According to the users of Facebook, Reddit and Symantec’s help forums[1, 2], after implementing the October 14 Intrusion Prevention System (IPS) concepts, their Windows computers have been affected by BSODs. Although Symantec has yet to officially inform about the Windows versions affected by this issue, customer reports have said that it affects at least Windows 7, Windows 8 and Windows 10[ 1, 2, 3] systems with tens, if not thousands, of BSOD machines.
Released New Signatures for Prevention of Intrusion
“The reason behind the BAD POOL CALLER (c2) or KERNEL MOD HEAP CORRUPTION (13A) exception is that Endpoint Protection Client receives a Blue Screen Of Death (BSOD) while running LiveUpdate,” Symantec admitted in an earlier sponsored post. “The signature edition of Intrusion Prevention 2019/10/14 is r61 if BSOD happens,” the company also added. Symantec later addressed this problem through the introduction of the 2019/10/14 r62 Intrusion prevention signature that is automatically enforced when users re run LiveUpdate. Users who have not yet experienced BSODs are advised “return to a previously known good content revision to prevent BSOD,” according to the rollback procedure described in the step-by-step definition procedure.
Workingarounds for BSOD
Customers who can’t use new signatures when running Live Updates on their devices can use the following workaround: If the new definitions are unable to catch without a BSOD, they can also upgrade or install it offline on the network-based protections (IPS).
