Security (MS)

Here are a long list of version numbers that can easily be 'rooted' by bot networks, which are "great" at sending spam, so if you are running any of these versions of Symantec Anti-Virus:

10.0.0.x:
Any 10.0.0.x release (10.0.0.359+)
Honestly, I would upgrade immediately due to all the memory leaks and performance problems with these early versions.

10.0.1.x:
10.0.1.1000 , 10.0.1.1007, 10.0.1.1008
These versions are what 10.0.x should have been. They tend to work out of the box just fine, but you'll still want to upgrade to avoid the exploitable parts.

10.0.2.x:
10.0.2.2000, 10.0.2.2001, 10.0.2.2010, 10.0.2.2020
These versions plug a few more memory leaks and some obscure bugs. You'll want to patch them anyway to avoid exploits.

10.1.0.x:
10.1.0.394
10.1.0.400
If you're running these, you might as well go right to 10.1.5.5001 (the current release) since there are a lot of bugs fixed and it is patched for the exploits.

Confused yet? I know I find their version scheme a bit hard to follow.

I still think their LiveUpdate service should automatically notice you are running an older release, and as long as you are properly licensed, offer to upgrade to the latest and greatest. Trying to stay current on what exactly is the current build can be a daunting task.

You can read the release notes for 10.1 here.

You can read about the exploitable code and a version update matrix for SYM06-10 here.

I'm starting to wonder if the programmers over at Symantec ever profile their programs or look for memory leaks before sending out a new release. My biggest impression of SAV 10 and 10.1 overall has been "bloated Elvis resource usage" and "leaks memory more than a programmer just learning about pointers in C".

You can read the release notes here.

I have to admit their release cycles are a bit scattered too. Some patches are available for public download from their site and other patches are downloadable from their secured site. They don't seem to 'announce' when newer revisions are put online overall either. I typically stumble upon them when deploying SAV on a customer rollout/rebuild.

I still see way too many copies of v10.0.0.398 on Windows servers. Many of the early v10 versions are non-paged pool memory leakers that result in very strange crashes.