Why Is Symantec So Slow with Updates?

Opinion: McAfee has moved to issuing daily virus definition updates, and many other companies send them even more frequently. Why is Symantec so behind the times?

Every now and then I get a brand-spanking new virus before protection is out for it. This happened last week when a colleague sent me—intentionally, for study—a copy of Sober.J.

I went straight to Andreas Marx of AV-Test, an independent test lab that tracks dozens of anti-virus products on numerous platforms. I wasnt surprised to see that Symantec was among the last to provide protection for the new virus in their public updates; it always seems to be the case.

Almost alone among anti-virus companies, Symantec is providing public updates of their definitions on a weekly basis, unless a significant outbreak (a Level 3 or higher virus) makes an off-schedule change necessary. According to AV-Test, Trend Micro is up to an almost-daily schedule and McAfee just announced that they will be releasing daily incremental updates as of February 23. (Well, sort of daily. No updates on the weekend unless theres an outbreak going on, and they take off Christmas and New Years.)

Actually, Symantec does put out a daily "Intelligent Updater," which is a full package of all definitions. On February 3, the download was 5.94MB and it can be bigger at times. The usual LiveUpdate transfer, the way users typically get their updates, is far smaller, maybe 100KB.

On the other hand, if youre a Platinum Support customer (the super-duper high-end support services for large companies), you can now get daily updates through the new LiveUpdate Plus program. The program, called LiveUpdate Plus, will be available starting February 8, according to Symantec. It will allow users to use LiveUpdate Administrator to download virus definitions and distribute them through their internal LiveUpdate server.

/zimages/2/28571.gifSymantec is considering a new pricing model in which enterprises using Symantecs managed services would pay a single price for all the products and services they purchase from the company. Click here to read more.

I did a quick survey of other major vendors policies. BitDefender releases updates every day, or more frequently if necessary. Kaspersky has a similar policy. Sophos appears to release updates several times a day.

Symantec also releases frequent beta definitions, as often as every 30 minutes. They havent gone through a thorough testing, and the copy I just downloaded is 8.64MB, so you dont want to make casual use of them. Theyre no substitute for real updates.

I have to think—or maybe its just hope—that this "Platinum only" policy for daily updates over LiveUpdate wont last. Platinum customers are already in a good position to protect themselves with good perimeter support, but its the poor fool at home who really needs his anti-virus software to protect him from new threats. Too bad Symantec is taking those users for granted.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

/zimages/2/28571.gifCheck out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

More from Larry Seltzer