Symantec Endpoint Protection 12.1 RU1 and AppV 4.6 2 Comments

Another moment of pure fun with Symantec Endpoint Protection... I liked the version 11 so much and I was missing mysterious Symantec issue so much I decided to update the anti-virus software to 12 on all my customer XenDesktop virtual machines... The version we chose to deploy was Symantec Endpoint Protection 12.1 RU1 (version given by the security administration team), the update went fine, no BSOD, no weirdness and that was weird actually, I was prepare and ready for so much trouble, nothing happened ! the vDisk was updated and the only change this time was SEP, so I pushed the next vDisk into production. Few hours and next day, users were complaining about App-V applications launch issues, that was a known issue because the App-V infrastructure is a bit old (v4.5 on the server-side) and begin to have some weirdness after the weekly reboot (services started but no stream.., next blog post I guess) So we checked everything out around the App-V servers and App-V client (4.6 SP2) and the only things we saw was error in event log but nothing to really think App-V was the root of these issue. Some streamed applications were working some other not.   After searching again and again, I just roll back one vDisk to use the earlier version to check if everything was ok with the earlier version and yes, everything was working fine with App-V applications. So i went to check Symantec knowledge base and I found these two articles : Application Error when launching an App-V virtualized application on a computer with SEP 12.1 client installed. New fixes and enhancements in Symantec Endpoint Protection 12.1 Release Update 2 So you guessed it right, the update to Symantec Endpoint Protection 12.1 RU2 is fixing App-V 4.6 compatibility issues... App-V virtualized applications cannot load with Proactive Threat Protection installed Fix ID: 2689005 Symptom: App-V virtualized applications cannot load with Proactive Threat Protection installed. Solution: Changed Application Control and User Mode Hooking to allow NTDLL image validation. So, one more time thank you Symantec to waste our time and make our life much more complicated !