New fixes for 14.3 RU9 (14.3.11213.9000 / 14.3.11216.9000)

• Symantec Endpoint Protection Manager
• Symantec Endpoint Protection (Windows)
• Symantec Endpoint Protection (macOS)
• Symantec Endpoint Protection (Linux)
• Component Versions

Symantec Endpoint Protection Manager

Incident ID: CRE-13385
Incident Description: Invalid URL error when adding a domain with an * as a Trusted Web Domain

Incident ID: CRE-13400
Incident Description: Unable to view or print all pages of the Web/Java console via "Print Page"

Incident ID: CRE-15028
Incident Description: The Home page displays invalid Japanese characters for the Advanced Security tab

Incident ID: CRE-15203
Incident Description: FileNotFound unexpected server error observed intermittently in Server Activity log

Incident ID: CRE-15898
Incident Description: FileNotFoundException sharing violation error observed intermittently in Server Activity log

Incident ID: CRE-15924
Incident Description: Unknown Exception in RequestHandler and ConsoleServlet errors observed intermittently in Server Activity log

Incident ID: CRE-15950
Incident Description: Client Version sorting does not correctly sort 14.3.10148.8000

Incident ID: CRE-15974
Incident Description: SEPM Cloud Hub service does not stay started intermittently

Incident ID: CRE-16343
Incident Description: Default policy template Active Scans incorrectly scan all directories if they are modified

Incident ID: CRE-16657
Incident Description: Computer Status Report displays the incorrect revision for IPS and SONAR content when a client is upgraded to a newer product version

Incident ID: CRE-16581
Incident Description: HTTP 401 Unauthorized unexpected server error observed intermittently in Server Activity log when pseudonymous telemetry is enabled

Incident ID: CRE-16640
Incident Description: RenewClean*.log, Connection*.log, Accept*.log, sepm_*.out, and other logs are not being periodically removed during DiskFileCleanup tasks

Incident ID: CRE-16915
Incident Description: In FIPS-enabled configurations if the database restarts unexpectedly the SEPM does not automatically reconnect

Incident ID: CRE-17198
Incident Description: Withdrawing a quarantine policy from a location would also withdraw the normal policy in some cases

Incident ID: CRE-17219
Incident Description: Restarting the SEPM may intermittently cause the SEPM's HTTPD.exe process to crash

Incident ID: CRE-17226
Incident Description: SEPM Backup failure notification is no longer sent after upgrade to 14.3 RU7 or later

Incident ID: CRE-17325
Incident Description: ZipException unexpected server error observed intermittently in Server Activity log

Incident ID: CRE-17423
Incident Description: Bridge service encounters the error "getShouldHubRun>>getBridgeAccessToken failed"

Symantec Endpoint Protection (Windows)

Incident ID: CRE-12238
Incident Description: Intermittent ccSvcHst.exe process crash due to memory_corruption

Incident ID: CRE-13906
Incident Description: "Browser Intrusion Prevention is malfunctioning" error after installing SEF definitions

Incident ID: CRE-14480
Incident Description: Ping and Tracert commands timeout with certain firewall rules defined

Incident ID: CRE-14688
Incident Description: Risk log does not show the complete path when a .cab file is detected

Incident ID: CRE-14781
Incident Description: Discrepancy in firewall state between the SEP client User Interface and SEPM in some cases

Incident ID: CRE-14790
Incident Description: Intermittent ccSvcHst.exe process crash due to TSE.dll

Incident ID: CRE-15006
Incident Description: Windows may not successfully boot with Microsoft Smart App Control enabled

Incident ID: CRE-15009
Incident Description: Application Control policy does not work for 32-bit applications if SentinelOne agent is installed

Incident ID: CRE-15338
Incident Description: High non-paged pool observed for SymEvent.sys

Incident ID: CRE-15367
Incident Description: Events for quarantine restoration and quarantine are identical in the Integrated Cyber Defense Manager

Incident ID: CRE-15507
Incident Description: SEP client installation updates are incorrectly applied after using the "smc -image" command

Incident ID: CRE-15581
Incident Description: Notification is not displayed when "Notify users when external devices are Allowed" is enabled

Incident ID: CRE-15741
Incident Description: Traffic log events with a time of 0 are not correctly inserted into the SEPM database

