Why Is Symantec So Slow with Updates?

By Larry Seltzer  |  Posted 2005-02-08 Print this article Print

Opinion: McAfee has moved to issuing daily virus definition updates, and many other companies send them even more frequently. Why is Symantec so behind the times?

Every now and then I get a brand-spanking new virus before protection is out for it. This happened last week when a colleague sent me—intentionally, for study—a copy of Sober.J. I went straight to Andreas Marx of AV-Test, an independent test lab that tracks dozens of anti-virus products on numerous platforms. I wasnt surprised to see that Symantec was among the last to provide protection for the new virus in their public updates; it always seems to be the case.

Almost alone among anti-virus companies, Symantec is providing public updates of their definitions on a weekly basis, unless a significant outbreak (a Level 3 or higher virus) makes an off-schedule change necessary. According to AV-Test, Trend Micro is up to an almost-daily schedule and McAfee just announced that they will be releasing daily incremental updates as of February 23. (Well, sort of daily. No updates on the weekend unless theres an outbreak going on, and they take off Christmas and New Years.)

Actually, Symantec does put out a daily "Intelligent Updater," which is a full package of all definitions. On February 3, the download was 5.94MB and it can be bigger at times. The usual LiveUpdate transfer, the way users typically get their updates, is far smaller, maybe 100KB.

On the other hand, if youre a Platinum Support customer (the super-duper high-end support services for large companies), you can now get daily updates through the new LiveUpdate Plus program. The program, called LiveUpdate Plus, will be available starting February 8, according to Symantec. It will allow users to use LiveUpdate Administrator to download virus definitions and distribute them through their internal LiveUpdate server.

Symantec is considering a new pricing model in which enterprises using Symantecs managed services would pay a single price for all the products and services they purchase from the company. Click here to read more. I did a quick survey of other major vendors policies. BitDefender releases updates every day, or more frequently if necessary. Kaspersky has a similar policy. Sophos appears to release updates several times a day.

Symantec also releases frequent beta definitions, as often as every 30 minutes. They havent gone through a thorough testing, and the copy I just downloaded is 8.64MB, so you dont want to make casual use of them. Theyre no substitute for real updates.

I have to think—or maybe its just hope—that this "Platinum only" policy for daily updates over LiveUpdate wont last. Platinum customers are already in a good position to protect themselves with good perimeter support, but its the poor fool at home who really needs his anti-virus software to protect him from new threats. Too bad Symantec is taking those users for granted.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog. More from Larry Seltzer
Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.

He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.

For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.

In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.

Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel