This document lists the new fixes and component versions in Symantec Endpoint Protection (SEP) 12.1 Release Update 6 Maintenance Pack 10 (12.1.6 MP10). This information supplements the information found in the Release Notes.

• New fixes
• Component versions

New fixes

After a migration, the SEP client for Windows reboots continuously

Fix ID: 4161107

Symptoms: The Windows client unexpectedly requests multiple restarts after an upgrade from Symantec Endpoint Protection 12.1.6 MP5 to version 14.0 MP2.

Solution: SymEFA was changed so that it only loads a Windows .dll in the appropriate conditions.

AutoProtect conflicts with CommVault

Fix ID: 4157599

Symptoms: SRTSP64 conflicts with the backup program CommVault Simpana SP15.

Solution: Skip the backup files that open during the scan.

Multiple zombie processes observed with SEP client for Linux

Fix ID: 4157603

Symptoms: Multiple zombie processes spawn when the Symantec Endpoint Protection client for Linux runs.

Solution: Wait for the proper termination of processes before removing the dependencies.

SEP clients do not honor the LiveUpdate Settings policy

Fix ID: 4158757

Symptoms: LiveUpdate on the Symantec Endpoint Protection client occasionally attempts to access the default host list or the host list for a different location or policy. It does not use the correct custom host list again until a location change or a policy update.

Solution: Resolved the timing issue that causes this situation to happen.

Windows Firewall in Windows 10 Fall Creators Update cannot be disabled after installing SEP 14.0.1

Fix ID: 4142774

Symptoms: After the installation of the Symantec Endpoint Protection client version 14.0.1 (14 RU1), the client firewall can't take ownership of the Windows Defender Firewall on Windows 10 Fall Creators Update (build 1709). This occurs because the query for the Windows firewall service uses the access right SERVICE_ALL_ACCESS access right, which the operating system denies.

Solution: Updated the query to use the proper access right, which is sufficient to query the service status.

Risk logs are not uploaded to a secondary SEPM after the primary one goes down

Fix ID: 4157597

Symptoms: Logs fail to upload to a secondary Symantec Endpoint Protection Manager when the primary one is down.

Solution: Changed the behavior for the upload of critical logs to upload logs to the current server (last connected) instead of the first server in the master server list.

When the SEP client executes a scheduled scan, ccSvcHst.exe uses 100% CPU

Fix ID: 4157600

Symptoms: When the Symantec Endpoint Protection client executes a scheduled weekly full scan, you see the CPU usage of ccSvcHst.exe spike in the Task Manager to 100%.

Solution: Fixed a registry return value when deleting a key that causes excessive processing.

Scheduled LiveUpdate never runs on unmanaged clients when there is no default gateway network configuration

Fix ID: 4157602

Symptoms: If you have configured an internal LiveUpdate server for use with Symantec Endpoint Protection clients and the client computer has no default gateway, then a scheduled LiveUpdate does not download content from the local LiveUpdate Server.

Solution: Fixed a check that required an outside network connection when an internal LiveUpdate server is involved.

The SEP client for Linux logs debug errors even when not in debug mode

Fix ID: 4157604

Symptoms: A Symantec Endpoint Protection client for Linux logs a symev_evrstimes error even if symev is not in debug mode, due to an expression for a condition being incorrectly evaluated.

Solution: Added the appropriate parentheses to allow for the correct evaluation of the condition.

Component versions

The build number for this release is 12.1.7445.7000. Red text indicates components that have updated for this release.