In some instances, Symantec Endpoint Protection's (SEP) Intrusion Prevention System (IPS) may improperly identify the correct logged on user when an IPS event is triggered on a system with more than one logged on user.

This issue is fixed in Symantec Endpoint Protection 14.2 RU2. For information on how to obtain the latest build of Symantec Endpoint Protection, see Download the latest version of Symantec software here.