Happy New Year! What Certificate Servers, Norton Antivirus, and Word have in common plus security (?) with Windows update...
The day Word slowed to a crawl...
If you were on an Internet connected network, use Norton Antivirus personal edition, and also Microsoft Office products, you probably had an unpleasant surprise. When opening an existing document, the process would slow to a crawl (or stop if you are on Windows 98) when the "requesting virus scan" appeared. After some investigation, I found that Norton was requesting a file from Verisign, a popular "security certificate" provider. The file's location is at http://crl.verisign.net and the site was running very slow and many times unreachable. Apparently each time Norton was activated (i.e. file opening), the software would attempt to verify its' integrity using the certificate. If the certificate was slow in appearing, the software waits and re-tries. Windows XP has a much better security certificate interface than Windows 98, so Windows 98 was much more affected.
Symantec originally stated: "The problems you are experiencing appear to be related to an expired VeriSign certificate. To work around this issue, please deselect the "Check for publisher's certificate revocation" option in your Advanced Internet Options. For illustrated assistance with this, please see Symantec's online Knowledge Base document linked below:
Title: 'After updating to the January 7th or 8th virus definitions, your computer slows down and Microsoft Word and Excel will not start'
> Web URL: http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2004010810205113 "
This wasn't entirely accurate and they have since updated it. The certificate was valid. You can download/view it with Windows XP by clicking here. Class3SoftwarePublishers.crl . Double click on it after you download to take a look. (This may not work on all computers.) I'm suspecting what happened is one of two things. Either Verisign is experiencing a denial of service attack, where their server's Internet address is bombarded by requests, or their just-started free promotion for a 15 day free trial for web server certificates has produced a problem. I'm thinking that it's more likely a denial of service attack, since Verisign's IP address of 10.0.0.4 shows up in several Internet worm programs. Time will tell. I don't particularly like the "workaround". These certificates help to verify a web site is who they say they are, etc. I would recommend going to Norton's main screen, pick "Options" and "Miscellaneous" and uncheck the "Office Plug-in" box. If you have other issues, use the Norton recommendation as needed.
In the last several newsletter I said "If you use Windows XP, use the Windows Update and load the Security patches." It still applies. Windows Update is also available manually inside Internet Explorer. Look on the menu bar under "Tools" where you can run it manually. On XP, if you want to adjust the settings for it, right click on "My Computer", pick "Properties", then select the "Automatic Updates" tab. To prevent viruses, ALWAYS keep your virus checker updated. Be sure to download/run the latest version of AdAware... available at http://www.lavasoftusa.com.
Until next time... Happy Computing !
To get more information or to FAX us: call 1-315-583-5513 or send e-mail to
us at firstname.lastname@example.org.