I followed the post that discussed the CIDS changes, New Features in Client Intrusion Detection System (CIDS) 14.1 (http://www.symantec.com/docs/TECH224237), very closely since it was posted on 8/29/14. It concerned me because of the nature of its release (via LiveUpdate opposed to in a SEP client upgrade) and the possibility users would receive prompts from IE or IE simply would not work. I noticed its release was postponed several times as it originally was due to be released in September.
That being said, we never set a GPO to control the browser prompts to begin with. I know Symantec recommended this if you received prompts with how the now older BHO worked. We have over 13K total SEP clients and many are not receiving the error (yet). I am using the monitor in SEPM -> Client Activity -> with Advanced settings of event source: Network Intrusion Protection Sys and severity: Warning and above. Out of our 13K clients, I have 145 currently reporting the error. I have only fixed two at this point, but I have fixed them with a simple reboot. Has anyone else tried this?
Here is something I noticed...
On a working machine, in IE, the Symantec Vulnerability Protection add-on is DISABLED (I expected it to be removed based on CIDS post above, but disabled will work for now.)
On a machine reporting the error, in IE, the Symantec Vulnerability Protection add-on is ENABLED. After I reboot the machine, it disables this add-on and resolves the error.