After upgrading to SEP 14.3 RU4 you start to notice Tamper Protection Events from MSIEXEC.EXE

Release : 14.3 RU4

Component : Tamper Protection

Enhancements were made in SEP 14.3 RU4 so that unsolicited calls to have Windows Installer modify SEP are blocked: E.G. someone running MSIEXEC.EXE from a command prompt or via script.

In case of legitimate usage of cmd\script\SCCM to uninstall software in the infrastructure, it will be needed to add a Tamper Protection Exclusion for MSIEXEC.EXE.

1. SEP-75512