Those by @sorgthomas are the same. File: Symantec_Endpoint_Protection_14.3.0_RU6_b9210_Win64-bit_Client_EN.exe SHA256: 8dc1f9665c9c70ff08472827415f73f81b2c77ba67fff7ad8a24a7704694a349 File: Symantec_Endpoint_Protection_14.3.0_RU6_Refresh_Win64-bit_Client_EN.exe SHA256: 8dc1f9665c9c70ff08472827415f73f81b2c77ba67fff7ad8a24a7704694a349
Does this Anti-Virus software has real time protection against the malware that comes from plugging in the USB ?
Odd this version 14.3.9205.6000 is not included on such list Btw server is having download issues cause I cannot download Symantec_Endpoint_Protection_14.3.0_RU6_Win64-bit_Client_EN.exe
@BetaTesta A mystery inside an enigma Give a few days and Broadcom may update their list 14.3.9205.6000 is maybe redacted as well (for unknown reasons) - who knows I didn't know there was a 14.3.8289.5000 of RU5 - last release to run on x86 Thanks for pointing out
In my opinion, because MDL is a users forum, one of its primary purposes should be to promote good computer "hygiene" practices. To me, this means, in part, to encourage users to engage in practices that minimize the possibility of spreading malware. In other words, whenever possible, support the use of software (especially antivirus software) that mitigates the likelihood of installing software that compromises one's machine and minimizes the risk of spreading malware to others. In the case of anti-virus software, which is one of our first lines of defense against malware, it makes unimpeachable sense to me to only install on one's machine software that has been released by the manufacturer and is digitally signed so that its integrity is assured. When Broadcom distributes a new update to Symantec Endpoint Protection (SEP), it does so as a compressed, digitally signed, executable file. Broadcom appears to like the convention of referring to its files as having a "fingerprint" to demonstrate their validity. The most current release of SEP is reported by Broadcom at: h**ps://knowledge.broadcom.com/external/article/154575/versions-system-requirements-release-dat.html Here one finds that the most recent release of SEP is: Symantec_Endpoint_Protection_14.3.0_RU7_Win64-bit_Client_EN.exe This refers to Release Name - 14.3 RU7 Version (build number) - 14.3.9681.7000 Release Date - March 24, 2023 Like previous versions, this latest version of SEP is both compressed and digitally signed; it is distributed by Broadcom as a 7-zip executable file. When executed, this extracts itself into a temporary file, executes the Setup file, and then clean-ups after the install is complete. So, what could possibly be the motivation for someone to extract this signed file and then re-compress it into another format such as the typically found *.rar format? Certainly there is no download benefit to the end user because the original file from Broadcom was already compressed. Furthermore, by extracting the original file and then re-compressing it, the digital signature information from Broadcom is lost. And, who knows whatever other changes may have been made to Broadcom's original executable? Regardless of how reputable the distributor is, there is simply no good reason to unpack the original Broadcom distribution file and there is no good reason for the end user to assume the risk of installing an antivirus program of unknown provenance. The point of my argument is simple: the integrity and authenticity of the re-compressed file is unknown because the digital signature from Broadcom has been lost. Consequently, a person who uses a re-compressed SEP antivirus program file of unknown provenance places their computer at risk of being compromised. I think the way forward is clear - don't do it. Wait until the digitally signed file from Broadcom is available.