ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Clients show Disabled after upgrade to 14.3 MP1 due to component malfunction for Tamper Protection


Article ID: 208617


Updated On:


Endpoint Protection


Upon upgrading to 14.3 MP1 many clients show Disabled due to a component malfunction for Tamper Protection


Due to a change in 14.3 MP1, Tamper Protection requires the latest BASH definitions to function even when Proactive Threat Protection is NOT installed


14.3 MP1+


  1. Ensure the SEPM manager has the following definitions downloaded/loaded in path: Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Inetpub\content
    14.3 BASH content ({D6AEBC07-D833-485f-9723-6C908D37F806}: SEPC Behavior And Security Heuristics 14.3 - MicroDefsB.CurDefs - SymAllLanguages
  2. Ensure the LiveUpdate Content policy has SONAR Heuristic signatures added for SEPM content distribution
  3. Ensure the SEP clients have the latest BASH definitions downloaded/loaded in path: C:\ProgramData\Symantec\Symantec Endpoint Protection\<client version>\Data\Definitions\BASHDefs

Additional Information