SEP 14.3 RU9 Patch 2 (14.3.11237.9000) fails to deploy via LiveUpdate Client Patches
search cancel

SEP 14.3 RU9 Patch 2 (14.3.11237.9000) fails to deploy via LiveUpdate Client Patches

book

Article ID: 441064

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

  • You attempt to deploy Symantec Endpoint Protection (SEP) 14.3 RU9 Patch 2 (14.3.11237.9000) to Windows clients using the "Client Patches" feature via LiveUpdate.

  • The LiveUpdate Settings policy is correctly configured to allow clients to download and install patches.

  • The patch is successfully downloaded and present on the Symantec Endpoint Protection Manager (SEPM).

  • Despite these configurations, clients do not download or apply the patch automatically.

  • Manual installation (e.g., Client Deployment Wizard/Push) works as expected.

Environment

  • SEPM Version: 14.3 RU9

  • Client Version: 14.3.x earlier than 14.3 RU9 Patch 2

  • Feature: LiveUpdate Client Patches

Cause

This issue occurs because the Distributable flag for this specific build is set to 0 in the configuration files.

When the SEPM downloads a client patch via LiveUpdate, it inspects the setAid.ini file associated with that build.

  • If Distributable=1: The SEPM adds the patch to the index2.xml file, which acts as the catalog for clients to check for available updates.
  • If Distributable=0: The SEPM excludes the patch from index2.xml.

For build 14.3.11237.9000, the setAid.ini (located by default at C:\Program Files (x86)\Symantec\Symantec Endpoint Protection Manager\Inetpub\content\{01033000-6400-5F00-0000-000014030900}\<sequence>\Full\setAid.ini) contains the following:

[Product]
Distributable=0
...

Because this flag originates from the Configuration Management (CM) build process and is set to 0, this specific update is not authorized for distribution via the "Client Patches" LiveUpdate method.

Resolution

Since the Distributable flag is a build-level attribute and cannot be modified by the administrator, an alternative deployment method must be used for this version.

Recommended Workarounds:

  1. Auto-Upgrade (UAG): Assign the 14.3 RU9 Patch 2 package to the desired Client Group under the Client Install Packages tab. This will trigger the upgrade via the standard heartbeat process.

  2. Client Deployment Wizard: Use the Push or Web Link method to manually deploy the patch to affected endpoints.

  3. Third-Party Tools: Export the patch package and deploy it via SCCM, GPO, or other software distribution platforms.

Powered by Wolken Software