search cancel

Endpoint Protection 14.2 RU1 Host Integrity check fails on reboot

book

Article ID: 174865

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

SEP (Symantec Endpoint Protection) Host Integrity check may fail on reboot but subsequent checks will pass. 

Specifically, the "Antivirus is running" check for SEP may fail during system startup, whether in the predefined antivirus requirement or custom requirement. 

During system startup:

"Host Integrity check failed" in SEP security log; "Condition: Antivirus is running. Result is fail."

Subsequent HI checks will pass.

Cause

This seems to occur only in SEP 14.2 RU1; older versions of SEP are not affected.

Environment

Windows

SEP 14.2 RU1 (14.2.3332 or 14.2.3335)

Resolution

{FIXED_DOWNLOAD_LATEST.EN_US}

See Fix ID ESCRT-1581 in New fixes and component versions in Symantec Endpoint Protection 14.2 RU1 MP1

As a workaround, a custom requirement with IF/THEN and "utility: service is running" (check if "Symantec Endpoint Protection" service is running) may fuction more reliably.