Windows Defender SmartScreen Can’t be Reached

I need a solution

I just installed Windows 10 1803 on a test device, after installing Endpoint Protection Cloud version 22.14.0.54, I am finding Windows Defender SmartScreen can’t be reached with the Default Symantec Security Policy applied. Not sure why this is happening, looking at the firewall rules that are configured by the default policy, it doesn’t look like the traffic should be blocked.

0

Related:

  • No Related Posts

Can’t install SEP 14.0.1904 on clients running Windows 10 1709

I need a solution

I have a client that is getting some new computers & want SEP installed on it. I managed to get the Endpoint manager installed on their server running Windows 10 1709.

But I can’t get the client software (14.0.1904) installed on the workstations. It is running the same version of Windows as the protection manager. I keep getting an error that the “App isn’t compatible with this version of Windows.”

How do I fix this? From what I’ve found online, 14.0.1 should work on Windows 10 1709

0

Related:

  • No Related Posts

Microsoft Mends Critical Windows 10 Security Error Impacting Windows Defender

A horde of security update has been launched by Microsoft to rectify a serious remote execution susceptibility that mainly impacts the Windows Defender on platforms of Windows Server and Windows. The problem, logged as CVE2018-0986, subsists in Microsoft Malware Protection Engine also effects the Microsoft Forefront EndPoint Protection 2010, Windows Intune Endpoint Protection, Microsoft Security Essentials, and Microsoft Exchange Server 2016 & 2013.

Enterprise end-users and administrators will not need installing the updates manually as there are inbuilt tools to install the updates automatically within 48 Hours of their launch. The new updates are not a fraction of the monthly security update of Microsoft. Nevertheless, it strengthens security across a range of Windows platforms, comprising Windows Server 2012 and Windows 10.

While unfolding the susceptibility on its Security TechCenter, the company said, “An attacker who effectively subjugated this susceptibility can run arbitrary code in the LocalSystem account’s security context and take command of the system. An intruder can then set up programs; generate new accounts with complete user rights; or change, delete, or view data.”

Microsoft draws attention to that there are “several means” that a particularly crafted document can be positioned by the attacker. Furthermore, it can be conveyed through an email, an instant messenger message, website, or even via a website that host or allows user-provided material.

Microsoft notes, “If real-time scanning is not activated, the intruder would have to wait till a programmed scan happens in order for the susceptibility to be subjugated. All systems operating on an impacted antimalware software version are mainly at risk.”

The security updates fundamentally rectify the way in which the Microsoft Malware Protection Engine scans particularly created documents. Additionally, the susceptible Microsoft Malware Protection Engine variant 1.1.14600.4 has been upgraded to variant 1.1.14700.5.

Related:

  • No Related Posts

Server Error in ‘/ICT/administration’ Application

I need a solution

Hi,

We have followed the instructions from the documentation guide (Installation Guide for Symantec Information Centric Tagging 15.0) https://support.symantec.com/en_US/article.DOC10620.html 

ICT is being used only for classification purpose so we don’t have the AD RMS.

After following the steps,

  1. Two Servers – An Active Directory Machine and An ICT Server Machine
  2. On the ICT Server Machine we installed SQL Server 2012
  3. Created OU and Groups in Active Directory for ICT
  4. Created Databases in SQL Server 2012 and Assign Rights for the ICT Account
  5. Ran the Scripts on the Databases
  6. Configured the Application Pool for ICT
  7. Modified the web.config file in inetpub/wwwroot/ict/administration/
  8. Ran the installer for Symantec_ICT_SERVER_Administration_15-0-1-2
  9. This error is shown when accessing the administration console

Kindly advise how to resolve this error. Thanks !

0

Related:

  • No Related Posts

SEP 12.1.6.7 doesn’t work on this version of Windows 10

I need a solution

Hello,

A client was having some issues with their SEP and I did an uninstall and then attempted a reinstall using the same package of SEP it was previously using only to get the following error:

“Symantec Endpoint Protection doesn’t work on either version of Windows. An updated app may be available.”

I ran the CleanWipe Utility and then attempted the reinstall again, same error. I tired an older version of the package, same error.

Our help desk guy built a new PC last week on the same build of Windows 10 and using the same package. No issues.

Anyone have any idea what I should try next? Or what could be causing this error? Compatability doesn’t seem to be the issue.