Incident ID: CRE-15863
Incident Description: Bugcheck due to memory_corruption observed when using Terragrunt commnds

Incident ID: CRE-15912
Incident Description: Client upgrade does not honor the client server communication setting to not preserve communications during the upgrade

Incident ID: CRE-15918
Incident Description: SEP client unexpectedly clears the quarantine status when it originates from on-premise EDR

Incident ID: CRE-16006
Incident Description: SEP client EDR module may encounter enrollment errors intermittently due to network issues

Incident ID: CRE-16065
Incident Description: Extended system boot observed when Host Integrity is set to perform a high frequency of checks

Incident ID: CRE-16115
Incident Description: SEP client requires a reboot even when reboot is suppressed if EFAInst is not able to correctly upgrade SymEFA

Incident ID: CRE-16169
Incident Description: SEP client does not failover from Group Update Provider to SEPM when GUP is unreachable

Incident ID: CRE-16196
Incident Description: SEP client repeatedly logs that a device has been allowed, even if it has not transitioned to disabled first

Incident ID: CRE-16532
Incident Description: SEP client Application Discovery scan impacts performance on system startup

Incident ID: CRE-16556
Incident Description: Sepwscssvc hang observed during upgrade

Incident ID: CRE-16599
Incident Description: LiveUpdate error connection timeout observed intermittently (0x00002EE2) 

Incident ID: CRE-16806
Incident Description: High CPU utilization observed on system start from DWHWzrd

Incident ID: CRE-16979
Incident Description: Smc.exe fails to launch with Unexpected Error (32)

Incident ID: CRE-17048
Incident Description: Exceptions using [PROGRAM_FILES] does not work for Program Files (x86) directory

Incident ID: CRE-17053
Incident Description: Policy Target Rule returning true even though it's false

Incident ID: CRE-17093
Incident Description: Incorrect operating system displayed as Server 2016 instead of Server 2022

Incident ID: CRE-17161
Incident Description: Bugcheck observed on IDSVia64.sys

Incident ID: CRE-17218
Incident Description: Policy Target Rule rapidly switches when using ICMP DNS host criteria

Incident ID: CRE-17400
Incident Description: IPS browser extension causes slow loading times with Chrome and Edge

Incident ID: CRE-17641
Incident Description: SEP client repeatedly logs a device has been disabled, even if it has not transitioned to enabled first

Incident ID: CRE-17676
Incident Description: IPS browser extension causes slow initial loading time in Edge

Incident ID: CRE-17722
Incident Description: Visual Studio is unable to open when SEP is installed and TDAD is enabled

Symantec Endpoint Protection (macOS)

Incident ID: CRE-14990
Incident Description: SEP Mac reports incorrect operational state is settings become corrupt

Incident ID: CRE-15400
Incident Description: SEP Mac clients appear in SEPM group instead of Imported OU groups

Incident ID: CRE-16016
Incident Description: Cloud-managed daily scheduled scan doesn't run every day

Incident ID: CRE-16358
Incident Description: Scan Type reported incorrectly for macOS

Incident ID: CRE-16738
Incident Description: Incorrect time is displayed in the "Last Run" column for Scheduled Scans

Incident ID: CRE-17678
Incident Description: com.broadcom.mes.systemextension consumes high CPU when a large amount of network throughput is happening

Symantec Endpoint Protection (Linux)

Incident ID: CRE-13497
Incident Description: SEP Linux antimalware feature incorrectly updates file modify time property

Incident ID: CRE-13760
Incident Description: Scheduled scans restart even after the try interval has elapsed if the service is restarted

Incident ID: CRE-14719
Incident Description: CAFAgent service stops unexpectedly under certain scenarios

Incident ID: CRE-16103
Incident Description: CAFServiceMain stops intermittently

Incident ID: CRE-17388
Incident Description: LiveUpdate launches after the Linux Agent service starts, but the event is not logged in Lux.log

Incident ID: CRE-17421
Incident Description: SEP Linux updates the modify time of a file after it has been updated by another application

Incident ID: CRE-17452
Incident Description: SEP Linux uses a LiveUpdate policy from a previous location

Incident ID: CRE-17635
Incident Description: SEP Linux logs an excessive amount of events in kern.log

Component Versions

The build number for this release is 14.3.11213.9000. 

Red text indicates components that have updated for this release.