F-Secure publishes hotfix on proprietary update validation mechanism
F-Secure's proprietary update validation mechanism will expire and hotfixes are required to ensure that affected products continue receiving updates after Monday, May 27th 2013. Installation of the hotfixes are mandatory to ensure that products receive and install new incoming updates and continue working normally in the following scenarios.
Impact: Affected products that are installed AFTER the old signing mechanism has expired will be unable to validate and install some or all updates downloaded from F-Secure.
The affected product versions are:
- F-Secure Client Security 9.x
- F-Secure Anti-Virus for Workstations 9.x
- F-Secure Anti-Virus for Windows Servers 9.x
- F-Secure Anti-Virus for Citrix Servers 9.x
- F-Secure Protection Service for Business 9.x
- F-Secure E-mail and Server Security 9.20
- F-Secure Server Security 9.20
[EDIT 23 May 2013: Added ESS 9.20 and SS 9.20 to the list above]
Note: Affected products that were installed and receiving updates PRIOR to the expiration date will continue to work normally without user action.
Note: Protection Service for Business 9.x hotfix is delivered through channel update and should not require further activities from the user. Other products require an administrator to apply the hotfix.
Note: Restart is not required after installing this hotfix.
The following products are not affected:
- F-Secure E-mail and Server Security 10.00
- F-Secure Client Security 10.00
- F-Secure Anti-Virus for Workstations 10.00
- F-Secure Internet Gatekeeper for Linux (all supported versions)
- F-Secure Linux Security (all supported versions)
- F-Secure Messaging Security Gateway 7.0.2
- All supported F-Secure Mac products
F-Secure products receive signature and technology updates over the network automatically. All these updates are signed using proprietary technology with strong cryptography and are validated before being taken into use. A new improved version of this technology has been developed to replace the old one. This new technology is already included in most of our products and used widely for most of our recent components.
The certificate used by the old system is about to expire and extending the support for the old signing mechanism is not possible. We have already deployed technology updates to most of our products to ensure they remain unaffected. Most of the existing systems continue to run normally throughout the transition without any required user action. In some scenarios updates are still using the old mechanism and require a hotfix to recover. In these cases a hotfix is mandatory in order to ensure normal functioning after the old signing mechanism stops working.
If you have any queries or comments, please post them in the F-Secure Community.