search cancel

SEPM cannot update contents after upgrade.

book

Article ID: 228301

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection Manager (SEPM) cannot update any contents after upgrade SEPM.

<SEPM install path>\tomcat\logs\SesmLu.log:

11/11 04:47:30 [34d4:2200] INFO(Low)  sepmStic1432 DefaultDefUtilsContentHandler CDefUtils::PreDefUpdateInternal() - Saving temp szDir1 to m_pszUpdateDir (C:\ProgramData\Symantec\Definitions\SymcData\sepmStic1432\tmp79f4.tmp). (File = c:\bld_area\defutils5.3.1\core_technology\components\hawking\src\defutils\update.cpp, Line = 969
11/11 04:47:30 [34d4:2200] INFO(Low)  sepmStic1432 DefaultDefUtilsContentHandler CDefUtils::SetLocInRegistry(pszKey=SOFTWARE\Symantec\InstalledApps, pszValue=sepmStic1432InstallDir, pszDir=C:\ProgramData\Symantec\Definitions\SymcData\sepmStic1432\tmp79f4.tmp) - returning false. (File = c:\bld_area\defutils5.3.1\core_technology\components\hawking\src\defutils\defmisc.cpp, Line = 1361
11/11 04:47:30 [34d4:2200] INFO(Low)  sepmStic1432 DefaultDefUtilsContentHandler CDefUtils::PreDefUpdateInternal() - have m_pszLuRegName but SetLocInRegistry() failed. (File = c:\bld_area\defutils5.3.1\core_technology\components\hawking\src\defutils\update.cpp, Line = 1017
11/11 04:47:30 [34d4:2200] INFO(Low)  sepmStic1432 DefaultDefUtilsContentHandler CDefUtils::PreDefUpdateInternal() - failed ... cleaning up. (File = c:\bld_area\defutils5.3.1\core_technology\components\hawking\src\defutils\update.cpp, Line = 1043
11/11 04:47:30 [34d4:2200] INFO(Low)  sepmStic1432 DefaultDefUtilsContentHandler CDefUtils::PreDefUpdateInternal() - removing C:\ProgramData\Symantec\Definitions\SymcData\sepmStic1432\tmp79f4.tmp (File = c:\bld_area\defutils5.3.1\core_technology\components\hawking\src\defutils\update.cpp, Line = 1046

Environment

Symantec Endpoint Protection (SEP) client on SEPM machine is 14.2 and lower.

Cause

Tamper Protection of SEP client on SEPM machine may interfere with updating specific registry during update content.

Resolution

To work around the issue, disable Tamper Protection temporarily.

If it works, then upgrade SEP client on SEPM machine to 14.2 MP1 and later.

SEP 14.2 MP1 has following fix for Tamper Protection.

New fixes and component versions in Symantec Endpoint Protection 14.2 MP1
SMSMSE 7.9 does not update virus definitions automatically after installing or upgrading to SEP 14.2
Fix ID: 4190874
Symptoms: Symantec Mail Security for Microsoft Exchange does not automatically update virus definitions if installed on a system with Symantec Endpoint Protection 14.2. Tamper Protection blocks the update of registry keys InstalledApps and SharedDefs.
Solution: Fixed Tamper Protection to not block both registry keys.