Endpoint Protection

Hello all
We have upgraded some of our SEP 11 clients from MR4 to version MR5.  They are running SEP11.0.5002.333 with network threat protection, however it has since been disabled.
The problem we have is that some of these clients are developers and they run IIS locally on their machines.  When they try to run ASP scripts the web service appears as unavailible.

The event log reads as follows; -
Event Type: Error
Event Source: ASP.NET 2.0.50727.0
Event Category: None
Event ID: 1084
Date:  11/10/2009
Time:  11:18:12 AM
User:  N/A
Computer: WEBSOLDT07
Description:
aspnet_wp.exe could not be started. The error code for the failure is C0000005. This error can be caused when the worker process account has insufficient rights to read the .NET Framework files. Please ensure that the .NET Framework is correctly installed and that the ACLs on the installation directory allow access to the configured account.

the only solution is to uninstall SEP11 and rollback to version SEP11 MR4.

Is there anything I can do to resolve this without having to rollback?

I am not alone with this issue, please see the following thread. http://www.experts-exchange.com/Programming/Languages/.NET/.NET_Framework_2.0/Q_24830156.html

Masby661
 

Try by removing application and device control component.... 

.NET framework crashes when upgraded client to SEP RU5
SEP RU5 - 0xc0000005 ERROR!

Our corporate IT guys pushed out a new version of SEP to our systems this past week (around 3/25/10), and now IIS and ASP.NET are broken on all of our development systems.  The following errors show up in the affected systems' event logs:


aspnet_wp.exe could not be started. The error code for the failure is C0000005. This error can be caused when the worker process account has insufficient rights to read the .NET Framework files. Please ensure that the .NET Framework is correctly installed and that the ACLs on the installation directory allow access to the configured account.


Obviously, the .NET Framework is correctly installed and the ACLs are correct; we've verified that and have reset (and reinstalled the frameworks) to no avail.

Is IIS & ASP.NET such an uncommon platform that a product like SEP would blithely break it?!  This should REALLY have been something caught in QC!!!

John,

Same thing happened to us. We reinstalled .NET frameworks and Visual Studio(s) and then ran aspnet_regiis -i. That fixed the problem, but we still need to know what went wrong to avoid work stopage in the future.

Did you find out specifically what update went wrong?

Steve

> Same thing happened to us. We reinstalled .NET frameworks and Visual Studio(s) and then
> ran aspnet_regiis -i. That fixed the problem

...Which is all very well, except that Symantec admit that, with this patch in place, when you run 
aspnet_regiis, it throws an exception (which is exactly what I'm seeing when I try to run it)

http://service1.symantec.com/SUPPORT/ent-security.nsf/docid/2010012709305848


It's shocking that they let this bug through, and even worse that they are demanding that users request
a patch to fix the issue, rather than making it widely available.   After all, this is a problem which they
admit has the following hilarious side-effect: Sounds a bit critical to me...
(And it wasted hours of my time yesterday, as I believed the Event Viewer error, saying that it was a
user-rights issue.)

Shocking.