Application errors for "consent.exe" and "mmc.exe" observed in the Windows Event Viewer

book

Article ID: 165077

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Symantec Endpoint Protection (SEP) 14 MP1 is installed on Windows 10 Creators Update and an application error for "consent.exe" and "mmc.exe" are observed in the Windows Event Viewer when the system starts.

Windows Event Viewer - Application Log

  • Faulting application name: consent.exe, version: 10.0.15063.0, time stamp: 0xe0f856c4
  • Faulting application name: mmc.exe, version: 10.0.15063.0, time stamp: 0xc39bfa6e

Environment

Windows 10

Resolution

Microsoft has advised that these are non-fatal errors intended for telemetry purposes when a 3rd party DLL attempts to inject into Consent.exe or MMC.exe. In this case, the 3rd party DLL is sysfer.dll, which is part of the Application Control feature of Symantec Endpoint Protection.

This issue is resolved in SEP 14.2 or later. 

For information on how to obtain the latest build of Symantec Endpoint Protection, read ‘Download the latest version of Symantec Endpoint Protection:

http://www.symantec.com/docs/TECH103088

If it is not possible to upgrade: With SEP 14 RU1, Application Control exceptions for Consent.exe and MMC.exe can now be made and the product will honor them.