Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems
From: Chad Harris (ddram32_nospam_at_yahoo.com)
Date: 08/11/04
- Next message: David Cleland: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Previous message: Atif Rahman: "Re: I.Explorer Icon missing from Desktop"
- In reply to: Chris H.: "Re: After SP2 software will not work; Norton dragging their feet--a lot!"
- Next in thread: David Cleland: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Reply: David Cleland: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Reply: Chris H.: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 11 Aug 2004 14:43:35 -0400
Chris--
I appreciate the Live Update patch came out with their FAQ. One problem is
that *SP2 breaks Live Update* whether you uninstall Norton and install SP2
(as virtually every Microsoft document on SP2 tells you to do) or leave
Norton/Symantec in. The bottom Line is after a lot of game playing and
clicking successive links on Live Update, tripping through multiple Norton
KBs one leading to the next, you have a *LU 1812 error*, whose final move
is to uninstall NSW or NAV manually and meticulously, and after you have
exhuasted it's remedies, it won't fix with SP2 RTM period.
The only way they are delivering the compatibiilty patches for SP2 is
through Live Update. SP2 whether Norton is installed before or after breaks
Live Udpate and you can't get the patch.
The part left out on the KB is to install any other antivirus product--many
will work with SP2.
They are not making any other means avialable to patch Norton other than
Live Update. If it's broken, and their KBs to fix it often don't, you're
stuck with scan not working, booting up and having to turn on Auto Protect
with a right click (minor) and often uninstall problems with Norton
products. Microsoft tells you to install SP2 first (uninstall NAV) and
Norton/Symantec tell you to wait until they are updated (in some cases 8
weeks from now for Enterprise Products according to their enterprise FAQ I
linked before) before installing SP2.
Microsoft tells you to turn their Windows Firewall on; Norton 2005 products
on the last box before you click finish will tell you in a single explicit
box to turn it off. NAV 2005 has a piece of NPF or NIS billed as "worm
protection." How much of a piece and what it actually does compared with
the Windows firewall that has been criticized with respect to outbound
traffic still after SP2 RTM is hard to define. Many people are finding
that the Windows firewall leaves much to be desired right now, as you know,
but I'm sure it will be a different story come Longhorn in 2007.
http://www.symantec.com/techsupp/sp2/faq.html
The answers from Symantec on this FAQ just issued just aren't true in some
cases. There is the paradox that for many, Live Update doesn't work with
SP2 and Norton has elected not to deliver their update patches any other
way. They aren't making them available on their site now. That was a goofy
choice to say the least. The patch to fix what's broken can't be obtained
because you are required to use what's broken to get it--that's not only
ironic and paradoxical--you ain't gonna be able to fix what's broken.
Microsoft wants you to put in SP2 before Norton, and if you put in Norton
first and patch it, SP2 can still break Norton a number of ways. Norton
2005 seems to work pretty well with SP2 until you boot 3 times, and then you
have refresh freezing on all categories on the Norton Integrator or gui
interface, i.e. you can't tell what's on. You can see that email scanning
is working. The important thing of course, is that Auto Protect is
enabled, because in fact Auto Protect includes adequate email scan and
script blocking to the point you could turn the other two off and be just
fine according to every Symantec engineer I talked to--so you have to be
able to determine that Auto Protect is up and running.
I reproduced this and so did others about 25 times.
Sometimes but not all that can be fixed by reregistering jscript.dll, and
downloading and reinstalling Scripten or the Microsoft Windows Script
package including the Windows Script Host 5.6 since IE has to function
correctly to read the Norton interface.
This KB applies to any version of NSW or NIS through 2005 with Windows
versions past 9X. Often Norton doesn't update KBs in version name for
Windows version, but the Norton/Symantec KB will do the job.
The FAQ says:
"Installing Service Pack 2 will have no affect on Norton Personal Firewall
or Norton Internet Security."
Some of the FAQ's are vague to the point of covering anything that will
happen,--I like this one because it avoids saying SP2 can break things that
are Norton/Symantec and it does.
