Windows 7 SP1 Enterprise
Patched to May Security patches for all programs
Symantec Endpoint Protection 14.0.3897.1101
Exploit/IPS definitions June 8th, R1 and June 12th R2.
Blocked Attack: Memory Heap Spray attack against C:Program Files (x86)AdobeAcrobat 2015AcrobatAcrobat.exe
Blocked Attack: Memory Heap Spray attack against C:Program Files (x86)Microsoft OfficeOffice15WINWORD.EXE
Since late last week I have been seeing issues with memory exploit/IPS signatures shutting down legitimate programs before they can load, some common examples below:
Microsft Office Word
Microsoft Office Excel
This is when opening the program, not when opening a document or when browsing to a webpage. This seems to only impact windows 7
So far I have experienced this on the following IPS definition versions:
June 8th R1
June 12th R2
The June 8th R61 definitions stopped the issue
Support told me to upgrade Office 2013 to 2016 throughout my entire organization and to not use IE, we do not have this option.
Any other users experiencing this? If so have you found a safe version of IPS defintions to use until this is fixed?