Ye olde Blue Screen of Death is back – this time, a bad Symantec update is to blame

The wrong kind of intrusion protection

A system crash greeted some users of Symantec's endpoint protection software

Updated Symantec has acknowledged an issue with an update to its Endpoint Protection Client that causes a Windows kernel exception after users this morning came down with a mild case of Blue Screen of Death.

A Reg reader who got in touch about the problem confirmed "multiple" businesses running Symantec were getting hit with the BSOD stick.

According to the support note TECH256643:

When run LiveUpdate, Endpoint Protection Client gets a Blue Screen Of Death (BSOD) indicates IDSvix86.sys/IDSvia64.sys is the cause of the exception BAD_POOL_CALLER (c2) or KERNEL_MODE_HEAP_CORRUPTION (13A).

When BSOD happens, Intrusion Prevention signature version is 2019/10/14 r61.

Users took to Twitter to report the issue.

The solution, presuming you can persuade Windows to boot successfully, is either to run a further update to get release R62 of the bad Intrusion Protection signature, or roll back to an earlier one.

Symantec said it was aware of the issue and would update the support doc "when new information becomes available".

It is not yet clear which versions of Windows are affected.

Thanks to Reg reader Tarjei Utnes for the tip. ®

Updated to add

Symantec has sent in the following statement:

"We learned of the SEP issue earlier this morning and immediately issued an update to resolve it."

Sponsored: Technical Overview: Exasol Peek Under the Hood

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER




Biting the hand that feeds IT © 1998–2019