Running SEP version 11.0.6005.562 under my employer's corporate license.  Recently started getting these 'pop-up' alerts in the system tray (lower right corner).  Address is DNS Server for Time Warner Cable, but they say to contact Symantec for "updates".  I'd like to upgrade to the latest version (12.1?), but I don't know what the "M" serial number is for my installation.  Can I upgrade without it?  Can the install validate my current installation?

Also, when using Chrome browser, I'm getting a *lot* of pages timing out (not appearing).  This problem seems to have coincided with the "blocked IP Address" tray alerts.  Seems like my machine is under attack.

OS is Vista Home Basic Service Pack 2.  Symantec definitions and OS patches are up-to-date.

This is a known bug in this version so only an upgrade will fix it.

When you log in to https://fileconnect.symantec.com with your serial number you should be able to download the latest version of SEP.

Brian, James:

Thanks for your replies.  Sorry for asking about a 'known problem'.  I'll get the "M" number and upgrade ASAP (to 12.1.4)

That will solve it :)

Have a good day

One other question, though - is this an 'attack' on my computer or just an errant message (or can you tell)?

It's not an attack, it's a false positive due to the bug in that version.

Thanks

You're welcome

Well, it turns out I'm having trouble getting the newer 12,1, 4a version because my employer claims *they* can't get it until "Global Informatics" sends it to them (which I don't believe).  Need to talk to someone else in IT who knows what's going on.  I know of *one* person in IT who downloaded version 12 (64-bit version) for work, so it's certainly possible.  My employer still runs this antivirus software (version 11 right now), so their license is still in effect (including home use by employees).

But anyway, in the interim, I've noticed that the page timeouts I keep getting in Chrome (and Explorer) are being caused by Symantec.  Whenever the timeouts occur (cannot connect to Internet), I disable Symantec in the system tray and the pages load immediately.  I then re-enable Symantec and I'm good for a little while longer (while the "Blocked IP Address" messages keep popping up from the tray).  So it appears that this problem is more than just a false positive.  It's also affecting my browers.

The problem is DNS lookups are being blocked so your browsers cannot resolve the websites IP address to the hostname (ie. 74.125.225.82 to www.google.com)

I've not tested it but you may be able to get around it by setting a static DNS address on your NIC card.

That all makes perfect sense, but *why* are the lookups being blocked?  And was this the result of some Symantec automatic update to version 11 because this problem just started within the last few months?

If I can't get version 12, is there any way I could back the updates out (if that's what caused the problem)?

Also - is Symantec going to develop a patch to version 11?  I could probably download *that* easy enough.

It was patched in the next release.

Client only patches for 11.0.7 are here:

http://www.symantec.com/docs/TECH213507

Brian,

I'm running version 11.0.6005.562 (client only, I believe).  Those patches say they upgrade version 11.0.7 to a higher version of 11.0.7.4.  Can I still use it?  Is it going to bump me to version 11.0.7.4?

Wait - release notes seem to indicate I have to upgrade to 11 RU7 first (from 11.0.6005.562), THEN to RU7 MP4??  Is that correct?

However, looking here:

http://www.symantec.com/business/support/index?page=content&id=TECH103087

I don't see a fix for the problem I'm having ... unless it is described differently.

Fix # 2867420 and a couple of fixes after that appear to dance around the problem, but are not the same problem.  And it's not a smurf attack, either.

Maybe it's 2049673, or 1863574?, or 1586674?

I am running Vista 32-bit, BTW.

From the version you're on, ideally you want to go to 11 RU7 than 11 RU7 MP4.

I can check back thru the release notes to see what I can find.

OK, I did the *two* upgrades ... boy, was it R-O-C-K-Y ... with all kinds of "did not install properly"s and 1 or more of the sub-functions (AntiVirus, Proactive Threat, Network Threat) not working properly each time (sometimes had the Red X, other times the yellow Warning).  Used the "Fix" button, or the "re-install using recommended settings" button (for elements that did not install correctly), and finally arrived at version 11.0.7400.1398 by way of 11.0.7000.975 (with all sub-functions showing green and apparently functioning properly).

Double-clicked 14 patch files in "Patches_SEP32_To975.zip" (223.6 MBytes)

followed by

Double-click of 8 patch files in "SEP32_975To1398_clientMSPMSI.exe" (85 MBytes?).

Does this sound right?

======================

Observations:

That list of patch files online is confusing.  Too many permutations.  It'd be nice if there was some kind of decision tree or "AI Patch Finder" that could take you to the correct patch file based on your current version and where you want to go.

Why isn't there an install file inside these ZIPs that installs all the sub-components for you?  Wasn't sure if I was supposed to double-click on each sub-element or not.