This document lists the new fixes and component versions in Symantec Endpoint Protection (SEP) 14.3 RU8 (14.3.10148.8000). This information supplements the information found in the Release Notes.

• New Fixes
• Component versions

Download the full release through the Broadcom Software Download Portal. For details, see Download the latest version of Endpoint Protection.

Additional fixes for 14.3 RU8 Patch 1 (14.3.10158.8000)

Symantec Endpoint Protection (Windows)

Incident ID: CRE-12238
Incident Description: Intermittent ccSvcHst.exe process crash due to memory_corruption

Incident ID: CRE-14781
Incident Description: Discrepancy in firewall state between the SEP client User Interface and SEPM in some cases

Incident ID: CRE-15912
Incident Description: Client upgrade does not honor the client server communication setting to not preserve communications during the upgrade

Incident ID: CRE-15918
Incident Description: SEP client unexpectedly clears the quarantine status when it originates from on-premise EDR

Incident ID: CRE-16065
Incident Description: Extended system boot observed when Host Integrity is set to perform a high frequency of checks

Incident ID: CRE-16169
Incident Description: SEP client does not failover from Group Update Provider to SEPM when GUP is unreachable

Incident ID: CRE-16196
Incident Description: SEP client repeatedly logs that a device has been allowed, even if it has not transitioned to disabled first

Incident ID: CRE-16599
Incident Description: LiveUpdate error connection timeout observed intermittently (0x00002EE2) 

Incident ID: CRE-17053
Incident Description: Policy Target Rule returning true even though it's false

Incident ID: CRE-17218
Incident Description: Policy Target Rule rapidly switches when using ICMP DNS host criteria

New fixes for 14.3 RU8 (14.3.10148.8000)

• Symantec Endpoint Protection Manager
• Symantec Endpoint Protection (Windows)
• Symantec Endpoint Protection (macOS)
• Symantec Endpoint Protection (Linux)
• Component Versions

Symantec Endpoint Protection Manager

Incident ID: CRE-10273
Incident Description: GET computers restapi returns incorrect results when using the OS filter

Incident ID: CRE-11959
Incident Description: New package deployment failure when performing a Remote Push

Incident ID: CRE-12967
Incident Description: Mismatch in external logging between the risk name and the risk name listed in SEPM

Incident ID: CRE-13119
Incident Description: Group rename description value is not displayed

Incident ID: CRE-13397
Incident Description: SONAR out-of-date definitions report shows a date that differs from the client properties

Incident ID: CRE-13401
Incident Description: Endpoint does not appear in the correct device group when compared with the cloud console

Incident ID: CRE-13490
Incident Description: Agt_risk.tmp contains action:102 instead of an actual action name

Incident ID: CRE-13549
Incident Description: "Action invalid" in Single Risk Event notification is missing

Incident ID: CRE-13589
Incident Description: Older definitions incorrectly overwrite newer definitions after replication

Incident ID: CRE-13764
Incident Description: Unexpected server error message displayed - FileSystemException (File locked by other process)

Incident ID: CRE-13790
Incident Description: Authentication API fails due to duplicate token error

Incident ID: CRE-13814
Incident Description: AuthenticationMethod updated when updating admin via API

Incident ID: CRE-13815
Incident Description: Creating a new admin via API incorrectly advises that the admin is not enabled

Incident ID: CRE-13929
Incident Description: Management Server Configuration wizard translation error

Incident ID: CRE-13971
Incident Description: Application Control policy does not properly handle SHA1 checksum values

Incident ID: CRE-14052
Incident Description: Broken links observed from LuDownloadedContentArray

Incident ID: CRE-14274
Incident Description: "An unknown error occurred" is observed inn Symantec Endpoint Protection Weekly report

Incident ID: CRE-14320
Incident Description: Last Scan Time differs between the Endpoint status and the Computers Not Scanned reports

Incident ID: CRE-14329
Incident Description: LDAP Account Authentication failed error intermittently observed

Incident ID: CRE-14534
Incident Description: Unexpected server error - Violation of primary key constraint

Incident ID: CRE-14818
Incident Description: Signature ID 34140 is missing in Intrusion Prevention exception list

Symantec Endpoint Protection (Windows)

Incident ID: CRE-12159
Incident Description: When LaunchSMCGui is set to 0 the Enroll button becomes visible

Incident ID: CRE-12316
Incident Description: CPU spike observed when synced files on EDR enrolled endpoints

Incident ID: CRE-12536
Incident Description: Intermittent system hang observed on Microsoft Exchange

Incident ID: CRE-13276
Incident Description: Automatic Exclusions for Microsoft Exchange are no longer up to date

Incident ID: CRE-13315
Incident Description: Windows 10 Pro for Workstation is not counted on the Endpoint Status Home Page

Incident ID: CRE-13369
Incident Description: CPU spike observed in Edge.exe or Chrome.exe when Intrusion Prevention is enabled

Incident ID: CRE-13375
Incident Description: Location Awareness logic doesn't handle scenarios where domain group membership is unavailable

Incident ID: CRE-13488
Incident Description: Cloud-managed endpoints intermittently miss Full or Active scans with retry interval set to 7 days

Incident ID: CRE-13575
Incident Description: Intermittent system crash bugcheck A caused by symefasi64.sys

Incident ID: CRE-13714
Incident Description: Cloud-managed endpoints do not properly migrate proxy settings on upgrade

Incident ID: CRE-13910
Incident Description: Application Control does not properly handle unsupported SHA1 hashes

Incident ID: CRE-14092
Incident Description: Group Update Provider does not failover to SEPM correctly when IPv6 is blocked

Incident ID: CRE-14257
Incident Description: Chrome Browser Protection event is not logged in SEDR management console

Incident ID: CRE-14573
Incident Description: Small memory leak observed when files are remotely opened on a system

Incident ID: CRE-14798
Incident Description: GPO events generated every 5 minutes after upgrading to 14.3 RU7

Incident ID: CRE-14812
Incident Description: Intermittent system crash bugcheck 19 caused by SISIPSdriver.sys

Symantec Endpoint Protection (macOS)

Incident ID: CRE-12570
Incident Description: Unmanaged client does not use macOS proxy settings for LiveUpdate

Symantec Endpoint Protection (Linux)

Incident ID: CRE-11431
Incident Description: Mount point is busy when dismounting removable drives

Incident ID: CRE-12887
Incident Description: Antimalware.ini settings are reverted on agent restart

Incident ID: CRE-12982
Incident Description: Policy serial number does not appear for RHEL 6.4 endpoints

Incident ID: CRE-13451
Incident Description: Linux Agent continues to attempt to connect to some URLs even with external communications disabled

Incident ID: CRE-13875
Incident Description: Device status listed as "At-Risk" due to Policy Version mismatch

Incident ID: CRE-13931
Incident Description: Profile.log grows in size at an unexpected rate

Incident ID: CRE-13940
Incident Description: "SAV Liveupdate -U" fails due to a missing license error

Incident ID: CRE-14744
Incident Description: Cafagent won't start after installing the Linux Agent

Incident ID: CRE-14768
Incident Description: GPG key file path added to sdcss.list when installing on Ubuntu

Incident ID: CRE-15675
Incident Description: Quarantined files can overwrite each other in some instances

Component Versions

The build number for this release is 14.3.10148.8000. 

Red text indicates components that have updated for this release.