"How will installing Service Pack 2 affect the Symantec Products I have
already installed?"
A. "This varies on the Symantec [Norton as well] products you own." Right.
Many break.
On many boxes, installing SP2 any build will outright break
NIS/NPF any version. It will put up a box that says "You're not the Norton
supervisor" and when you put up the Norton Integrator (the box that shows
what it does with NAV added you can see it but you can't do anything with
it). You'll not be able to uninstall NIS or NPF from Add/Remove, and you'll
have to use a Norton KB that involves 30-45minutes of using a Norton
removal tool, thendeleting several GUID keys and other registry keys,
multiple folders, every Norton file you can track down in ectopic places.
"With Service Pack 2 installed, do I even need my Symantec antivirus and
firewall products? Absolutely."
Norton explicitly tells you to turn the Windows Firewall "*off*" in their
2005 products about to release. I wouldn't run two software firewalls or
more at once, and I don't have data comparing their abilities like stateful
inspection head on with say, ZA, and that info isn't easy to come by now.
What they didn't say in the FAQ is that when you load Norton or Symantec
anything, it's going to tell you to turn your Windows Firewall in SP2
off--last box before "Finished Install."
"Installing Service Pack 2 will have no affect on Norton Personal Firewall
or Norton Internet Security" Just not the case. SP2 can make it difficult
to install, and particularly to uninstall Norton products. I don't know
the numbers in 10,000 boxes for this.
I've found this to be totally *untrue* and reproducable that the firewall
can and will break. Norton also tells you on installation of any 2005
product to *turn off the Windows firewall*. It's the last box before you
click "Finish" on the install of the Norton/Symantec 2005 AV, PF, or NIS.
Norton anti-spam is hype and whatever it does can be spelled a dozen ways
without it.
Norton Go Back reconfigures the Windows Master Boot Record, and I'd just as
soon have someone playing with my elevator lift on the way up the Empire
State Building--it often has the same effect and unhooking Go Back from a
botched Windows boot strap mechanism is simply impossible--their tech
support will tell you they have no clue how and so will MSFT personnel. In
a high percentage of cases, Go Back will destroy partitions in the Windows
Operating System and you won't be seeing that particular OS again ever.
It's refractory to Recovery Console moves or commands and a repair/upgrade
or parallel install will get nowhere.
SP2 can destroy scans in Norton System works, the ability to make it run
after boot, and Live Update the same as in Norton Antivirus.
On some people's boxes the security center will monitor it, but how many
people need the Security Center (none here) need the Security Center to tell
them where Technet is, how to get to Help and Support, or whether their AV
or Firewall are all. Very few individuals who install a Norton product
don't adjust it at the Norton product or who are going to be working with
the Windows Firewall as it evolves and gets better toward Longhorn are going
to be relying on the security center to check on the firewall. My point is
that there are 3 things that happen with multiple versions of NAV that don't
work with SP2--sometimes with the patch update. There are fixes for them,
and sometimes they don't work. System scans, booting up with Auto Protect
Off (it usually can be turned on but sometimes can't--and Auto Protect is
key because it does script blocking/scanning and email scanning--even if you
had them both turned off (they are duplication in Norton/Symantec) auto
protect will cover that functionality. Live Update will often not work with
SP2 and for those people, they can't update to the patches anyway, because
Norton has chosen not to make the patches available any alternative way
which is goofy to say the least.
*Contradiction of Instructions by Microsoft and Symantec/Norton on SP2*
There is also the direct contradiction between Microsoft's instructions and
Norton's. Every place MSFT has an SP2 article at Technet, MSDN, the XP
Expert Zone or any place on MSFT's site, you are told you should uninstall
AV to install SP2.
Symantec and Norton explicitly tell you to wait to install SP2 until you
have updated NAV--and in the case of Symantec patches for enterprise
security, AV, and firewall products there is a vague timetable projecting 8
weeks out from now for release toward the end of September.
