Clients show Disabled after upgrade to 14.3 MP1 due to component malfunction for Tamper Protection
search cancel

Clients show Disabled after upgrade to 14.3 MP1 due to component malfunction for Tamper Protection

book

Article ID: 208617

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Upon upgrading to 14.3 MP1 many clients show Disabled due to a component malfunction for Tamper Protection

Environment

14.3 MP1+

Cause

Due to a change in 14.3 MP1, Tamper Protection requires the latest BASH definitions to function even when Proactive Threat Protection is NOT installed

Resolution

  1. Ensure the SEPM manager has the following definitions downloaded/loaded in path: Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Inetpub\content
    14.3 BASH content ({D6AEBC07-D833-485f-9723-6C908D37F806}: SEPC Behavior And Security Heuristics 14.3 - MicroDefsB.CurDefs - SymAllLanguages
  2. Ensure the LiveUpdate Content policy has SONAR Heuristic signatures added for SEPM content distribution
  3. Ensure the SEP clients have the latest BASH definitions downloaded/loaded in path: C:\ProgramData\Symantec\Symantec Endpoint Protection\<client version>\Data\Definitions\BASHDefs


Additional Information