SEP 14.3 RU4 - Tamper Protection Events for MSIEXEC.EXE
search cancel

SEP 14.3 RU4 - Tamper Protection Events for MSIEXEC.EXE

book

Article ID: 241664

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After upgrading to SEP 14.3 RU4 you start to notice Tamper Protection Events from MSIEXEC.EXE

 

Environment

Release : 14.3 RU4

Component : Tamper Protection

Cause

Enhancements were made in SEP 14.3 RU4 so that unsolicited calls to have Windows Installer modify SEP are blocked: E.G. someone running MSIEXEC.EXE from a command prompt or via script.

Resolution

In case of legitimate usage of cmd\script\SCCM to uninstall software in the infrastructure, it will be needed to add a Tamper Protection Exclusion for MSIEXEC.EXE.

Additional Information

  1. SEP-75512