When you install a Symantec or Norton 2005 product, it tells you explicitly
to *turn off the Windows firewall--something I know the Networking team and
SP2 team did not strive to have done. NAV 2005 has a piece of their NIS
2005 firewall, so-called "Worm Protection" although how much a piece is
impossible to quantify unless you are a Symantec engineer who has the code.
I do know that Microsoft is definitely developing Microsoft Antivirus
products, but that the publicity campaign for them is non-existent. I would
bet on Microsoft to produce a superior product to Symantec/Norton in a
number of ways, including the ridiculous necessity to read 10 Norton KBs to
do a cascade of work arounds to make a product work. Live Update is a great
example. Scans that fail are another. Clicking a plus to go to a drop down
to get a link to get the 5th KB you've used for one Norton problem is like a
childeren's game. Those come into play with SP2.
I personally hope Microsoft puts Norton and Symantec out of business and
gets their AV product up and running rapidly. I guarantee Symantec is
looking over their big floundering shoulders.
Best,
Chad Harris
_________________________________
"Chris H." <winxpnews@hotmail.com> wrote in message
news:%23Ledkh6fEHA.3348@TK2MSFTNGP12.phx.gbl...
Between your post last night, Chad, and early morning (PDT), I'm seeing
reports of Live Update now downloading the proper fix so the Norton Internet
Security 2004 is now compatible with SP2, and Norton Antivirus is now
properly reporting to the XP Security Center its status.
-- Chris H. Microsoft Windows MVP/Tablet PC Tablet Creations - http://nicecreations.us/ Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone "Chad Harris" <ddram32_nospam@yahoo.com> wrote in message news:Omrhpw2fEHA.3048@TK2MSFTNGP09.phx.gbl... > Unfortunately, Chris, Norton didn't come out with anything yet for home > and small business users on their site and have thus far refused to > specify the degree of backwards compatibility that the promiesed and not > yet delivered patches for *Norton* products would entail. Although there > are go arounds to make SP2 work with any version of Norton product, and > some a little bit Byzantine--the routine where you read one Norton KB and > click on an icon in Live Update to reveal the next KB to read, followed by > a hyperlink in the error message to read the 3rd KB--they all end with > uninstalling Norton appropriately I belive and should add to install a > product from another company. > > The webpage that didn't deliver from Norton that has been up all week is > this one: > > http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2004080212383739?Open&src=ivr_na_con > > They plan whenever this happens (it didn't happen on August 10 as the web > page has been announcing all week, to deliver a patch in two parts, the > second after a reboot. > > The importance of SP2 working for enterprises and home was in Microsoft's > press release: > http://www.microsoft.com/presspass/press/2004/aug04/08-06WinXPSP2LaunchPR.asp > > > "With the proliferation of viruses and other broad threats on business and > consumer desktops, I can think of no higher priority than trying to ensure > the security of personal computers," said Rob Enderle, principal analyst > for > the Enderle Group. "Whether the customer is a large enterprise, a small > business or an individual, Windows XP Service Pack 2 is critical because > it > addresses today's exposures in a comprehensive fashion. For anyone > currently > using Windows XP, my advice is to apply it at your earliest opportunity." > > The disingenuous comment by Symantec Senior Vice-President Stephen Cullen > is here: > > "With the proliferation of viruses and other broad threats on business and > consumer desktops, I can think of no higher priority than trying to ensure > the security of personal computers," said Rob Enderle, principal analyst > for > the Enderle Group. "Whether the customer is a large enterprise, a small > business or an individual, Windows XP Service Pack 2 is critical because > it > addresses today's exposures in a comprehensive fashion. For anyone > currently > using Windows XP, my advice is to apply it at your earliest opportunity." > > Actually in *several papers* available at Technetand MSDN, Microsoft > urges people to uninstall the antivirus before installing SP2. There is a > different story though, from Symantec who advises people to wait for their > patches before installing SP2 on the webpage linked above. > http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx > > http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2004080212383739?Open&src=ivr_na_con > > "Symantec will release a product update to provide