Product Update - 21.3 of Norton Internet Security, Norton AntiVirus and Norton 360
[Updated on May 15 2014: Version 126.96.36.199 has released for Norton 360]
[Updated on June 05 2014: Version 21.3 has released for Comcast Norton Security Suite]
Dear Norton Community,
We are glad to announce that we have completed testing our latest inline release of Norton Internet Security, Norton AntiVirus, Norton 360 188.8.131.52 and Comcast Norton Security Suite 21.3 which contains a Permanent Fix for the HEARTBLEED Vulnerability Bug. This update is also available via Norton Update Center.
To receive the update, simply run LiveUpdate and download the update. A reboot will be required.
To verify you have the update, launch the Main User Interface, click on Support, and select About. The version number of the new release for Norton Internet Security and Norton AntiVirus will be 184.108.40.206
The FAQ below tries to answer some common questions:
1. What is the version number for this patch?
The version number is 220.127.116.11
2. What is heartbleed?
Heartbleed is a name that security researchers have given to a serious bug found in a very common piece of software used by many websites. The software in question is called OpenSSL and is used to encrypt the information that you send to and from websites, such as your login name and password or other sensitive information. You can usually recognize when websites encrypt information when you see a little closed padlock near the address of the website in your browser.
OpenSSL versions 1.0.1 through 1.0.1f (inclusive) are vulnerable. Unfortunately there are many different software implementations used to implement this encryption and there is no easy way to know whether or not a given website is running the particular version of OpenSSL that this bug is present in. We believe that most large websites reacted quickly to the news of the Heartbleed bug and fixed it. However, it will likely take a very long time for every website to do so.More about Heartbleed: http://heartbleed.com/ 3. What public statements have been published? Norton Knowledge Base: Information on Norton products and the Heartbleed Vulnerability Norton Knowledge Base: Information on Norton Identity Safe and the Heartbleed Vulnerability Norton Protection Blog: Heartbleed Bug: What You Need to Know and Security Tips
4. When will I receive the patch?
As is standard practice, we are deploying the patch in a phased manner. We have released the patch to randomly selected customers, and will then monitor our telemetry, as well as this forum, for any problems or issues. Once we have confirmed the effectiveness of the patch, we will make it available to all customers. We will post an update on the Norton Community Forums when we make the patch available to all customers.
5. I see the engine for this version on my system, but my product hasn't updated. What's wrong?
Nothing is wrong; that's how our updates are distributed for the phased approach. The update comes in 2 parts, and most people will get the engine. Both parts together will get your product updated.6. What are the changes in this release? - Added a new client with updated and secure version of OpenSSL - Patched IDSafe which also picks up the new client build - Fixed an issue where Norton Product crashes when Norton Tasks window kept open. [Link] - Fixed an issue where users were unable to login/logout from the Norton Main User Interface [Link 1] [Link 2] - Few in-field fixes
If you have any questions, feel free to let us know on the forums!