D & M Electronics, Inc.
Serving Northern and Central New York

If you were on an Internet connected network, use Norton Antivirus personal edition, and also Microsoft Office products, you probably had an unpleasant surprise.  When opening an existing document, the process would slow to a crawl (or stop if you are on Windows 98) when the "requesting virus scan" appeared.  After some investigation, I found that Norton was requesting a file from Verisign, a popular "security certificate" provider.  The file's location is at   http://crl.verisign.net and the site was running very slow and many times unreachable.  Apparently each time Norton was activated (i.e. file opening), the software would attempt to verify its' integrity using the certificate.  If the certificate was slow in appearing, the software waits and re-tries.  Windows XP has a much better security certificate interface than Windows 98, so Windows 98 was much more affected.  

Symantec originally stated: "The problems you are experiencing appear to be related to an expired VeriSign certificate. To work around this issue, please deselect the "Check for publisher's certificate revocation" option in your Advanced Internet Options. For illustrated assistance with this, please see Symantec's online Knowledge Base document linked below:

Title: 'After updating to the January 7th or 8th virus definitions, your computer slows down and Microsoft Word and Excel will not start'
> Web URL: http://service1.symantec.com/SUPPORT/sharedtech.nsf/docid/2004010810205113 "

This wasn't entirely accurate and they have since updated it. The certificate was valid.  You can download/view it with Windows XP by clicking here.  Class3SoftwarePublishers.crl . Double click on it after you download to take a look.  (This may not work on all computers.)   I'm suspecting what happened is one of two things.  Either Verisign is experiencing a denial of service attack, where their server's Internet address is bombarded by requests, or their just-started free promotion for a 15 day free trial for web server certificates has produced a problem.  I'm thinking that it's more likely a denial of service attack, since Verisign's IP address of 10.0.0.4 shows up in several Internet worm programs.  Time will tell.  I don't particularly like the "workaround".  These certificates help to verify a web site is who they say they are, etc.  I would recommend going to Norton's main screen, pick "Options" and "Miscellaneous" and uncheck the "Office Plug-in" box. If you have other issues, use the Norton recommendation as needed.


Return to home page
Some of our Clients...
Products we sell...
 
 

To get more information or to FAX us: call 1-315-583-5513 or send e-mail to us at mringcne@aol.com.
 
 


This page last updated on January 9, 2004.
Copyright 2004 D & M Electronics, Inc.