Symantec endpoint protection virus definitions not updating on clients
It was working fine since long, but I noticed that SEPM stopped updating Antivirus And Antispyware Protection virus definitions and they were almost 1 week old, rest of definitions including Proactive Threat Protection and Network Threat Protection were up to date.
So there was something wrong with the virus definition update engine.
Below is an excerpt from the Symantec Antivirus knowledgebase, Symantec antivirus, although it updates the same as before, doesn't recognize a date newer than 2009.
The fix: release new definition updates, but keep the December 31, 2009 date.
Symptoms Installation fails for an unknown reason, or you receive an error message with error code, such as 0x80070643, 0X8007064A, 0x8004FF2E, 0x8004FF01, 0x8004FF07, 0x80070002, 0x8007064C, 0x8004FF00, 0x80070001, 0x80070656, 0x8004FF40, 0x C0000156, 0x8004FF41 0x8004FF0B, 0x8004FF11, 0x80240022, 0x8004FF04, 0x80070660, 0x800106B5, 0x80070715, 0x80070005, 0x8004EE00, 0x8007003, 0x800B0100, 0x8007064E, or 0x8007007E.
This document explains how to update Symantec Endpoint Protection definitions by running Live Update.
If you have problems installing Windows Defender after you remove existing security programs, contact Microsoft Support for Windows Defender in the Security product family.
When Windows Defender or Endpoint Protection detects a potential threat that's hiding inside a compressed file with a file name extension or within a network share, it tries to deal with the threat by quarantining or removing the threat.
Symptoms This article addresses common issues with automatic updates, including the following situations: Note Some internet security applications do not uninstall completely.
Once a solution is available it will be posted to Live Update, and SEPM/SPC will download and apply the update automatically.
Security Response will continue to publish Symantec Endpoint Protection security content with the date 12/31/2009, and will only increase the revision number of the content.
Why are the Security Content dates for Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Manager (SEPM) not progressing beyond 12/31/09?
SNAC Behavior – If Host Integrity (HI) is being used to check for Anti Virus (A/V) definitions compliance on the agent, it will fail.