An older Symantec root certificate, SymRoot1, will expire on April 30, 2011. With an expired certificate, older LiveUpdate clients would no longer authenticate, download, or install content such as AntiVirus definitions or product updates. 

 

To allow customers additional time to plan migrations, Symantec has introduced a workaround that allows LiveUpdate to continue to successfully authenticate valid content from Symantec through July 4, 2013. Note that after your product version reaches its End of Support Life, definitions may not be available after that time. We  recommend that you periodically check our website by first selecting your product, then clicking on "release details," for information with respect to the dates of End of Life and End of Support Life for your specific Licensed Software.

In addition, a newer Symantec root certificate, SymRoot2, will expire on August 23, 2020.  Newer Symantec products and recently patched products are compatible with SymRoot2.   All customers utilizing SymRoot1-based products are recommended to upgrade to SymRoot2-based products.

What is the impact of using SymRoot1 definitions after the certificate expiration?
The product will continue to download and install new updates, such as AntiVirus definitions and product updates.  You do not need to do anything to continue to receive definitions for these products after the certificate expiration, but you are encouraged to upgrade to a version that supports SymRoot2 as soon as feasible.

Will products without SymRoot2 support still be able to use Intelligent Updater or Rapid Release to update definitions?
Yes, Intelligent Updater and Rapid Release definition packages will be signed by both SymRoot1 and SymRoot2.

Which products are affected?
The following table shows which product versions support SymRoot2 in green, which product versions will continue to receive SymRoot1 definitions after the certificate expiration in orange, and which product versions require an upgrade in red.

My product version will not be updated.  How do I upgrade?
If possible, Symantec recommends that you upgrade to a version that supports SymRoot2.  SymRoot2 compatible products appear in green in the table above.  You can download the latest version of your product from File Connect or from the Business Critical Services Web site.

For some products, you may need to apply patch instead of upgrading.  Please refer to the following links for more information to assist you with migration.

Endpoint Protection/ AntiVirus Corporate Edition

·          Endpoint Security Migration and Installation

·          Symantec Endpoint Protection 11.0 Frequently Asked Questions

·          Migration paths for Symantec Endpoint Protection 11.0

AntiVirus for Linux
How to obtain the latest release of Symantec AntiVirus for Linux

AntiVirus for Macintosh
Symantec recommends that you upgrade to Endpoint Protection for Macintosh to receive SymRoot2-signed content. 

Brightmail Gateway (formerly Mail Security 8300/8200 Series)
How to upgrade a Symantec Mail Security Appliance or Symantec Brightmail Gateway to its latest release

Enterprise Security Manager
If you use Enterprise Security Manager 9.x, download and run the installer for LiveUpdate 3.3.  If you are upgrading to a new version of Enterprise Security Manager, follow the installation guide for your version on the Enterprise Security Manager Documentation page.

IM Manager
How to upgrade IM Manager to a newer version

Mail Security for Domino

• Mail Security for Domino product documentation
• Upgrading to Symantec Mail Security for Domino 8.x on Windows
• Upgrading to Symantec Mail Security for Domino 7.5

Mail Security for Domino Multi-Platform Edition
If you use Mail Security 3.2 for Domino Multi-Platform Edition, your product can continue to download SymRoot1 definitions after certificate expiration; however, you are encouraged to apply a Java LiveUpdate patch to update your product to be SymRoot2 compatible.  For directions, read Patching Symantec Mail Security 3.2 for Domino Multi-Platform Edition for SymRoot2 compliance.

• Mail Security for Domino Multi-Platform Edition product documentation
• System requirements for Symantec Mail Security 8.0 for Domino Multi-Platform Edition
• System Requirements for installing Symantec Mail Security 3.2 for Domino - MPE on AIX
• System Requirements for installing Symantec Mail Security 3.2 for Domino - MPE on Linux
• System Requirements for installing Symantec Mail Security 3.2 for Domino - MPE on Solaris
• System Requirements for installing Symantec Mail Security for Domino — MPE on OS/400

Mail Security for Microsoft Exchange

• Mail Security for Microsoft Exchange product documentation
• About upgrading to Symantec Mail Security 6.5 for Microsoft Exchange from a previous version
• How to upgrade to Symantec Mail Security for Microsoft Exchange 6.0.9 or later on Exchange 2007
• How to upgrade to Symantec Mail Security for Microsoft Exchange 6.0.x
• Upgrading Symantec Mail Security for Microsoft Exchange in a Microsoft Cluster implementation

Mail Security for SMTP
Migrating from Symantec Mail Security for SMTP to Symantec Brightmail Gateway

Scan Engine
How to Upgrade to Scan Engine 5.2
Note:  Scan Engine connector products do not download virus definitions on their own. Ensure that your version of Scan Engine is compliant. 

Security Information Manager
The SymRoot2-compliant version of Security Information Manager 4.7 MP3 is now available and can be downloaded from File Connect.  Before you upgrade, read Best practices before updating or upgrading your Symantec Security Information Manager environment.

Java LiveUpdate upgrade patches will also be made available for customers who run Security Information Manager version 4.5, 4.6 and earlier versions of 4.7, Symantec Event Agent 4.7, SSIM Agent 4.5, and SESA Agent 2.5.2. For details, read Download Security Information Manager Java LiveUpdate Upgrade Patch.