Endpoint Protection Small Business Edition

 View Only

  • 1.  Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 11:42 AM

    We are using Symantec Endpoint Protection, Small Business Edition, version 12.1.4013.  SEP is being used as an unmanaged client on a small network server.  The server OS is Windows Small Business Server 2003.  The web browser on the server is Internet Explorer 8.

    Recently we began getting an error messag from SEP every time Internet Explorer was used on the server.  The error message briefly appeared in the lower right section of the taskbar, near the SEP logo.  The same error was also recorded each time in the System Log in Client Management.  The exact message is:  "Browser Intrusion Prevention is malfunctioning.  Browser type: Internet Explorer.  Try to update the signature browser path: C:\Program Files\Internet Explorer\iexplore.exe."

    I have determined that I can stop this error message by disabling the Symantec Vulnerability Protection (11.1.0.0) add-on in Internet Explorer.  However, I don't want to compromise protection/security on the server.  Is this an appropriate solution to the warning message problem or should we do something else?

    Thanks very much for your assistance with this.

     



  • 2.  RE: Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 11:43 AM
    It is normal for Internet Explorer users to no longer see the BHO and similarly, Firefox users will not see the add-on installed in their browsers. Note: All versions of IE BHO will be disabled and all Firefox plugins removed.
     
    If a GPO has previously been created to suppress the message "The Symantec Intrusion Prevention add-on from Symantec Corporation is ready for use," the policy setting must be removed now to avoid cosmetic error messages reading "Browser Intrusion Prevention is malfunctioning. Check the System logs for details." See the article Internet Explorer 9 displays a pop-up stating "The Symantec Intrusion Prevention add-on from Symantec Corporation is ready for use" for more details.
     
    Because this is a staged rollout, customers may see the change at different times. This is a positive change, no functionality is being removed; this change improves Symantec Endpoint Protection’s protection capabilities

    New Features in Client Intrusion Detection System (CIDS) 14.1

    Article:TECH224237 | Created: 2014-08-29 | Updated: 2014-11-21 | Article URL http://www.symantec.com/docs/TECH224237


  • 3.  RE: Browser Intrusion Prevention Malfunctioning Error Message
    Best Answer

    Posted Dec 16, 2014 11:44 AM

    This is likely because of a recent change that was made, see here:

    "http://www.symantec.com/docs/TECH224237

    This release provides a new generation Browser Protection engine. Please be aware that this engine removes the need for Browser Helper Objects (BHO), browser plugins or add ons.  No functionality will be lost due to this change.  It simply gives customers browser independent protection and allows Symantec Endpoint Protection to tackle even more complex threats.
     
    It is normal for Internet Explorer users to no longer see the BHO and similarly, Firefox users will not see the add-on installed in their browsers.  Note: All versions of IE BHO will be disabled and all Firefox plugins removed.
     
    If a GPO has previously been created to suppress the message "The Symantec Intrusion Prevention add-on from Symantec Corporation is ready for use," the policy setting must be removed now to avoid cosmetic error messages reading "Browser Intrusion Prevention is malfunctioning. Check the System logs for details." See the article Internet Explorer 9 displays a pop-up stating "The Symantec Intrusion Prevention add-on from Symantec Corporation is ready for use" for more details.
     
    Because this is a staged rollout, customers may see the change at different times.  This is a positive change, no functionality is being removed; this change improves Symantec Endpoint Protection’s protection capabilities."


  • 4.  RE: Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 03:40 PM

    Thanks for your help with this, James.  I understand your explanation and it makes complete sense.



  • 5.  RE: Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 03:42 PM

    Thanks Brian.  We do not have any GPOs set up on this small network.  Given the circumstances, is disabling the no-longer-needed Symantec Vulnerability add-in for IE the best solution to stopping the error message?



  • 6.  RE: Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 03:46 PM

    It should've been disabled automatically but if it wasn't, you can do this. The IE BHO is no longer needed.



  • 7.  RE: Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 06:17 PM
    It was definitely still enabled, but not anymore.


  • 8.  RE: Browser Intrusion Prevention Malfunctioning Error Message

    Posted Dec 16, 2014 06:39 PM

    The, you're all set :)