More Vendors Report SP2 Woes

Security vendor McAfee told CRN this week that its flagship VirusScan product prior to version 7.1 requires a custom patch from McAfee in order to be operational with Windows Security Center, a utility in SP2 that monitors third-party security tools.

Steve Crutchfield, director of product marketing for McAfee, Santa Clara, Calif., said the vendor's enterprise Desktop Firewall product also requires a patch before it can function with Windows Security Center.

Depending on the exact McAfee product, the patch McAfee will offer to remedy the two affected product categories could take months to arrive, explained Crutchfield, who said, "Generally speaking, if (a patch) is not available now, they will be available in the next quarter or so."

McAfee's security rival Symantec, Cupertino, Calif., posted a support bulletin on its Web site last week to help customers understand which products required a Symantec patch to function with Windows Security Center. McAfee, on the other hand, has only offered a McAfee/SP2 interoperability FAQ sheet and white paper available to channel partners who request them.

"We make it available if they ask us," said Crutchfield, adding that McAfee was in the process of finalizing a Web page addressing the SP2 issues.

Crutchfield emphasized that all of McAfee's products operate properly after an SP2 upgrade, and that the problem was merely that of McAfee products being able to be recognized as operational by Windows Security Center. Crutchfield said it was McAfee's position that its enterprise customers would likely not employ the Windows Security Center utility following an SP2 upgrade.

Other stories of SP2 incompatibilities have been filtering out as well.

Groove Networks, Beverly, Mass., is now testing a workaround that would let its Groove Virtual Office software work with the Windows update. Details can be found on Groove's site.

SonicWall is also scrambling to get its products in step with SP2. The Sunnyvale, Calif.-based vendor this week issued an update, VirusScan ASaP 2.8.1, that a company bulletin said "resolves previously reported integration problems with Windows XP SP2, specifically the XP SP2 enabling the Internet Connection Firewall in default configuration."

Before the availability of SonicWall's VirusScan ASaP 2.8.1 release, the default configuration of the Internet Connection Firewall "inhibited communications and services required for the VirusScan ASaP Automatic Update feature," the bulletin said.

SonicWall's fix was placed in production and pushed to all of its current Network Anti-Virus subscribers on Aug. 16.

The SP2 critical update is being touted by Microsoft as key to fixing security flaws. But it involves significant code-rewrites of the OS, which have broken even relatively recent applications, even some, Microsoft CRM for example, by Microsoft itself.