This document lists the new fixes and component versions in Symantec Endpoint Protection (SEP) 14.2 RU2 MP1 (14.2.2.1). This information supplements the information found in the Release Notes.
Download the full release through MySymantec. For details, see Download the latest version of Endpoint Protection.
You can also download client-only patches through Symantec Endpoint Protection 14.2 RU2 MP1 client-only patches.
Fix ID: ESCRT-989
Symptoms: Auto-compile on Ubuntu 18.04 with kernel 4.18 fails with error 2.
Solution: Added support for Ubuntu 18.04 with kernel 4.18.
SEP Linux kernel modules fail to load on Oracle 7.6 with kernel 4.14
Fix ID: ESCRT-1293
Symptoms: Permission denied error during kernel module compilation results in the Auto-Protect kernel module failing to load.
Solution: Updated code to ensure the kernel modules compile correctly and SymAP and SymEV drivers are inserted into the system.
Clients do not use the assigned Group Update Provider until service restart
Fix ID: ESCRT-1705
Symptoms: SEP 14.2 clients do not use the Group Update Provider specified in the LiveUpdate policy until services are restarted.
Solution: Corrected an issue that was preventing LU policy changes from applying to the client after an update.
SEP Linux auto-compile fails on RHEL 8 with kernel 4.18
Fix ID: ESCRT-1807
Symptoms: Auto-compile on RHEL 8 with kernel 4.18 fails with error 2.
Solution: Added support for RHEL 8 with kernel 4.18.
SEPM reports version 13.0.0.0 when the SEP Linux client is installed using the RPM
Fix ID: ESCRT-1857
Symptoms: SEP Linux client installed using the RPM results in the version being displayed incorrectly in the SEPM.
Solution: Updated sep.rpm to include a default setup.ini during installation.
SEPM RESTAPI /groups/<guid> returns incorrect values
Fix ID: ESCRT-2013
Symptoms: GET /groups/ RESTAPI is returning incorrect values for numberOfPhysicalComputers and numberOfRegisteredUsers..
Solution: Corrected the logic used to retrieve the data for GET /groups/.
System crash on SUSE 12 SP4 after upgrade to SEP Linux 14.2 RU1
Fix ID: ESCRT-2080
Symptoms: Shortly after upgrading to SEP Linux 14.2 RU1 or later on SUSE 12 SP4 the system experiences a crash.
Solution: Added handling to prevent a crash when hooking functions in the page table.
Missing log entries for Website Traffic Redirection errors in the SEP Mac client
Fix ID: ESCRT-2126
Symptoms: In instances where port 2968 is in use by another process, SEP Mac WTR component does not log the conflict.
Solution: Added client logging for port conflicts on 2968 when using WTR.
Deleting location criteria does not generate an audit log entry
Fix ID: ESCRT-2199
Symptoms: When a SEPM administrator deletes a location condition it does not result in an audit log entry in Monitors->Logs.
Solution: Generate an audit log entry when deleting a location condition.
SEPM RESTAPI does not return results for User Mode clients without a logged in user
Fix ID: ESCRT-2245
Symptoms: GET /computers/ RESTAPI does not return results for User Mode clients that do not have a logged in user.
Solution: Updated the GET /computers/ to include clients without any user logged in.
Multiple smcd child processes running on SEP Linux clients
Fix ID: ESCRT-2269
Symptoms: SMCD child processes periodically spawn and become orphaned on CentOS 7.6.
Solution: Updated inter-process communication modules for the SEP Linux client.
Intermittent system hang observed with SRTSP64
Fix ID: ESCRT-2311
Symptoms: System freeze intermittently observed and the memory dump indicates SRTSP64.sys.
Solution: Auto-protect component updated to prevent a deadlock from occurring.
Intermittent system hang observed with SRTSP64 during reboot
Fix ID: ESCRT-2392
Symptoms: During reboot on Windows Server 2016 a system hang is intermittently observed that indicates SRTSP64 as the cause.
Solution: Auto-protect component updated to prevent a deadlock from occurring.
Location Awareness does not switch locations as expected
Fix ID: ESCRT-2395
Symptoms: On systems with no valid IP address, Location Awareness does not return clients to the default location when using DNS, WINS, Gateway, or DHCP IP address criteria for one of the conditions.
Solution: When no valid IP address is available Location Awareness will now properly match to the best location.
Conflict between SEP and CommVault Agent 11.x
Fix ID: ESCRT-2502
Symptoms: CommVault Agent has performance impacted when Symantec Endpoint Protection is present.
Solution: Auto-Protect component updated to prevent the conflict between SEP and CommVault Agent.
Catalina.err continues to increase in size on Symantec Endpoint Protection Manager
Fix ID: ESCRT-2577
Symptoms: When scm.syslog.agentinfo=ON is enabled and Mac clients are present without four IP address an error is logged in Catalina.err.
Solution: Corrected logging parameters to prevent empty IP addresses from generating an error.
