Chris--
I appreciate the Live Update patch came out with their FAQ. One problem
is that *SP2 breaks Live Update* whether you uninstall Norton and install
SP2 (as virtually every Microsoft document on SP2 tells you to do) or
leave Norton/Symantec in. The bottom Line is after a lot of game playing
and clicking successive links on Live Update, tripping through multiple
Norton KBs one leading to the next, you have a *LU 1812 error*, whose
final move is to uninstall NSW or NAV manually and meticulously, and after
you have exhuasted it's remedies, it won't fix with SP2 RTM period.
The only way they are delivering the compatibiilty patches for SP2 is
through Live Update. SP2 whether Norton is installed before or after
breaks Live Udpate and you can't get the patch.
http://service1.symantec.com/SUPPOR...e=english&module=LU&error=1812&build=Symantec
The part left out on the KB is to install any other antivirus
product--many will work with SP2.
They are not making any other means avialable to patch Norton other than
Live Update. If it's broken, and their KBs to fix it often don't, you're
stuck with scan not working, booting up and having to turn on Auto Protect
with a right click (minor) and often uninstall problems with Norton
products. Microsoft tells you to install SP2 first (uninstall NAV) and
Norton/Symantec tell you to wait until they are updated (in some cases 8
weeks from now for Enterprise Products according to their enterprise FAQ I
linked before) before installing SP2.
Microsoft tells you to turn their Windows Firewall on; Norton 2005
products on the last box before you click finish will tell you in a single
explicit box to turn it off. NAV 2005 has a piece of NPF or NIS billed as
"worm protection." How much of a piece and what it actually does compared
with the Windows firewall that has been criticized with respect to
outbound traffic still after SP2 RTM is hard to define. Many people are
finding that the Windows firewall leaves much to be desired right now, as
you know, but I'm sure it will be a different story come Longhorn in
2007.
http://www.symantec.com/techsupp/sp2/faq.html
The answers from Symantec on this FAQ just issued just aren't true in some
cases. There is the paradox that for many, Live Update doesn't work with
SP2 and Norton has elected not to deliver their update patches any other
way. They aren't making them available on their site now. That was a
goofy choice to say the least. The patch to fix what's broken can't be
obtained because you are required to use what's broken to get it--that's
not only ironic and paradoxical--you ain't gonna be able to fix what's
broken.
Microsoft wants you to put in SP2 before Norton, and if you put in Norton
first and patch it, SP2 can still break Norton a number of ways. Norton
2005 seems to work pretty well with SP2 until you boot 3 times, and then
you have refresh freezing on all categories on the Norton Integrator or
gui interface, i.e. you can't tell what's on. You can see that email
scanning is working. The important thing of course, is that Auto Protect
is enabled, because in fact Auto Protect includes adequate email scan and
script blocking to the point you could turn the other two off and be just
fine according to every Symantec engineer I talked to--so you have to be
able to determine that Auto Protect is up and running.
I reproduced this and so did others about 25 times.
Sometimes but not all that can be fixed by reregistering jscript.dll, and
downloading and reinstalling Scripten or the Microsoft Windows Script
package including the Windows Script Host 5.6 since IE has to function
correctly to read the Norton interface.
http://www.microsoft.com/downloads/...43-7e4b-4622-86eb-95a22b832caa&displaylang=en
This KB applies to any version of NSW or NIS through 2005 with Windows
versions past 9X. Often Norton doesn't update KBs in version name for
Windows version, but the Norton/Symantec KB will do the job.
http://service1.symantec.com/SUPPOR...882568040070e925?OpenDocument&src=bar_sch_nam
The FAQ says:
"Installing Service Pack 2 will have no affect on Norton Personal Firewall
or Norton Internet Security."
Some of the FAQ's are vague to the point of covering anything that will
happen,--I like this one because it avoids saying SP2 can break things
that are Norton/Symantec and it does.
"How will installing Service Pack 2 affect the Symantec Products I have
already installed?"
A. "This varies on the Symantec [Norton as well] products you own." Right.
Many break.
On many boxes, installing SP2 any build will outright break
NIS/NPF any version. It will put up a box that says "You're not the
Norton
supervisor" and when you put up the Norton Integrator (the box that shows
what it does with NAV added you can see it but you can't do anything with
it). You'll not be able to uninstall NIS or NPF from Add/Remove, and
you'll
have to use a Norton KB that involves 30-45minutes of using a Norton
removal tool, thendeleting several GUID keys and other registry keys,
multiple folders, every Norton file you can track down in ectopic places.
"With Service Pack 2 installed, do I even need my Symantec antivirus and
firewall products? Absolutely."
Norton explicitly tells you to turn the Windows Firewall "*off*" in their
2005 products about to release. I wouldn't run two software firewalls or
more at once, and I don't have data comparing their abilities like
stateful
inspection head on with say, ZA, and that info isn't easy to come by now.
