BAD_POOL_CALLER (c2) or KERNEL_MODE_HEAP_CORRUPTION (13A) occurs after running LiveUpdate

book

Article ID: 176228

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

After running LiveUpdate on Symantec Endpoint Protection (SEP), the computer crashes indicating IDSvix86.sys/IDSvia64.sys as the cause of the exception. This "Blue Screen of Death", or BSoD, occurs after updating the Intrusion Prevention signature sequence to 2019/10/14 r61.

BAD_POOL_CALLER (c2) or KERNEL_MODE_HEAP_CORRUPTION (13A)

Environment

LiveUpdate downloaded Intrusion Prevention signature sequence 2019/10/14 r61

Resolution

Symantec has released Intrusion Prevention signature version 2019/10/14 r62 to resolve this issue.  These definitions are available now.

Please run LiveUpdate to download latest Intrusion Prevention signature 2019/10/14 r62, or rollback to an earlier known good content revision to prevent the BSOD situation. Please check How to Backdate Virus Definitions in Symantec Endpoint Protection Manager for more details on how to roll back definitions.