Unable to export reports after upgrading SEPM to 14.2 RU2
Fix ID: ESCRT-2656
Symptoms: After upgrading a SEPM to 14.2 RU2 that manages SEP Linux clients the Computer Status report cannot be exported.
Solution: Updated the sql query to prevent an error during the export process.
SEPM notifications do not include client groups that contain a “[“ or “]” character in the group name
Fix ID: ESCRT-2665
Symptoms: Notifications that involve a client group with a group name containing brackets are not generated.
Solution: Addressed the group condition when a group containing this character is selected.
Unexpected error messages observed in SEP Linux debug log on RHEL 6.8
Fix ID: ESCRT-2762
Symptoms: On systems with no SEP Client UI an error is periodically logged to the debug log to record the issue.
Solution: Updated the log entries to the DEBUG level so that they will only appear it debug logging is enabled.
Actual Action is reported as “Action Invalid” instead of “Quarantine Succeeded” on SEP Linux
Fix ID: ESCRT-2802
Symptoms: Files that contain a special character do not have the Actual Action field properly reported when a detection is made.
Solution: Updated the log parser to properly handle special characters.
Some client group views do not show any client information for AD synchronized client groups
Fix ID: ESCRT-2809
Symptoms: Protection Technology, Network Information, and Client System group views do not display AD synchronized clients as expected.
Solution: Fixed the SQL queries used in each client group view to properly handle AD synchronized clients.
The build number for this release is 14.2.5569.2100.
Red text indicates components that have updated for this release.
Component |
DLL File |
DLL Version |
SYS File |
SYS Version |
---|---|---|---|---|
AutoProtect |
srtsp64.dll |
15.7.6.31 |
srtsp64.sys |
15.7.6.30 |
BASH Defs |
BHEngine.dll Seq#= 20190927.005 |
12.0.2.10 |
BHDrvx64.sys |
12.0.2.10 |
BASH Framework |
BHClient.dll |
10.4.4.3 |
N/A |
- |
CC |
ccLib.dll |
13.5.0.13 |
ccSetx64.sys |
13.4.0.26 |
CIDS Defs |
IDSxpx86.dll Seq#= 20191114.063 |
17.2.1.16 |
IDSviA64.sys |
17.2.1.16 |
CIDS Framework |
IDSAux.dll |
15.2.7.7 |
N/A |
- |
CP3 |
version.txt |
2.8.0.39 |
N/A |
- |
CX |
cx_lib.dll |
3.0.3.25 |
N/A |
- |
ConMan |
version.txt |
2.1.8.5 |
N/A |
- |
D2D |
version.txt |
1.2.1.5 |
N/A |
- |
D2D_Latest |
version.txt |
1.5.0.51 |
N/A |
- |
DecABI |
dec_abi.dll |
2.3.5.10 |
N/A |
- |
DefUtils |
DefUtDCD.dll |
5.1.0.31 |
N/A |
- |
DuLuCallback |
DuLuCbk.dll |
1.8.1.17 |
N/A |
- |
DuLuxCallback |
duluxcallback.dll |
2.15.0.7 |
N/A |
- |
ERASER |
cceraser.dll |
119.1.0.93 |
eraser64.sys |
119.1.0.89 |
IRON |
Iron.dll |
7.0.7.12 |
Ironx64.sys |
7.0.7.11 |
LUX |
Lux.dll |
2.15.0.19 |
||
LiveUpdate |
LUEng.dll |
2.6.2.8 |
N/A |
- |
MicroDefs |
patch25d.dll |
6.1.1.4 |
N/A |
- |
SDS Engine |
sds_engine_x86.dll Seq#= 20200115.004 |
1.11.0.192 |
N/A |
- |
SIS |
SIS.dll |
14.0.2496.1001 |
N/A |
- |
STIC Defs |
stic.dll Seq#= 20190703.137 |
2.5.0.137 |
N/A |
- |
SymDS |
DSCli.dll |
6.2.1.3 |
N/A |
- |
SymEFA |
EFACli64.dll |
6.3.4.9 |
SymEFASI64.sys |
6.3.4.8 |
SymELAM |
ELAMCli.dll |
2.0.1.145 |
SymELAM.sys |
2.0.1.115 |
SymEvent |
Sevntx64.exe |
14.0.6.46 |
SymEvent.sys |
14.0.6.27 |
SymNetDrv |
SNDSvc.dll |
15.2.5.7 |
symnets.sys |
15.2.5.7 |
SymScan |
ccScanW.dll |
14.2.3.23 |
N/A |
- |
SymVT |
version.txt |
10.2.0.8 |
N/A |
- |
TCSAPI |
version.txt |
1.6.0.25 |
N/A |
- |
Titanium |
titanium.dll |
2.4.1.17 |
N/A |
- |
WLU (Symantec Endpoint Protection Manager) |
LuComServerRes.dll |
3.3.203.36 |
N/A |
- |