lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: jlevitsk at joshie.com (Joshua Levitsky)
Subject: Nortons Liveupdate - problem?

And of course if you run Corporate Edition against an internal LiveUpdate 
server then none of the below applies. Most likely doesn't apply even if you 
use Symantec's servers. The scheduler is different in the CE version from 
the retail version.

--
Joshua Levitsky, MCSE, CISSP
System Engineer
Time Inc. Information Technology
[5957 F27C 9C71 E9A7 274A 0447 C9B9 75A4 9B41 D4D1]


----- Original Message ----- 
From: "Gregh" <chows@...mail.com.au>
To: "Disclosure Full" <full-disclosure@...ts.netsys.com>
Sent: Monday, January 19, 2004 3:33 PM
Subject: [Full-Disclosure] Nortons Liveupdate - problem?


>A lot of your customers may have your Nortons AV prog (I don't mean other
> Nortons products, just the anti virus scanner though this may apply to 
> their
> other products, too) set to auto update when on Internet without
> interrupting the user which IS a good idea normally. However, a few weeks
> ago due to a stupid error on the part of a company Nortons uses, your AV
> prog couldn't find their update site for the day. It didn't last long and
> should have ended there.
>
> Unfortunately, I have become aware, while fixing problems for people who 
> use
> Nortons, that their Nortons (2000, 2002 and 2004 versions) hadn't updated
> for the last two weeks. So, I manually MADE it update and it did so just
> fine. This isn't normal. Nortons usually auto updates fine and on each
> machine where I have noted this (5 so far, all Nortons, all the same drop
> off time), they have been without updates since that date and thus open to
> newer stuff. Bagle should start hitting hard today and if what I fear is
> correct, none of your Nortons users will be protected UNLESS you get them 
> to
> open their Nortons and run your LiveUpdate manually. 5 out of 5 machines 
> all
> stopped updating at the same period seems strange to me. There were 2 in 
> one
> user group, 2 in another company and one friend who I do work for on his
> personal machine. These were 3 different sites in other words.
>
> So, do yourselves a favour. I may be wrong but if I am not wrong, your 
> users
> are not protected. They MAY be protected automatically after manually
> updating but I am not even 100% sure of that right now. Run Liveupdate
> manually NOW and be sure!
>
> Greg.
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