Slow web site access or crashes when Endpoint Protection's Generic Exploit Mitigation feature is enabled


Article ID: 170371


Updated On:


Endpoint Protection


While accessing a site through Internet Explorer, Firefox, or Chrome, Symantec Endpoint Protection (SEP) users face a delay of at least a minute and/or crashes. You find that disabling Endpoint Protection's Generic Exploit Mitigation (GEM) feature resolves the issue.


SEP 12.1, 14 (any version)


This issue has been resolved in the November 1, 2017 IPS definitions.

If the November 1, 2017 or later IPS definitions are installed and you continue to experience this issue, exclude Internet Explorer, Firefox and/or Chrome from the GEM application coverage, then contact us for further support:

  1. In the Symantec Endpoint Protection Manager (SEPM) console, open the Policies page.
  2. Under Policies, click Intrusion Prevention.
  3. Under Intrusion Prevention Policies, right-click your Intrusion Prevention policy and select the Edit... menu option.
  4. In the Intrusion Prevention Policy window, click Generic Exploit Mitigation.
  5. Under Generic Exploit Mitigation Application Coverage, untick the iexplore.exe, firefox.exe and/or chrome.exe options, then click the OK button.
  6. Repeat steps 3 through 5 for any other Intrusion Prevention policy you may have.

This will allow to have GEM cover all but the excluded applications, ensuring maximum protection.