New fixes and component versions in Symantec Endpoint Protection 14.2 RU2 MP1

book

Article ID: 184179

calendar_today

Updated On:

Products

Endpoint Protection

Resolution

This document lists the new fixes and component versions in Symantec Endpoint Protection (SEP) 14.2 RU2 MP1 (14.2.2.1). This information supplements the information found in the Release Notes.

Download the full release through MySymantec. For details, see Download the latest version of Endpoint Protection.

You can also download client-only patches through Symantec Endpoint Protection 14.2 RU2 MP1 client-only patches.


New fixes

SEP Linux auto-compile fails on Ubuntu 18.04 with kernel 4.18

Fix ID: ESCRT-989

Symptoms: Auto-compile on Ubuntu 18.04 with kernel 4.18 fails with error 2.

Solution: Added support for Ubuntu 18.04 with kernel 4.18.

SEP Linux kernel modules fail to load on Oracle 7.6 with kernel 4.14

Fix ID: ESCRT-1293

Symptoms: Permission denied error during kernel module compilation results in the Auto-Protect kernel module failing to load.

Solution: Updated code to ensure the kernel modules compile correctly and SymAP and SymEV drivers are inserted into the system.

Clients do not use the assigned Group Update Provider until service restart

Fix ID: ESCRT-1705

Symptoms: SEP 14.2 clients do not use the Group Update Provider specified in the LiveUpdate policy until services are restarted.

Solution: Corrected an issue that was preventing LU policy changes from applying to the client after an update.

SEP Linux auto-compile fails on RHEL 8 with kernel 4.18

Fix ID: ESCRT-1807

Symptoms: Auto-compile on RHEL 8 with kernel 4.18 fails with error 2.

Solution: Added support for RHEL 8 with kernel 4.18.

SEPM reports version 13.0.0.0 when the SEP Linux client is installed using the RPM

Fix ID: ESCRT-1857

Symptoms: SEP Linux client installed using the RPM results in the version being displayed incorrectly in the SEPM.

Solution: Updated sep.rpm to include a default setup.ini during installation.

SEPM RESTAPI /groups/<guid> returns incorrect values

Fix ID: ESCRT-2013

Symptoms: GET /groups/ RESTAPI is returning incorrect values for numberOfPhysicalComputers and numberOfRegisteredUsers..

Solution: Corrected the logic used to retrieve the data for GET /groups/.

System crash on SUSE 12 SP4 after upgrade to SEP Linux 14.2 RU1

Fix ID: ESCRT-2080

Symptoms: Shortly after upgrading to SEP Linux 14.2 RU1 or later on SUSE 12 SP4 the system experiences a crash.

Solution: Added handling to prevent a crash when hooking functions in the page table.

Missing log entries for Website Traffic Redirection errors in the SEP Mac client

Fix ID: ESCRT-2126

Symptoms: In instances where port 2968 is in use by another process, SEP Mac WTR component does not log the conflict.

Solution: Added client logging for port conflicts on 2968 when using WTR.

Deleting location criteria does not generate an audit log entry

Fix ID: ESCRT-2199

Symptoms: When a SEPM administrator deletes a location condition it does not result in an audit log entry in Monitors->Logs.

Solution: Generate an audit log entry when deleting a location condition.

SEPM RESTAPI does not return results for User Mode clients without a logged in user

Fix ID: ESCRT-2245

Symptoms: GET /computers/ RESTAPI does not return results for User Mode clients that do not have a logged in user.

Solution: Updated the GET /computers/ to include clients without any user logged in.

Multiple smcd child processes running on SEP Linux clients

Fix ID: ESCRT-2269

Symptoms: SMCD child processes periodically spawn and become orphaned on CentOS 7.6.

Solution: Updated inter-process communication modules for the SEP Linux client.

Intermittent system hang observed with SRTSP64

Fix ID: ESCRT-2311

Symptoms: System freeze intermittently observed and the memory dump indicates SRTSP64.sys.

Solution: Auto-protect component updated to prevent a deadlock from occurring.

Intermittent system hang observed with SRTSP64 during reboot

Fix ID: ESCRT-2392

Symptoms: During reboot on Windows Server 2016 a system hang is intermittently observed that indicates SRTSP64 as the cause.

Solution: Auto-protect component updated to prevent a deadlock from occurring.

Location Awareness does not switch locations as expected

Fix ID: ESCRT-2395

Symptoms: On systems with no valid IP address, Location Awareness does not return clients to the default location when using DNS, WINS, Gateway, or DHCP IP address criteria for one of the conditions.

Solution: When no valid IP address is available Location Awareness will now properly match to the best location.

Conflict between SEP and CommVault Agent 11.x

Fix ID: ESCRT-2502

Symptoms: CommVault Agent has performance impacted when Symantec Endpoint Protection is present.

