Endpoint Protection

 View Only

  • 1.  BSOD caused by SEP update?

    Posted Oct 15, 2019 09:08 AM

    People are seeing BSOD's due to the Oct 14th updates. Any info from Symantec?

     

    https://old.reddit.com/r/sysadmin/comments/di6v8k/sep_causing_bsods_this_morning/



  • 2.  RE: BSOD caused by SEP update?
    Best Answer

    Posted Oct 15, 2019 09:15 AM

    Here's the official KB/alert that we got

     

    https://support.symantec.com/us/en/article.TECH256643.html



  • 3.  RE: BSOD caused by SEP update?

    Posted Oct 15, 2019 09:26 AM

    It's unfortunate this wasn't found in testing but at last we had limited impact.



  • 4.  RE: BSOD caused by SEP update?
    Best Answer

    Posted Oct 15, 2019 09:31 AM

    The definitions which resolve this are available now.  Please do run LiveUpdate!



  • 5.  RE: BSOD caused by SEP update?
    Best Answer

    Trusted Advisor
    Posted Oct 15, 2019 10:32 AM

    Workaround (only if you can’t apply new signatures)
    1. Boot in Safe Mode and perform the following for x64 or x86 installations of SEP,
    2. Run sc config idsvia64 start= disabled or sc config idsviax86 start=disabled from cmd,
    3. Reboot in normal mode,
    4. Update the IPSdefs,
    5. Run sc config idsvia64 start= system or sc config idsviax86 start=system from cmd
    6. Reboot.

     

    Solution

    Install the latest CIDS/IPS content version: 20191014 rev.62 or rollback to an earlier known good content revision to prevent the BSOD situation on your environment.

     


  • 6.  RE: BSOD caused by SEP update?

    Posted Oct 15, 2019 10:53 AM

    I want to test this evening.

    Many Thanks!



  • 7.  RE: BSOD caused by SEP update?

    Posted Oct 15, 2019 01:58 PM

    SEPC Is affected as well i think