Symantec Endpoint Protection Security (SES) clients show an 'At Risk' status on Integrated Cyber Defense Manager (ICDM) console, with a reason of 'Policy not current'.
For Example: Policy not current (Antimalware)
Reference screenshot of a policy requiring an upgrade:
This status is expected when clients are assigned to a policy for which a version upgrade is available from Symantec.
The policy assigned to the impacted clients should be upgraded. For more information refer to Updating a policy to a new version.