Endpoint Protection Small Business Edition

Looking through various client's computer statuses I found the following message for one site's server:

Well that's interesting, the agent version on a server is "not up to date" with no indication of what is current or what is suggested.

Sure enough ALL of my servers have that status (Windows 2008 / Windows 2012).

Yet, when I went on this client's server and ran the check for software, Live Update reports nothing was found.

So I am wondering:

What does the message really mean?

If it is correct, what version of the agent am I supposed to have?

How am I supposed to update the server to that version?

And why, if this is a server, is there no notice in the PMC that something needs attention?

Thanks again Symantec, for helping me - as an MSP - be proactive!

Hi,

Thank you for posting your query on Symantec community. 

The new Cloud SBE server client has been released. To install the new version, which resolves the vulnerabilities (SYM16-010/011) please uninstall your existing client and then use one of the methods below to re-install:
 
NOTE:  If you have more than one server to re-install I would recommend the redistributable option. You will need to uninstall the existing agent before you proceed with the new install
 
How to Install a Client:
https://support.symantec.com/en_US/article.TECH215636.html
 
 
You do have an option that will allow the install to happen without first uninstalling the existing agent
NOTE: This will reboot the system (once on Desktop OSs and twice on Server OSs) without a warning
- Download a new SymantecPackageCreator.exe 
- Create a new install package from the package creator.
- On a affected system, place the new SymRedistributable.exe at the C:\ location
- Open an Administrative Command prompt, navigate to C:\ and type the following command: SymRedistributable.exe -silent -refreshall
- After pressing enter you should notice no additional prompts. The only way to confirm if the commands worked is to open the task manager and look for the process msiexec.exe (should be there after a few seconds).
- Wait a few minutes to for machine to reboot. After reboot, the agent should be successfully installed.
 
This type of reinstall allows the agents to keep their same Computer Profile in the hosted portal, in the same group, with the same policies applied to it.
  
I will share more information about new client for workstations when I know more.

A workstation agent for desktops/laptops has been released and requires you to take action to update to the latest version. 

At this point auto-update is not available for Symantec.cloud agents but i believe you can expect it within few days. It's mentioned in the HOWTO124395 also. But for immediate upgrade need to uninstall & reinstall. 

Refer this guide: https://support.symantec.com/en_US/article.HOWTO124395.html

It is unacceptable that the auto-update is not available until within "a few days".

We have over 700 computers installed in more than 50 customers (asking us for solution) and claiming for the funcionality of their antivirus... This has been the biggest problem we've had with a Cloud solution.

Yes, for a supposed cloud-based solution, the cloud-based response is often the last one considered for implementation (and even then it is often lacking...).

Same Issue here I've 131 PC in 35 sites the reason I purchased Symantec was because I was supposed to be able to keep clients PC's up to date remotely, now I'm told I have to manually update these agents , Symantec this is no joke fix the agent and issue an auto update of the agent,

For immediate solution uninstall & reinstall is the key.  However, Symantec has not seen evidence of any of these vulnerabilities being exploited in the wild

In case you can't upgrade clients manually i will suggest to wait for some more time. Symantec will make auto update avaialable asap. While many products update themselves automatically & SBE will also get auto update soon. 

We will keep you posted. 

Client desktops are now starting to receive the agent update.

It requires a reboot to activate NIS-22.6.4.5.

On July 14th, 2016, a workstation LiveUpdate was made available. This update will automatically install on workstations, and will require a workstation restart.

A server update will soon be made available via LiveUpdate. This update will automatically install on servers, and will require a server restart. 

Refer this guide for more updates: http://www.symantec.com/docs/HOWTO124395

Chetan, please take this back to those who might listen.

This issue may have been handled quickly but in the typical stumble bumble approach I'm used to from Symantec.

First there's the announcement, then there's a surreptitious update to the hostedendpoint consoles, then a banner blast on the PMC, and finally a "howto" article, oh and an automatic (forced) update.

What's missing from all of this was the proactive notice from Symantec saying:  "Look, we know there's an issue, here's what we plan to do about it, and here are our target dates for taking care of things."

If you, meaning Symantec, knew that there was going to be an automated agent update available within a specific timeframe of the first notice, why - in heaven's name - didn't you say so.  Instead, all we got was "within a few days" - which most of us interpreted to mean, at least a few weeks (because that's what has happened in the past).

This way, MSPs could have let their clients know that there were going to be notices issued by the desktop regarding a reboot BEFORE MSPs got emails and phone calls from clients asking about the notice..

This post never would have been made if Symantec had issued the timeline in the first place indicating that a change to the web portal was coming.

Playing "catch up" in terms of client security is NOT how I want to position my business.