Release Context Symantec Endpoint Protection (SEP) 14.3 Build 558 is a specific maintenance release within the 14.3 MP (Maintenance Patch) lineup. This build is part of Broadcom’s ongoing effort to stabilize the security platform, addressing critical bugs found in previous iterations (such as 14.3 MP1 and MP2) and ensuring compatibility with modern operating systems. It represents a mature stage of the 14.x architecture before the widespread transition to the newer "Symantec Endpoint Security" (SES) cloud-native architecture.
Advanced > Miscellaneous. Prevents Mimikatz attacks.LiveUpdate from saturating VPN links.Advanced Machine Learning (AML)Build 558 utilizes tuned AML algorithms to identify new threat variants without requiring a signature update. This proactive stance is vital for stopping zero-day exploits before they execute. symantec endpoint protection 14.3 build 558
Focus: SEP 14.3 introduced enhanced protection against attackers using legitimate system tools (like PowerShell or WMI) to stay "under the radar". Key Themes: Product Overview: Symantec Endpoint Protection 14
A major change in this build was the separation of the antivirus scan process into a distinct service from the main non-security service. This results in: More efficient memory usage. [ ] Enable "Insight" (Quorum) set to "Low
AMSI Integration: Includes support for the Windows Antimalware Scan Interface (AMSI), allowing third-party applications to request scans for dynamic script-based malware (e.g., PowerShell, JavaScript, VBScript) before they execute.
Key Features and Enhancements: