IPS detection triggered when SEP Process "SECURITY.UWP.EXE" is accessing "onclickads.net" domain
search cancel

IPS detection triggered when SEP Process "SECURITY.UWP.EXE" is accessing "onclickads.net" domain

book

Article ID: 279198

calendar_today

Updated On:

Products

Endpoint Security Complete

Issue/Introduction

IPS detections are generated when Symantec process "SECURITY.UWP.EXE" connects to "onclickads.net" domain.   

Environment

Endpoint Security

Cause

"SECURITY.UWP.EXE" is a Symantec process which accesses the "onclickads.net" domain for DNS checking.
The "onclickads.net" domain is blocked which triggers the IPS detection for this traffic.

Resolution

The change in network integrity policy that don't use "onclickads.net" was pushed as part of 2024.05 refresh .
This update necessitates that administrators upgrade the policy targeted to the device.

Powered by Wolken Software