The following document provides mitigation steps for the privilege escalation vulnerability in the Symantec Endpoint Protection (SEP) client described in SYMSA1487.
Symantec recommends migrating affected clients to the latest version of the SEP client, which contains mitigations for SYMSA1487.
Mitigation
Computers without the Application and Device Control component installed are not impacted by this vulnerability. Use the appropriate steps from https://support.symantec.com/us/en/article.TECH90936.html to remove the Application and Device Control component to mitigate SYMSA1487 on clients running a vulnerable build of the SEP client that cannot be immediately updated to the latest build of the SEP client.