native support for the > Windows Security Center status utility found in SP2. This update will be > available worldwide over the coming weeks and will enable Symantec > products to communicate their status to the Windows Security Center > utility." > > Symantec asks you to wait, and in the case of their time table for > enterprise editions for a vague range up to 8 weeks: > > FAQ Running Symantec Client Security > http://tinyurl.com/6mfsy > > http://service1.symantec.com/SUPPORT/nsw.nsf/0f75ab1a9982283d88256c250066dc94/9918704bb68cedfe882568040070e925?OpenDocument&src=bar_sch_nam > > http://service1.symantec.com/SUPPORT/nav.nsf/docid/1999082515392606 > > "Symantec encourages its customers to install the product update prior to > installing SP2 in order to avoid incorrect reporting from Windows Security > Center." > > The "security center" for almost everyone who reads and contributes on > these two groups is pretty moot, since they don't need that very basic > thing to tell them where Technet security links are, or whether their > firewall and AV are "on." But many Norton products require work-arounds > to make a system scan work (can be obtained as well from any web site and > sometimes will work from the command line with SP2 and for some people > will not), to make "Live Update" for what it's actually worth work, and to > boot up with auto protect on. > > Actually script blocking and email blocking are duplicative ancillary > functions and hype in a Norton/Symantec AV product--not because those > things aren't important--but because any engineer who works at Symantec > will tell you that Auto-Protect does everything the other two do, and the > other two could actually be turned off and you'd still get email scanning > and script blocking. > > Norton Antivirus 2005 actually has a box telling people *explicitly to > turn the Windows Firewall in SP2* off as does their Tech Support currently > (I spoke with several of them yesterday)--the reason being because NAV > 2005 has a little code from their "worm protection" or firewall which > competes with the Microsoft Windows firewall. How much firewall is > available in NAV 2005 is hard to determine (their new "worm blocking > feature.") Obviously it isn't the whole NIS 2005. > > NAV 2005 for many people who have used it works fine with SP2 until the > third boot, and then it has the well known freeze in refresh problem that > is addressed sometimes by this Symantec KB which applies to Win XP RTM > although it doesn't say so. A lot of Symantec/Norton KBs are labeled > forone year's version but the same steps apply to versions of Windows and > Norton after 9X. This is corrected by reregistering "jscript.dll" and > downloading and reinstalling Windows Script Host 5.6 and other components. > > The more people they tick off by dragging their feet on compatibility to > force sales of 2005 boxes, the better it may be for the new company, "the > new security vendor on the block," Microsoft Antivirus. > > http://news.com.com/Security+vendors+face+new+kid+on+block%3A+Microsoft/2100-1016_3-5302920.html > > Best, > > Chad Harris > _____________________________________________________________________ > > > > "Chris H." <winxpnews@hotmail.com> wrote in message > news:%2317WUfwfEHA.636@TK2MSFTNGP12.phx.gbl... > The problem in some cases is (1) a previous version of the beta SP2 > software > has been installed, and a program installed during that existence, or (2) > a > software company hasn't updated their software to work with SP2 yet > (example: Norton/Symantec, which is coming out today with an update to > fix > issues). Otherwise, it is very rare a program will fail. > -- > Chris H. > Microsoft Windows MVP/Tablet PC > Tablet Creations - http://nicecreations.us/ > Associate Expert > Expert Zone - www.microsoft.com/windowsxp/expertzone > > > "KMO" <teardrops@aol.com> wrote in message > news:Xns95416BD9E3EF4KMO@216.168.3.50... >> "Mike Williams [MVP]" <mikew@Nospam]mvps.org> wrote in >> news:#5FkhRmfEHA.2764@TK2MSFTNGP11.phx.gbl: >> >>> Some software is known to fail on SP2 due to new security settings. >>> >> >> Well that doesn't sound very inviting! > >
- Next message: David Cleland: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Previous message: Atif Rahman: "Re: I.Explorer Icon missing from Desktop"
- In reply to: Chris H.: "Re: After SP2 software will not work; Norton dragging their feet--a lot!"
- Next in thread: David Cleland: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Reply: David Cleland: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Reply: Chris H.: "Re: After SP2 and the LU Patches Norton Products Still Have a Panopoly of Problems"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
