Symantec Y2K10 Date Stamp Bug Hits Endpoint Protection Manager

The start of 2010 has tripped up Symantec Endpoint Protection Manager, as updates issued since 11:59 p.m. Dec. 31, 2009, have been labeled as "out-of-date."

The new decade has brought a slight hiccup to users of Symantec Endpoint Protection Manager.

According to the company, the product is incorrectly labeling updates issued in 2010 as out-of-date. The issue impacts the Endpoint Protection v11.x and Endpoint Protection Small Business Edition v12.x product lines.

"Customers running SEP (Symantec Endpoint Protection) are still protected, and we are continuing to release updated definitions as normal," according to the company blog. "However, for the time being, SEP definitions will display a date of December 31, 2009, with increasing revision numbers.

"For those customers also running NAC who have Host Integrity configured to check their clients definitions, this issue will cause the HI check to fail," the advisory continued. "The following options are available to you:

  • To more accurately, for now, report on SEP clients that are genuinely behind on AV/AS defs, statically set the min allowed def date to be 30/12, so anything older than this fails HI.
  • Disable the HI check on definition date.
  • For the specific AV/AS definition date check, you could temporarily check the box to 'allow HI to pass even if it fails,' so you can still log and report centrally on HI results."

Symantec is working on a permanent fix and will update customers as soon as possible, according to the blog.