SEP (Symantec Endpoint Protection) definitions on older computers do not update past January 24, 2017.

SEP client logging indicates that newer updates are downloaded, but fail to apply.

Various errors in SEP logging -

SEP client GUI, View Logs, System Log (under various components):
"An update for Virus and Spyware Definitions Win32 failed to install.  Error: 0xE0010001, DuResult: 60"

SEP client debug.log:
"SyLinkEventFunc - EVENT_LU_DOWNLOAD_COMPLETED: ApplyContent returned CMC_CONTENTUPDATE_ERROR(-536805375)"

SEP client sylink.log:
"SMC failed to process the content update: Error: 19"

"specified unknown library" WPP defutils log entry referencing ccEraser.dll. For example:
"[06/27/2004-02:35:08.807] defutils : 0fac : 0ab0 : TRACE_DEBUG : TRACE_LEVEL_ERROR : CDefUtils::LogErrorFn : defmisc_cpp4569 :CDefUtils::CallUpdateCallbacks() - C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Definitions\VirusDefs\20170207.020\catalog.dat specified unknown library: C:\Documents and Settings\All Users\Application Data\Symantec\Symantec Endpoint Protection\12.1.5337.5000.105\Data\Definitions\VirusDefs\20170207.020\ccEraser.dll (File = defmisc.cpp"

SEP 

Windows

Older computers using CPUs that do not support the SSE2 instruction set

LiveUpdate included new Eraser content around January 24, 2017, that unintentionally interfered with further updates on older computers (specifically, any computer using a CPU that does not support the SSE2 instruction set). CPU features and SSE2 support can be confirmed by using Microsoft's SysInternals Coreinfo utility or in a SymDiag report (Hardware, CPU, Features, SSE2 Instructions).

Fixed LiveUpdate Eraser content was released, dated 2/16/2017 rev. 2. With this update the Eraser engine version will change to 116.2.1.5. Affected clients will be able to process new updates with this set forward. 

Until the fixed LiveUpdate content is available, affected SEP clients should otherwise operate normally, continuing to use the 01/24/2017 definitions. Any LiveUpdate schedule on unmanaged clients may be disabled to avoid repeated download and update attempts. Managed clients that are generating unwanted network traffic by repeatedly downloading full definition updates (and failing to apply them) can be moved into an isolated client group that uses a LiveUpdate Content policy locked to the definition date of January 24, 2017. This will prevent repeated client update attempts. When the fixed LiveUpdate content is available, the clients can be moved to their original group(s) in stages to control the volume of full definition requests.