Skip to main content

Symantec Mail Security Update Flaw

More
16 years 3 months ago #27198 by ZiPPy
Symantec Mail Security Update Flaw was created by ZiPPy
I wanted to bring up an interesting find regarding Symantec security products, primarily Mail Security for Microsoft Exchange.

I have a Symantec Mail Security for Microsoft Exchange (Ver. 5.0) running on an Exchange Server. The license expired back in late 2005. Now rather then purchasing a new license I decided to do a manual update of the virus definitions.

I was able to go to the following website:
www.symantec.com/avcenter/defs.download.html

And download the necessary definitions for my product. The default folder where the virus definitions should go is C:\Program Files\Common Files\Symantec Shared\VirusDefs\Incoming\
The location listed above only works if the license is valid. So, the work around was to place the latest download virus definitions in: C:\Program Files\Common Files\Symantec Shared\definitions\AntiVirus\VirusDefs

In doing so, am I truly installing all the virus definitions? If the license is expired how can this work? If I got into the Symantec Mail Security it clearly indicates the definitions have been updated. Is this a flaw in the Symantec product?

The only downfall is that you don't get automatic daily virus definitions.


Cheers,

ZiPPy [/b]
ZiPPy
More
16 years 3 months ago #27201 by S0lo
Replied by S0lo on topic Re: Symantec Mail Security Update Flaw
Hi Zippy,

I've used Symantec AV for a long while before I quit using it. Not going into legal issues here, but I've seen and read about such easy cracks for it, but may be not as easy as this one!! The easiest I knew about involves replacing a single file in one of the LiveUpdate folders with a bogus file having the expiry date set to something like 2999!!

Since the product itself says the definitions have been updated, I think it really is. I'm not sure off-course. When I google for "C:\Program Files\Common Files\Symantec Shared\definitions\AntiVirus\VirusDefs" (with double quotes) nothing appears except for one unrelated topic and THIS very thread. Who knows, may be your the first to notice this 8)
Studying CCNP...

Ammar Muqaddas
Forum Moderator
www.firewall.cx
More
16 years 2 months ago #27420 by annasaheb
Replied by annasaheb on topic Re: Symantec Mail Security Update Flaw
Hi Zippy,

the licence is related to product/support licence. I belive if you have symantec antivirus running on the exchange server then the SMS for exchange will automatically take new virus defs if the antivirus configured to update from AV server.

regds,
anna
Time to create page: 0.130 seconds