As John mentioned, no one but Admin's should be able to get to $ shares at least in a default state. If not, it should be locked down anyways as per Microsoft's best practices, general security best practices, and even Symantec recommends it too. leaving shares open is actually a vulnerability for viruses to exploit. Do you know how many viruses these days exploit open shares? A lot.
That said, SEP can't be a fix all, and I don't think it can stop this in it's current build. But I also don't think SEP should be a catch-all for bad security practices either.
I love the ease of use and flexibility to use a $ share as much as anyone else, but with convenience, comes lax security...