Thanks!

0

Related:

  • No Related Posts

Error: “No Audio Available, Could NoT Open An Audio Device For Playback” In ICA Session

Complete the following steps on Win 7 and 2008 R2.

  1. First check if RDP- Tcp and ICA- Tcp does not have audio disabled. Go to Administrative tools-> Remote Desktop Session Host Configuration-> RDP-tcp-> Right click-> Properties-> Client Settings. Audio option should be unchecked. Similarly check for ICA-Tcp connection.
  2. Allow Citrix client audio redirection policy in studio console.
  3. Run gpupdate /force on the VDA server.
  4. Verify that Receiver setting for audio is enabled in connection center.
  5. We should be able to get audio working in ICA session.

Steps to be followed on Win 8 and 2012 R2 and above.

Due to the changes in Server 2012 R2, there is no option to modify RDP listener in RDMS (Remote Desktop Management Server) GUI, hence to enable this Audio Redirection in 2012 R2 server, follow the below steps:

  1. Choose Start, choose Run, enter regedit, choose the OK button, and then set the value of the following registry key to 0.
  2. Go to HKLMSYSTEMCurrentControlSetControlTerminal ServerWinStationsRDP-Tcp, Edit or create

Value: fDisableAudioCapture

Type: REG_DWORD

Data : 0

Related:

  • No Related Posts

7021334: Error VHI 4300 “The scripting manager failed to initialize”

If your symptoms indicate failure with the Java scripting manager, see Recommended Solution for Java Issue and Alternative Solution for Java Issue. If your symptoms indicate failure with the .NET scripting manager, see Solution for .NET Issue.

Recommended Solution for Java Issue

To resolve this issue, set the environment variable vhi_embedded_xmx to a lower value, such as -Xmx512m. However, if a smaller value is already set (from a previous version), try removing the setting or increasing the value instead.

Windows

On Windows, set this variable at Control Panel > System and Security > System > Advanced (or Advanced system settings) > Environment Variables > System variables. The exact steps may vary, depending on your operating system version and Control Panel view.

Figure 2. New System Variable dialog

Figure 2. New System Variable dialog

Note: On Windows Server 2003 or Windows XP, to make the environment variable available to the Local System account that runs services, you must restart the system (see http://support.microsoft.com/kb/821761).

UNIX/Linux

On UNIX/Linux, you may need to export the environment variable so that it is available to the process that runs the VHI session server.

Alternative Solution for Java Issue

If you do not have permissions to set system environment variables or restart the system, and are running version 7.1.221 or higher, you can edit JVM configuration files instead. Note: This procedure will need to be repeated after installing any future upgrade or hotfix, as the configuration files will be reset to default values.

  1. Locate your destool.conf and sesssrvr.conf files in the appropriate directory:

Windows: C:Program FilesAttachmateVerastreamHostIntegratoretc

UNIX/Linux: /opt/attachmate/verastream/hostintegrator/etc

  1. Open each file in a text editor.
  2. Locate the following existing line:
scriptmgr.java.additional.4=-Xmx768m
  1. Modify the parameter to use a lower value. For example:
scriptmgr.java.additional.4=-Xmx512m
  1. Save changes.
  2. Restart the session server service as described in Technical Note 10004. Close and restart any instances of the Design Tool application.

Note: If the system environment variable vhi_embedded_xmx (or vhi_embedded_classpath or vhi_embedded_libpath) are set, they take precedence over the .conf file contents.

Solution for .NET Issue

Ensure that your system has Internet access (such as ability to make outbound connections through a firewall) so it can connect to the system crl.verisign.net (for the Certificate Revocation List at VeriSign).

If you are running version 7.6.44 or earlier and your organization’s policies prohibit Internet access, complete the following steps to disable Authenticode verification:

  1. In a text editor, open the clrscriptserver.exe.config file located in C:Program FilesAttachmateVerastreamHostIntegratorlibdotnet.
  2. In the <runtime> section, insert the following line:
<generatePublisherEvidence enabled="false"/>

For example:

<runtime>

<generatePublisherEvidence enabled="false"/>

<assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">

Note: Beginning in version 7.6.47, this setting already exists by default.

  1. Save changes and restart the Session Server service or Design Tool application. For more information about starting services, see Technical Note 10004.

Related:

  • No Related Posts