steven36 Posted October 15, 2019 Share Posted October 15, 2019 Symantec fixed an issue causing Blue Screens Of Death (BSOD) for customers running the company's Endpoint Protection Client software on Windows versions ranging from Windows 7 to Windows 10 per reports. According to users outlining the issue on Twitter, Reddit, and Symantec's support forums [1, 2], their Windows devices were impacted by BSODs after applying the October 14 intrusion prevention system (IPS) definitions. While Symantec did not provide official information regarding which Windows versions are impacted by this issue, customer reports say that at least Windows 7, Windows 8, and Windows 10 systems are affected [1, 2, 3], with tens if not thousands of machines experiencing BSODs according to other accounts. New Intrusion Prevention signatures released "When run LiveUpdate, Endpoint Protection Client gets a Blue Screen Of Death (BSOD) indicates IDSvix86.sys/IDSvia64.sys is the cause of the exception BAD_POOL_CALLER (c2) or KERNEL_MODE_HEAP_CORRUPTION (13A)," acknowledged Symantec in a support article earlier today. "When BSOD happens, Intrusion Prevention signature version is 2019/10/14 r61," also added the company. Symantec later addressed this issue by releasing Intrusion Prevention signature version 2019/10/14 r62 which will be automatically applied when users will run LiveUpdate again. Users who haven't yet experienced any BSODs are advised to "rollback to an earlier known good content revision to prevent the BSOD situation," following the step-by-step definition rollback procedure detailed here. BSOD workarounds Customers who cannot apply the new signatures by running LiveUpdate on their systems can use the following workaround: Boot in Safe Mode and perform the following for x64 or x86 installations of SEP, Run sc config idsvia64 start= disabled or sc config idsviax86 start=disabled from cmd, Reboot in normal mode, Update the IPSdefs, Run sc config idsvia64 start= system or sc config idsviax86 start=system from cmd Reboot. Those who cannot grab the new definitions without a BSOD, can also grab the Network-Based Protection (IPS) update from here and install it offline. Source Link to comment Share on other sites More sharing options...
tivstip Posted October 16, 2019 Share Posted October 16, 2019 No problem here. Isolated case. On another forum where more people use it nobody reported anything. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.