What they didn't say in the FAQ is that when you load Norton or Symantec
anything, it's going to tell you to turn your Windows Firewall in SP2
off--last box before "Finished Install."
"Installing Service Pack 2 will have no affect on Norton Personal Firewall
or Norton Internet Security" Just not the case. SP2 can make it
difficult to install, and particularly to uninstall Norton products. I
don't know the numbers in 10,000 boxes for this.
I've found this to be totally *untrue* and reproducable that the firewall
can and will break. Norton also tells you on installation of any 2005
product to *turn off the Windows firewall*. It's the last box before you
click "Finish" on the install of the Norton/Symantec 2005 AV, PF, or NIS.
Norton anti-spam is hype and whatever it does can be spelled a dozen ways
without it.
Norton Go Back reconfigures the Windows Master Boot Record, and I'd just
as
soon have someone playing with my elevator lift on the way up the Empire
State Building--it often has the same effect and unhooking Go Back from a
botched Windows boot strap mechanism is simply impossible--their tech
support will tell you they have no clue how and so will MSFT personnel. In
a high percentage of cases, Go Back will destroy partitions in the Windows
Operating System and you won't be seeing that particular OS again ever.
It's refractory to Recovery Console moves or commands and a repair/upgrade
or parallel install will get nowhere.
SP2 can destroy scans in Norton System works, the ability to make it run
after boot, and Live Update the same as in Norton Antivirus.
On some people's boxes the security center will monitor it, but how many
people need the Security Center (none here) need the Security Center to
tell
them where Technet is, how to get to Help and Support, or whether their AV
or Firewall are all. Very few individuals who install a Norton product
don't adjust it at the Norton product or who are going to be working with
the Windows Firewall as it evolves and gets better toward Longhorn are
going
to be relying on the security center to check on the firewall. My point
is
that there are 3 things that happen with multiple versions of NAV that
don't
work with SP2--sometimes with the patch update. There are fixes for them,
and sometimes they don't work. System scans, booting up with Auto Protect
Off (it usually can be turned on but sometimes can't--and Auto Protect is
key because it does script blocking/scanning and email scanning--even if
you
had them both turned off (they are duplication in Norton/Symantec) auto
protect will cover that functionality. Live Update will often not work
with
SP2 and for those people, they can't update to the patches anyway, because
Norton has chosen not to make the patches available any alternative way
which is goofy to say the least.
*Contradiction of Instructions by Microsoft and Symantec/Norton on SP2*
There is also the direct contradiction between Microsoft's instructions
and
Norton's. Every place MSFT has an SP2 article at Technet, MSDN, the XP
Expert Zone or any place on MSFT's site, you are told you should uninstall
AV to install SP2.
Symantec and Norton explicitly tell you to wait to install SP2 until you
have updated NAV--and in the case of Symantec patches for enterprise
security, AV, and firewall products there is a vague timetable projecting
8
weeks out from now for release toward the end of September.
When you install a Symantec or Norton 2005 product, it tells you
explicitly
to *turn off the Windows firewall--something I know the Networking team
and
SP2 team did not strive to have done. NAV 2005 has a piece of their NIS
2005 firewall, so-called "Worm Protection" although how much a piece is
impossible to quantify unless you are a Symantec engineer who has the
code.
I do know that Microsoft is definitely developing Microsoft Antivirus
products, but that the publicity campaign for them is non-existent. I
would
bet on Microsoft to produce a superior product to Symantec/Norton in a
number of ways, including the ridiculous necessity to read 10 Norton KBs
to
do a cascade of work arounds to make a product work. Live Update is a
great
example. Scans that fail are another. Clicking a plus to go to a drop
down
to get a link to get the 5th KB you've used for one Norton problem is like
a
childeren's game. Those come into play with SP2.
I personally hope Microsoft puts Norton and Symantec out of business and
gets their AV product up and running rapidly. I guarantee Symantec is
looking over their big floundering shoulders.
Best,
Chad Harris
_________________________________
Between your post last night, Chad, and early morning (PDT), I'm seeing
reports of Live Update now downloading the proper fix so the Norton
Internet
Security 2004 is now compatible with SP2, and Norton Antivirus is now
properly reporting to the XP Security Center its status.
--
Chris H.
Microsoft Windows MVP/Tablet PC
Tablet Creations -
http://nicecreations.us/
Associate Expert
Expert Zone -
Chad Harris said:
Unfortunately, Chris, Norton didn't come out with anything yet for home
and small business users on their site and have thus far refused to
specify the degree of backwards compatibility that the promiesed and not
yet delivered patches for *Norton* products would entail. Although there
are go arounds to make SP2 work with any version of Norton product, and
some a little bit Byzantine--the routine where you read one Norton KB and
click on an icon in Live Update to reveal the next KB to read, followed
by a hyperlink in the error message to read the 3rd KB--they all end with
uninstalling Norton appropriately I belive and should add to install a
product from another company.
The webpage that didn't deliver from Norton that has been up all week is
this one:
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2004080212383739?Open&src=ivr_na_con
They plan whenever this happens (it didn't happen on August 10 as the web
page has been announcing all week, to deliver a patch in two parts, the
second after a reboot.
The importance of SP2 working for enterprises and home was in Microsoft's
press release:
http://www.microsoft.com/presspass/press/2004/aug04/08-06WinXPSP2LaunchPR.asp
"With the proliferation of viruses and other broad threats on business
and
consumer desktops, I can think of no higher priority than trying to
ensure
the security of personal computers," said Rob Enderle, principal analyst
for
the Enderle Group. "Whether the customer is a large enterprise, a small
business or an individual, Windows XP Service Pack 2 is critical because
it
addresses today's exposures in a comprehensive fashion. For anyone
currently
using Windows XP, my advice is to apply it at your earliest opportunity."
The disingenuous comment by Symantec Senior Vice-President Stephen Cullen
is here:
"With the proliferation of viruses and other broad threats on business
and
consumer desktops, I can think of no higher priority than trying to
ensure
the security of personal computers," said Rob Enderle, principal analyst
for
the Enderle Group. "Whether the customer is a large enterprise, a small
business or an individual, Windows XP Service Pack 2 is critical because
it
addresses today's exposures in a comprehensive fashion. For anyone
currently
using Windows XP, my advice is to apply it at your earliest opportunity."
Actually in *several papers* available at Technetand MSDN, Microsoft
urges people to uninstall the antivirus before installing SP2. There is
a different story though, from Symantec who advises people to wait for
their patches before installing SP2 on the webpage linked above.
http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2004080212383739?Open&src=ivr_na_con
"Symantec will release a product update to provide native support for the
Windows Security Center status utility found in SP2. This update will be
available worldwide over the coming weeks and will enable Symantec
products to communicate their status to the Windows Security Center
utility."
Symantec asks you to wait, and in the case of their time table for
enterprise editions for a vague range up to 8 weeks:
FAQ Running Symantec Client Security
http://tinyurl.com/6mfsy
http://service1.symantec.com/SUPPOR...882568040070e925?OpenDocument&src=bar_sch_nam
http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999082515392606
"Symantec encourages its customers to install the product update prior to
installing SP2 in order to avoid incorrect reporting from Windows
Security Center."
The "security center" for almost everyone who reads and contributes on
these two groups is pretty moot, since they don't need that very basic
thing to tell them where Technet security links are, or whether their
firewall and AV are "on." But many Norton products require work-arounds
to make a system scan work (can be obtained as well from any web site and
sometimes will work from the command line with SP2 and for some people
will not), to make "Live Update" for what it's actually worth work, and
to boot up with auto protect on.
Actually script blocking and email blocking are duplicative ancillary
functions and hype in a Norton/Symantec AV product--not because those
things aren't important--but because any engineer who works at Symantec
will tell you that Auto-Protect does everything the other two do, and the
other two could actually be turned off and you'd still get email scanning
and script blocking.
Norton Antivirus 2005 actually has a box telling people *explicitly to
turn the Windows Firewall in SP2* off as does their Tech Support
currently (I spoke with several of them yesterday)--the reason being
because NAV 2005 has a little code from their "worm protection" or
firewall which competes with the Microsoft Windows firewall. How much
firewall is available in NAV 2005 is hard to determine (their new "worm
blocking feature.") Obviously it isn't the whole NIS 2005.
NAV 2005 for many people who have used it works fine with SP2 until the
third boot, and then it has the well known freeze in refresh problem that
is addressed sometimes by this Symantec KB which applies to Win XP RTM
although it doesn't say so. A lot of Symantec/Norton KBs are labeled
forone year's version but the same steps apply to versions of Windows and
Norton after 9X. This is corrected by reregistering "jscript.dll" and
downloading and reinstalling Windows Script Host 5.6 and other
components.
The more people they tick off by dragging their feet on compatibility to
force sales of 2005 boxes, the better it may be for the new company, "the
new security vendor on the block," Microsoft Antivirus.
http://news.com.com/Security+vendors+face+new+kid+on+block:+Microsoft/2100-1016_3-5302920.html
Best,
Chad Harris
_____________________________________________________________________
The problem in some cases is (1) a previous version of the beta SP2
software
has been installed, and a program installed during that existence, or (2)
a
software company hasn't updated their software to work with SP2 yet
(example: Norton/Symantec, which is coming out today with an update to
fix
issues). Otherwise, it is very rare a program will fail.
--
Chris H.
Microsoft Windows MVP/Tablet PC
Tablet Creations -
http://nicecreations.us/
Associate Expert
Expert Zone -