris Mellor

Posted in Malware, 5th January 2010 11:09 GMT


Symantec's Endpoint Protection Manager has been hit by a classic date bug and fell over at the end of the year, accepting no definition updates dated since then.

Symantec have issued a statement, which states that: "An issue has been identified in the Symantec Endpoint Protection Manager (SEPM) server whereby all types of SEP definition content [AV/AS, IPS] with a date greater than December 31, 2009 11:59pm are considered to be 'out of date'."

Until the bug is fixed, Symantec has a bandaid strategy: "Symantec Response will continue to publish Symantec Endpoint Protection antivirus and other definitions with the date 12/31/2009, and will only increase the revision number of the definition. More specifically the last certified definitions that was published on December 31, 2009 was .12/31/2009 rev. 041. version. The next certified definitions to be published will have a revision number greater than 041."


Symantec Y2.01K bug still stymies customers

String compare hobbles Endpoint Manager

By Dan Goodin in San Francisco

Posted in Enterprise Security, 9th January 2010 02:05 GMT


Nine days after Symantec's corporate antivirus dashboard succumbed to an end-of-decade bug that caused it to stop accepting updates, the company has yet to fix the underlying problem, much to the chagrin of customers.

In a case of extreme Déjà vu, the flaw in SEPM, or Symantec Endpoint Manager, stems from its inability to recognize the year 2010. Shortly after the first of the year, the program stopped accepting new virus definitions. For most of the time since then, Symantec managed to work around the problem by dating all subsequent updates December 31, 2009, a kludge that has created gnashing of teeth for many of its users.

Starting Friday, customers who updated using Symantec Endpoint Client have been able to get definitions that show the correct date.,/p> [..]

main page ATTRITION feedback