Solution: Auto-Protect component updated to prevent the conflict between SEP and CommVault Agent.

Catalina.err continues to increase in size on Symantec Endpoint Protection Manager

Fix ID: ESCRT-2577

Symptoms: When scm.syslog.agentinfo=ON is enabled and Mac clients are present without four IP address an error is logged in Catalina.err.

Solution: Corrected logging parameters to prevent empty IP addresses from generating an error.

Unable to export reports after upgrading SEPM to 14.2 RU2

Fix ID: ESCRT-2656

Symptoms: After upgrading a SEPM to 14.2 RU2 that manages SEP Linux clients the Computer Status report cannot be exported.

Solution: Updated the sql query to prevent an error during the export process.

SEPM notifications do not include client groups that contain a “[“ or “]” character in the group name

Fix ID: ESCRT-2665

Symptoms: Notifications that involve a client group with a group name containing brackets are not generated.

Solution: Addressed the group condition when a group containing this character is selected.

Unexpected error messages observed in SEP Linux debug log on RHEL 6.8

Fix ID: ESCRT-2762

Symptoms: On systems with no SEP Client UI an error is periodically logged to the debug log to record the issue.

Solution: Updated the log entries to the DEBUG level so that they will only appear it debug logging is enabled.

Actual Action is reported as “Action Invalid” instead of “Quarantine Succeeded” on SEP Linux

Fix ID: ESCRT-2802

Symptoms: Files that contain a special character do not have the Actual Action field properly reported when a detection is made.

Solution: Updated the log parser to properly handle special characters.

Some client group views do not show any client information for AD synchronized client groups

Fix ID: ESCRT-2809

Symptoms: Protection Technology, Network Information, and Client System group views do not display AD synchronized clients as expected.

Solution: Fixed the SQL queries used in each client group view to properly handle AD synchronized clients.

Component versions

The build number for this release is 14.2.5569.2100. 

Red text indicates components that have updated for this release.

Component

DLL File

DLL Version

SYS File

SYS Version

AutoProtect

srtsp64.dll

15.7.6.31

srtsp64.sys

15.7.6.30

BASH Defs

BHEngine.dll

Seq#= 20190927.005

12.0.2.10

BHDrvx64.sys

12.0.2.10

BASH Framework

BHClient.dll

10.4.4.3

N/A

-

CC

ccLib.dll

13.5.0.13

ccSetx64.sys

13.4.0.26

CIDS Defs

IDSxpx86.dll

Seq#= 20191114.063

17.2.1.16

IDSviA64.sys

17.2.1.16

CIDS Framework

IDSAux.dll

15.2.7.7

N/A

-

CP3

version.txt

2.8.0.39

N/A

-

CX

cx_lib.dll

3.0.3.25

N/A

-

ConMan

version.txt

2.1.8.5

N/A

-

D2D

version.txt

1.2.1.5

N/A

-

D2D_Latest

version.txt

1.5.0.51

N/A

-

DecABI

dec_abi.dll

2.3.5.10

N/A

-

DefUtils

DefUtDCD.dll

5.1.0.31

N/A

-

DuLuCallback

DuLuCbk.dll

1.8.1.17

N/A

-

DuLuxCallback

duluxcallback.dll

2.15.0.7

N/A

-

ERASER

cceraser.dll

119.1.0.93

eraser64.sys

119.1.0.89

IRON

Iron.dll

7.0.7.12

Ironx64.sys

7.0.7.11

LUX

Lux.dll

2.15.0.19

   

LiveUpdate

LUEng.dll

2.6.2.8

N/A

-

MicroDefs

patch25d.dll

6.1.1.4

N/A

-

SDS Engine

sds_engine_x86.dll

Seq#= 20200115.004

1.11.0.192

N/A

-

SIS

SIS.dll

14.0.2496.1001

N/A

-

STIC Defs

stic.dll

Seq#= 20190703.137

2.5.0.137

N/A

-

SymDS

DSCli.dll

6.2.1.3

N/A

-

SymEFA

EFACli64.dll

6.3.4.9

SymEFASI64.sys

6.3.4.8

SymELAM

ELAMCli.dll

2.0.1.145

SymELAM.sys

2.0.1.115

SymEvent

Sevntx64.exe

14.0.6.46

SymEvent.sys

14.0.6.27

SymNetDrv

SNDSvc.dll

15.2.5.7

symnets.sys

15.2.5.7

SymScan

ccScanW.dll

14.2.3.23

N/A

-

SymVT

version.txt

10.2.0.8

N/A

-

TCSAPI

version.txt

1.6.0.25

N/A

-

Titanium

titanium.dll

2.4.1.17

N/A

-

WLU (Symantec Endpoint Protection Manager)

LuComServerRes.dll

3.3.203.36

N/A

-