[ISN] Symantec subscription glitch derails users

From: InfoSec News (alerts@private)
Date: Fri Feb 23 2007 - 01:24:52 PST


http://www.theregister.co.uk/2007/02/22/symantec_subscription_glitch/

By John Leyden
22nd February 2007

Symantec has apologised after a glitch with its software resulted in 
"small group" of its customers been falsely advised that their software 
subscriptions had expired early.

The early renewal alert SNAFU affected an unknown number of users of 
2006 versions of Norton products. Users of 2005 and the latest (2007) 
versions of Norton-branded security products from Symantec were not 
affected.

In a statement, Symantec said the glitch was "caused by a technical 
problem within the subscription client, which has since been identified 
and for which a fix is now available. Norton customers with 2005 or 2007 
product versions are not affected by this issue".

Symantec published a patch designed to address the problem in January 
( http://service1.symantec.com/SUPPORT/custserv.nsf/docid/2006072017131546 ), 
which it has subsequently pushed out to customers via its LiveUpdate 
service, the feature of its software packages used to obtain new 
anti-virus definition files or program updates.

However, Reg readers who informed us of the problem only began 
experiencing problems at the start of February. For Reg reader Tim, for 
example, his problems with Norton Internet Security 2006 began when the 
software warned him his machine wasn't protected against a Trojan.

"LiveUpdate would not work, just kept coming back and telling me my 
machine was not protected and when I tried to manually activate 
LiveUpdate it said that LiveUpdate was currently running in the 
background and that it should finish the session it went on in a 
continuous circle," he told us.

Symantec told Tim how to fix the initial problem, after which the 
software worked for a few days before he was confronted by a bogus 
subscription expired notice when he had more than five months left to 
run on his subscription. "I got on to Symantec, they told me I needed to 
synchronise my machine with the Symantec server, they gave me 
instructions which I followed, and the machine then returned to the 
correct number of unexpired days. The laptop was on auto LiveUpdate and 
auto scan," he added.

Tim said he only knew how many days he had left on his license because 
he had written it down on his installation CD. He asks: "How many other 
people just paid up and renewed without knowing how many days/months 
they had left? Will Symantec refund those people who renewed in error?"

Symantec said users with queries about the problem, whether financial or 
technical, needed to contact its customer support staff. The security 
giant acknowledged that users might still be encountering the issue for 
the first time due to synchronisation problems.

"Customers still receiving incorrect notifications that their 
subscription is due to expire are advised to run LiveUpdate as soon as 
possible, or to check that their product is correctly synchronised with 
Symantec's client licensing server to ensure the subscription date is 
correct," it said.

More information on synchronisation can be found here [1].

Symantec explained that Norton 2006 customers with an up to date 
subscription are automatically eligible for all features available 
within the 2007 versions of the products. This would happen, for 
example, where users bought a yearly subscription in June 2006, a few 
months before the release of the Norton 2007 line-up. Users in this 
category experiencing subscription glitches are able to upgrade to the 
2007 version in order to resolve the problem, as explained here [2].

The early renewal flap is unrelated to a problem some business users 
experienced in December that meant they weren't easily able to 
repurchase renewed subscriptions once the Symantec licences had expired.

[1] http://service1.symantec.com/SUPPORT/custserv.nsf/docid/2006061512022446
[2] http://service1.symantec.com/SUPPORT/custserv.nsf/docid/2006092713233646


______________________________________
Subscribe to the InfoSec News RSS Feed
http://www.infosecnews.org/isn.rss



This archive was generated by hypermail 2.1.3 : Fri Feb 23 2007 - 01:41:08 PST