This document lists the new fixes and component versions in Symantec Endpoint Protection (SEP) 14.3 RU9 (14.3.11213.9000). This information supplements the information found in the Release Notes.

• New Fixes
• Component versions

Download the full release through the Broadcom Software Download Portal. For details, see Download the latest version of Endpoint Protection.

New fixes for 14.3 RU9 (14.3.11213.9000)

• Symantec Endpoint Protection Manager
• Symantec Endpoint Protection (Windows)
• Symantec Endpoint Protection (macOS)
• Symantec Endpoint Protection (Linux)
• Component Versions

Symantec Endpoint Protection Manager

Incident ID: CRE-13385
Incident Description: Invalid URL error when adding a domain with an * as a Trusted Web Domain

Incident ID: CRE-13400
Incident Description: Unable to view or print all pages of the Web/Java console via "Print Page"

Incident ID: CRE-15028
Incident Description: The Home page displays invalid Japanese characters for the Advanced Security tab

Incident ID: CRE-15203
Incident Description: FileNotFound unexpected server error observed intermittently in Server Activity log

Incident ID: CRE-15898
Incident Description: FileNotFoundException sharing violation error observed intermittently in Server Activity log

Incident ID: CRE-15924
Incident Description: Unknown Exception in RequestHandler and ConsoleServlet errors observed intermittently in Server Activity log

Incident ID: CRE-15950
Incident Description: Client Version sorting does not correctly sort 14.3.10148.8000

Incident ID: CRE-15974
Incident Description: SEPM Cloud Hub service does not stay started intermittently

Incident ID: CRE-16343
Incident Description: Default policy template Active Scans incorrectly scan all directories if they are modified

Incident ID: CRE-16657
Incident Description: Computer Status Report displays the incorrect revision for IPS and SONAR content when a client is upgraded to a newer product version

Incident ID: CRE-16581
Incident Description: HTTP 401 Unauthorized unexpected server error observed intermittently in Server Activity log when pseudonymous telemetry is enabled

Incident ID: CRE-16640
Incident Description: RenewClean*.log, Connection*.log, Accept*.log, sepm_*.out, and other logs are not being periodically removed during DiskFileCleanup tasks

Incident ID: CRE-16915
Incident Description: In FIPS-enabled configurations if the database restarts unexpectedly the SEPM does not automatically reconnect

Incident ID: CRE-17198
Incident Description: Withdrawing a quarantine policy from a location would also withdraw the normal policy in some cases

Incident ID: CRE-17219
Incident Description: Restarting the SEPM may intermittently cause the SEPM's HTTPD.exe process to crash

Incident ID: CRE-17226
Incident Description: SEPM Backup failure notification is no longer sent after upgrade to 14.3 RU7 or later

Incident ID: CRE-17325
Incident Description: ZipException unexpected server error observed intermittently in Server Activity log

Incident ID: CRE-17423
Incident Description: Bridge service encounters the error "getShouldHubRun>>getBridgeAccessToken failed"

Symantec Endpoint Protection (Windows)

Incident ID: CRE-12238
Incident Description: Intermittent ccSvcHst.exe process crash due to memory_corruption

Incident ID: CRE-13906
Incident Description: "Browser Intrusion Prevention is malfunctioning" error after installing SEF definitions

Incident ID: CRE-14480
Incident Description: Ping and Tracert commands timeout with certain firewall rules defined

Incident ID: CRE-14688
Incident Description: Risk log does not show the complete path when a .cab file is detected

Incident ID: CRE-14781
Incident Description: Discrepancy in firewall state between the SEP client User Interface and SEPM in some cases

Incident ID: CRE-14790
Incident Description: Intermittent ccSvcHst.exe process crash due to TSE.dll

Incident ID: CRE-15006
Incident Description: Windows may not successfully boot with Microsoft Smart App Control enabled

Incident ID: CRE-15009
Incident Description: Application Control policy does not work for 32-bit applications if SentinelOne agent is installed

Incident ID: CRE-15338
Incident Description: High non-paged pool observed for SymEvent.sys

Incident ID: CRE-15367
Incident Description: Events for quarantine restoration and quarantine are identical in the Integrated Cyber Defense Manager

Incident ID: CRE-15507
Incident Description: SEP client installation updates are incorrectly applied after using the "smc -image" command

Incident ID: CRE-15581
Incident Description: Notification is not displayed when "Notify users when external devices are Allowed" is enabled

Incident ID: CRE-15741
Incident Description: Traffic log events with a time of 0 are not correctly inserted into the SEPM database

Incident ID: CRE-15863
Incident Description: Bugcheck due to memory_corruption observed when using Terragrunt commnds

Incident ID: CRE-15912
Incident Description: Client upgrade does not honor the client server communication setting to not preserve communications during the upgrade

Incident ID: CRE-15918
Incident Description: SEP client unexpectedly clears the quarantine status when it originates from on-premise EDR

Incident ID: CRE-16006
Incident Description: SEP client EDR module may encounter enrollment errors intermittently due to network issues

Incident ID: CRE-16065
Incident Description: Extended system boot observed when Host Integrity is set to perform a high frequency of checks

Incident ID: CRE-16115
Incident Description: SEP client requires a reboot even when reboot is suppressed if EFAInst is not able to correctly upgrade SymEFA

Incident ID: CRE-16169
Incident Description: SEP client unexpectedly clears the quarantine status when it originates from on-premise EDR

Incident ID: CRE-16196
Incident Description: SEP client repeatedly logs that a device has been allowed, even if it has not transitioned to disabled first

Incident ID: CRE-16532
Incident Description: SEP client Application Discovery scan impacts performance on system startup

Incident ID: CRE-16556
Incident Description: Sepwscssvc hang observed during upgrade

Incident ID: CRE-16599
Incident Description: LiveUpdate error connection timeout observed intermittently (0x00002EE2) 

Incident ID: CRE-16806
Incident Description: High CPU utilization observed on system start from DWHWzrd

Incident ID: CRE-16979
Incident Description: Smc.exe fails to launch with Unexpected Error (32)

Incident ID: CRE-17048
Incident Description: Exceptions using [PROGRAM_FILES] does not work for Program Files (x86) directory

Incident ID: CRE-17053
Incident Description: Target Policy Rule returning true even though it's false

Incident ID: CRE-17093
Incident Description: Incorrect operating system displayed as Server 2016 instead of Server 2022

Incident ID: CRE-17161
Incident Description: Bugcheck observed on IDSVia64.sys

Incident ID: CRE-17218
Incident Description: Target Policy Rule rapidly switches when using ICMP DNS host criteria

Incident ID: CRE-17400
Incident Description: IPS browser extension causes slow loading times with Chrome and Edge

Incident ID: CRE-17641
Incident Description: SEP client repeatedly logs a device has been disabled, even if it has not transitioned to enabled first

Incident ID: CRE-17676
Incident Description: IPS browser extension causes slow initial loading time in Edge

Incident ID: CRE-17722
Incident Description: Visual Studio is unable to open when SEP is installed and TDAD is enabled

Symantec Endpoint Protection (macOS)

TBD

Symantec Endpoint Protection (Linux)

TBD

Component Versions

The build number for this release is 14.3.11213.9000. 

Red text indicates components that have updated for this release.