Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Symantec Mail Security Update Flaw

Symantec Mail Security Update Flaw 9 years 10 months ago #27198

  • ZiPPy
  • ZiPPy's Avatar Topic Author
  • Offline
  • Expert Member
  • Expert Member
  • Posts: 500
  • Thank you received: 0
I wanted to bring up an interesting find regarding Symantec security products, primarily Mail Security for Microsoft Exchange.

I have a Symantec Mail Security for Microsoft Exchange (Ver. 5.0) running on an Exchange Server. The license expired back in late 2005. Now rather then purchasing a new license I decided to do a manual update of the virus definitions.

I was able to go to the following website:
www.symantec.com/avcenter/defs.download.html

And download the necessary definitions for my product. The default folder where the virus definitions should go is C:\Program Files\Common Files\Symantec Shared\VirusDefs\Incoming\
The location listed above only works if the license is valid. So, the work around was to place the latest download virus definitions in: C:\Program Files\Common Files\Symantec Shared\definitions\AntiVirus\VirusDefs

In doing so, am I truly installing all the virus definitions? If the license is expired how can this work? If I got into the Symantec Mail Security it clearly indicates the definitions have been updated. Is this a flaw in the Symantec product?

The only downfall is that you don't get automatic daily virus definitions.


Cheers,

ZiPPy [/b]

Please Log in to join the conversation.

ZiPPy

Re: Symantec Mail Security Update Flaw 9 years 9 months ago #27201

  • S0lo
  • S0lo's Avatar
  • Offline
  • Moderator
  • Moderator
  • Posts: 1577
  • Karma: 3
  • Thank you received: 7
Hi Zippy,

I've used Symantec AV for a long while before I quit using it. Not going into legal issues here, but I've seen and read about such easy cracks for it, but may be not as easy as this one!! The easiest I knew about involves replacing a single file in one of the LiveUpdate folders with a bogus file having the expiry date set to something like 2999!!

Since the product itself says the definitions have been updated, I think it really is. I'm not sure off-course. When I google for "C:\Program Files\Common Files\Symantec Shared\definitions\AntiVirus\VirusDefs" (with double quotes) nothing appears except for one unrelated topic and THIS very thread. Who knows, may be your the first to notice this 8)

Please Log in to join the conversation.

Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx

Re: Symantec Mail Security Update Flaw 9 years 9 months ago #27420

Hi Zippy,

the licence is related to product/support licence. I belive if you have symantec antivirus running on the exchange server then the SMS for exchange will automatically take new virus defs if the antivirus configured to update from AV server.

regds,
anna

Please Log in to join the conversation.

  • Page:
  • 1
Time to create page: 0.128 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup