Immediately after downloading and applying definitions, either from the Symantec Endpoint Protection Manager (SEPM) or through LiveUpdate, the CPU usage of the Symantec Endpoint Protection (SEP) 12.1 client becomes very high for ten to fifteen minutes. ccSvcHst.exe is reported as being the process responsible for the high CPU usage.
This problem appears to be caused by a memory leak issue that occurs with MS KB 2616676 installed. This may result in unexpected behavior from ccScvHst.exe.
It has been reported to Symantec that applying Microsoft Hotfix KB 959658 to impacted systems resolves this issue. This hotfix is designed to address issues caused by MS KB 2616676.