COMMAND

    NAI AntiVirus Update

SYSTEMS AFFECTED

    WinNT

PROBLEM

    Ryan Hill found following.  It's bacicly same and connected to:

	http://oliver.efri.hr/~crv/security/bugs/NT/nai.html

    The latest release 4.0.3.345 build also has known issues using the
    Internet  AutoUpdate  feature  for  updating  dat  files.   During
    Internet AutoUpdate  sessions, the  message "could  not connect to
    AutoUpdate server" is displayed  and the virus signature  datfiles
    are *not* upgraded, despite correct configuration in the registry.
    The current configuration key for Internet update is:

	HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\Update\ScriptLoc

    It is of type REG_SZ and correctly reports the update location  of
    "/pub/antivirus/datfiles/4.x".   Tests  attempting  to  update the
    datfiles remotely from another workstation with updated dat  files
    have not been successful.

    If  you  choose  to  NOT  install  client scanning features of the
    product,  an  error  will  occur  when  you  attempt to access the
    Anti-Virus settings for any  mailbox.  The message  reads: "ERROR:
    The mailbox for notifications cannot be resolved.  Please reselect
    the mailbox."  This error message is also a known issue and  while
    cryptic, will probably be fixed in the next service pack or build.

    There is also and incorrect version key created in the registry
    during the install:

	HKEY_LOCAL_MACHINE\SOFTWARE\Network Associates\4.0.2

    should read 4.0.3 but this  bug does not have any  obvious affects
    on server operation and is  not reported in the release  notes for
    the product.  This  bug has been reported  to NAI tech support  by
    myself during a previously opened support incident.

    Finally,  a  few  notes  on  the  installation  of  this  product.
    GroupShield  4.x  installations  are  VERY  picky  about   account
    permissions and in addition to the very specific installation line
    items  mentioned  in  the  release  notes,  the following are also
    required but not mentioned (probably assumed).

    1.) Administrative  shares  must  be  active  on  the drive  where
	Groupshield is to be installed.
    2.) The Exchange Service Account (also used for installation) must
	have FULL CONTROL permissions to all Exchange related shares.
    3.) The Exchange Service Account must also have FULL CONTROL  NTFS
	permissions to all Exchange Server operating directories.

SOLUTION

    The current workaround  is to manually  download dat file  updates
    and to update  the files locally  from the Exchange  Server.  This
    bug has also been reported to NAI tech support by myself during  a
    previously opened support incident.