Symantec 2010 bug angers customers

You must have heard about it by now: The use of a string compare function resulted in the year "2010" being interpreted as being earlier than "2009." If only the repercussions were less severe, it might just have remained a talking point. Unfortunately, this problem resulted in new virus definition updates to be ignored by Symantec Endpoint Manager.

To temporarily alleviate the problem, pending a permanent fix, Symantec has been releasing new antivirus definitions dated December 31, 2009, incrementing the revision number to denote a newer package.

Jim Waggoner, director of product management for Symantec Endpoint Client was quoted as saying, "If there's one thing I've been telling customers, it's that they're still protected, and we want to fix this problem for them so it's best they don't touch the system to change definitions or policies."

Waggoner suggested that customers should "touch nothing" and that this problem will be resolved soon. Of course, such assurances do nothing to reduce the incredulity felt by customers over such a silly programming error. In addition, the erroneous date in the updates is also causing the annoying your-definitions-are-out-of-date messages to appear, as well as causing temporary files that would normally be automatically cleared, to accumulate.

The debacle has been resolved for now. However, customer confidence in its products might take a while longer to be restored.

For more on this story:
- check out the press release at The Register

Related Articles:
AV-Comparatives ranks the top proactive anti-virus scanners
Microsoft reiterates rationale for free Microsoft Security Essentials
Cybercriminals making a fortune from fake security software
Gartner says enterprises are overpaying for antivirus software