Symantec Endpoint Protection (SEP) clients generating Tamper Protection alerts when excluded applications are using a path variable

book

Article ID: 156181

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) clients installed on a 64-bit Operating System do not honor Tamper Protection exclusions when a path variable such as [PROGRAM_FILES] is used.

Resolution

This problem is fixed in Symantec Endpoint Protection 12.1 Release Update 3 (12.1 RU3). For information on how to obtain the latest build of Symantec Endpoint Protection, read ‘Obtaining the latest version of Symantec Endpoint Protection or Symantec Network Access Control

Should it not be possible to upgrade immediately, do not use the predefined variable in the Exceptions policy.  Use instead the full location path to the file that needs to be excluded.