SEP 12.1RU2 Vulnerability Protection Browser Add-on Crashing IE-8
Testing 12.1.2 (2015.2015) in Citrix-based Windows 7 desktop environment. When Vulnerability Protection browser add-on (IPSBHO.dll) is enabled within Internet Explorer 8 (8.0.7601.17514), the IE-8 browser crashes upon launch, displaying "Internet Explorer has stopped working" pop-up. Problem details show:
Problem signature:
Problem Event Name: BEX
Application Name: iexplore.exe
Application Version: 8.0.7601.17514
Application Timestamp: 4ce79912
Fault Module Name: StackHash_0a9e
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Offset: 63b8c9c0
Exception Code: c0000005
Exception Data: 00000008
OS Version: 6.1.7601.2.1.0.16.7
Locale ID: 1033
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
----------------------------------------------------------------------------------------
If we disable this add-on within Internet Explorer "Manage Add-ons" panel, the browser launches without a problem.
There are no log records stored within SEP that correlate to this error.
Previously we were using SEP 12.1.1101.401 and did not run into this problem. 32/64 bit does not seem to matter.
Any suggestions on what may be causing this problem within the add-on?
Comments 11 Comments • Jump to latest comment
You're likely going to need to open a case with Symantec and provide logs, dumps, etc for them to look at.
SEP Knowledge Base
Endpoint SWAT
Any chance you have similar windows 7 configuration but with IE 9 where you could check if the problem is occuring as well?
Brian81 & SebastianZ: thanks for the feedback. Unfortunately, going with IE 9 is not feasible, even if it would work, due to application dependencies on IE 8.
I'm testing this now with same setup as you. Give me 10 minutes.
SEP Knowledge Base
Endpoint SWAT
I'm not having any issues thus far. Seems to be opening and browsing just fine. I would suggest a call to support.
SEP Knowledge Base
Endpoint SWAT
Thanks for trying it on your end.
Hello,
I would suggest you to disable the Download Insight in order to reduce the memory usage of iexplore.exe
Secondly, did you check this Article:
Best Practices for Symantec Endpoint Protection on Citrix and Terminal Servers
http://www.symantec.com/docs/TECH91070
Hope that helps!!
Mithun Sanghavi
Symantec Technical Support Engineer, SEP
MIM | MCSA | MCTS | STS | ITIL v3
Twitter: @mithun_sanghavi
Don't forget to mark your thread as 'SOLVED' with the answer that best helps you.<&a
My only suggestion is to disable any other add-on than Symantec in IE then see if it still crash or not..
At the same time you will still need to log a case to Support
Thanks a lot for your help, but I think this issue concerns the CITRIX environment, dont it?
In our case the problem presents in IE of desktops/notebooks.
Anyway I appreciate your interest. Greetings.
I opened a case with support on this issue. Support also provided the "Best Practices" information and we used the Symantec Endpoint Protection Support Tool. The root cause of the problem was not determined.
We elected to go with the workaround of removing the use of the vulnerability protection browser plugin as the resulting risk was considered low.
I did the same. The answer was the same too. The workaround is to disable the add-on or disable IPS policy that the add-on is also automatically disabled.
For now I'm waiting for a Symantec solution to the problem.
Would you like to reply?
Login or Register to post your comment.