Endpoint Protection

 View Only
Expand all | Collapse all

SEP 14 bug

  • 1.  SEP 14 bug

    Posted Nov 22, 2016 06:23 AM

    Hello All,

    I've recently upgraded the SEPM console to version 14 and created new packages for Endpoint Protection 14.

    Since upgrading the clients from version 12.1.6608.6300 to 14.0.1904.0000 this has caused issues.

    Users with Windows 8 or 8.1 installed are unable to use their machine as the screen flickers like the mouse is being clicked repeatedly.

    After uninstalling the SEP 14 and restarting the machine the issue goes away.

    I've tried a manual install of SEP 14 after and the same issue occurs.

    For now I will have to have the users either use Windows defender or install the old 12.1 client.

    I've found this potential fix online but haven't given it a go yet.

    My desktop screen flickers after I upgrade

    https://support.norton.com/sp/en/uk/home/current/solutions/v109267913_EndUserProfile_en_us

    Thanks,



  • 2.  RE: SEP 14 bug

    Posted Nov 22, 2016 10:05 AM

    What SEP 14 components did you have enabled? Was one of them Generic Exploit Mitigiation (GEM)?



  • 3.  RE: SEP 14 bug

    Posted Nov 22, 2016 11:17 AM

    All components except for lotus notes scanner and firewall

    GEM is enabled yes

    I've managed to narrow it down to effecting 1 specific model of laptop. It could possibly be a device driver on that model that it doesn't like?
     

    Make: Dell

    Model: Latitude e7470


    It's installed with no issues on other Dell laptops that are running windows 8.1



  • 4.  RE: SEP 14 bug

    Trusted Advisor
    Posted Nov 22, 2016 11:19 AM

    Hello,

    As of 14, Symantec Endpoint Protection includes Generic Exploit Mitigation, which stops vulnerability attacks on Windows client computers. Generic Exploit Mitigation is enabled by default in the Intrusion Prevention policy.

    The policy includes a list of rules for the applications that Generic Exploit Mitigation protects. By default, Generic Exploit Mitigation is enabled for all applications that appear in the policy.

    To change the default Generic Exploit Mitigation configuration

    1. In the console, on the Policies page, open an Intrusion Prevention policy.

    2. In the policy, click Generic Exploit Mitigation.

    3. Check or uncheck Enable Generic Exploit Mitigation.

    4. If you need to troubleshoot a problem with an application, uncheck it in the list.

    5. Click OK.

    Typically, you should keep Generic Exploit Mitigation enabled.

    You might want to disable Generic Exploit Mitigation if some of your applications become unstable.

    Check these Articles: 

    Using Generic Exploit Mitigation

    https://support.symantec.com/en_US/article.HOWTO12...

    Regards,



  • 5.  RE: SEP 14 bug

    Posted Nov 22, 2016 11:19 AM

    It's best to get a support case open so they can begin root cause analysis.



  • 6.  RE: SEP 14 bug

    Trusted Advisor
    Posted Nov 22, 2016 11:24 AM

    It might be worth installing the latest drivers assuming Dell has newer drivers available for download.



  • 7.  RE: SEP 14 bug

    Posted Nov 22, 2016 11:28 AM

    What's the best way to open a support case for this particular issue is there an online form I can submit?



  • 8.  RE: SEP 14 bug

    Posted Nov 22, 2016 11:30 AM

    I did try disabling SEP on the machine which included disabling GEM. I also disabled it from the console to see if this was work but the issue still persists. So I've switched it back on now.



  • 9.  RE: SEP 14 bug

    Posted Nov 22, 2016 11:32 AM

    I'm building one of the dell e7470 laptops with 8.1 now and will update all of the drivers to the latest version then try the install of SEP to see if this works.



  • 10.  RE: SEP 14 bug

    Posted Nov 22, 2016 11:49 AM

    You can do it from the portal

    https://mysupport.symantec.com/



  • 11.  RE: SEP 14 bug

    Trusted Advisor
    Posted Nov 23, 2016 03:41 AM

    How did you get on with it?



  • 12.  RE: SEP 14 bug

    Posted Dec 02, 2016 12:57 PM

    Is the "Intel(c) Dynamic Platform and Thermal Framework" installed? Try to uninstall it.



  • 13.  RE: SEP 14 bug

    Posted Dec 08, 2016 03:19 AM

    Monitor behaves erratically when trying to navigate with Endpoint Protection 14 Application and Device Control enabled

    http://www.symantec.com/docs/TECH236488