Before, Event ID 4124 and 4098 used to trigger Browser extension and Malicious domain related events for some SEP endpoints enrolled in EDR.
Now, Endpoint Detection and Response (EDR) appears to display new events of type 4098 but not 4123 or 4124 for those SEP endpoints.
Only new AAT events appear from the impacted SEP endpoints on EDR UI.
EDR Release : 4.5.0-4.6.5
BROADCOM Software commits to resolve this issue in a future release.
To flush cache manually, reboot EDR appliance.