List of publicly available hotfix ("patch") files for Symantec Protection Engine (hereafter "SPE") 7.0.x, 7.5.x, 7.8.x, 7.9.x, 8.0.x, 8.1.x and 8.2.x.
Issues and corresponding hotfixes
Release Date | Target Build | Etrack # | Issue | Corresponding Hotfix | KB |
2020-11-25 | SPE 8.2.0 | 4270044 | BypassScanTimeoutError in category3.xml does not return a clean verdict on timeout. | SPE-8.2.0-HF01.zip | 204049 |
Release Date | Target Build | Etrack # | Issue | Corresponding Hotfix | KB |
2020-08-05 | SPE 8.1.0 | 4268920 | SPE hangs in case that NTP server restarts and the system clock is set backwards. | SPE-8.1.0-HF03.zip | 196674 |
Release Date | Target Build |
Etrack # |
Issues | Corresponding Hotfix | KB |
2018-09-04 | SPE 8.0.0 | 4199107 4199091 |
|
SPE_8.0.0_HF01.zip | TECH251417 |
2019-05-15 | SPE 8.0.0 |
4211544 4211627 4204430 |
|
SPE-8.0-HF06.zip | TECH254656 |
2019-07-15 | SPE 8.0.0 | 4243558 | Lux HTTPS failing both SPE 7.9.2 and SPE 8.0.0 and also provided new HTTPS certificate required for rapid release. | SPE8.0.0-HF07.zip | TECH255495 |
2019-08-02 | SPE 8.0.0 | N/A | Decomposer hotfix for bzip2 vulnerability | SPE_8.0.0_HF09.zip | TECH255747 |
2020-03-03 | SPE 8.0.0 | N/A | Fix communication between Symantec Protection Engine (SPE) and cloud console for SPEs enrolled to cloud console | 8.0.0 + HF11 8.1.0 + HF01 8.1.1 + HF01 |
185714 |
Release Date | Target Build |
Etrack # |
Issues | Corresponding Hotfix | KB |
2017-06-02 | SPE 7.9.0 | 4087244 | Symantec Protection Engine (SPE) hotfix for miscellaneous hardening and few defects | SPE_7.9.0_HF01.zip | INFO4389 |
2017-09-15 | SPE 7.9.0 | 4125781 | Different ISTag is being generated in spite of using same policy, licenses and definitions versions across SPE instances even when ICAP OPTIONS requests are made with same service. | SPE_7.9.0_HF03.zip | |
2019-07-15 | SPE 7.9.2 | 4243558 | Lux HTTPS failing both SPE 7.9.2 and SPE 8.0.0 and also provided new HTTPS certificate required for rapid release. | SPE7.9.2-HF02.zip | TECH255495 |
2019-07-23 | SPE 7.9.1 | 4243558 | HTTPS communication with LiveUpdate server is failing | SPE_7.9.1_HF05.zip | TECH255590 |
2019-08-02 | SPE 7.9.2 | N/A | Decomposer hotfix for bzip2 vulnerability | SPE_7.9.2_HF02.zip | TECH255747 |
2019-08-27 | SPE 7.9.1 | 4246492 |
Protection engine server hangs until service restart |
SPE_7.9.1_HF06.zip | TECH256038 |
2019-09-06 | SPE 7.9.2 (SPSS Only) |
"Error:400 Bad Request. Reason: Token validation failed : Failed to read product name from License. Please contact your administrator to verify this message" after making changes to SPE settings. (Version bundled with SPSS only) |
SPE_7.9.2_HF03.zip | 175914 |
Release Date | Target Build | Etrack # | Issues | Corresponding Hotfix | KB |
2016-06-29 | SPE 7.8.0 |
3965897 3946031 |
Decomposer vulnerabilities | SPE_7.8.0_HF01.zip | INFO3791 |
2016-10-29 | SPE 7.8.0 | 4012474 | Hotfix request (re-sign "SSEAuth.dll") | SPE_7.8.0_HF04.zip | TECH236235 |
2017-06-02 | SPE 7.8.1 | 4092696 | Symantec Protection Engine (SPE) hotfix for miscellaneous hardening and few defects | SPE_7.8.1_HF01.zip | INFO4389 |
2017-08-18 | SPE 7.8.1 | 4096888 | Upgrade utility for 7.8 needs to be maintained/updated to allow support for later versions of 7.8 | INFO3603 | |
2018-07-23 | SPE 7.8.1 | N/A | Fixes for security hardening | SPE_7.8.1_HF05.zip | TECH251028 |
2019-07-18 | SPE 7.8.1 | N/A | HTTP/HTTPS support for RR in SPE 7.8.1/CSAPI 11.0.1 | SPE_7.8.1_HF06.zip | TECH255545 |
2019-08-02 | SPE 7.8.1 | N/A | Decomposer hotfix for bzip2 vulnerability | SPE_7.8.1_HF07.zip | TECH255747 |
Release Date | Target Build | Etrack # | Issues | Corresponding Hotfix | KB |
2014-04-03 | SPE 7.5.0.34 | 3455377 3464377 |
Password protected PDF files are getting replaced with 0 byte files irrespective of encrypted container policy setting | SPE75_HF_01 | TECH216395 |
2014-04-23 | SPE 7.5.0.34 | 3481813 3484066 |
Is the Symantec Protection Engine (SPE) affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160) OBSOLETE | SPE75_0FH_02 (OBSOLETE: replaced with SPE7.5-HF03 below) |
TECH216502 |
2014-06-12 | SPE 7.5.0.34 | 3481813 3484066 3524155 |
Is the Symantec Protection Engine (SPE) affected by the Heartbleed OpenSSL vulnerability (CVE-2014-0160) | SPE7.5-HF03 | TECH216502 |
2014-11-19 | SPE 7.5.1.5 | 3649837 3652052 3642637 |
OpenSSL POODLE vulnerability(CVE-2014-3566) and expired java certificate application | SPE-7.5.1.5-HF1 | TECH225844 TECH226027 |
2015-10-13 | SPE 7.5.2.3 | 3871317 | Some jar files shows as expired. Got error Error: "The certificate used to authenticate this application has expired". | SPE_7.5.2_HF03 | TECH233528 |
2016-01-28 |
SPE 7.5.3.5 |
3853862 | SPE does not clean all temp files in temp-CSAPI directory that are created during scanning process. | SPE-7.5.3-HF01 | TECH234097 |
2016-02-15 | SPE 7.5.2.8 | 3903866 | SPE does not clean all temp files in temp-CSAPI directory that are created during scanning process. | SPE-7.5.2-HF04 | TECH234097 |
2016-06-29 | SPE 7.5.* |
3965874 3965877 3965878 3965879 3965880 |
Decomposer vulnerabilities | SPE_7.5.1_HF05.zip SPE_7.5.2_HF07.zip SPE_7.5.3_HF03.zip SPE_7.5.4_HF01.zip |
INFO3791 |
2016-10-29 | SPE 7.5.5 | 4012468 | Hotfix request (re-sign "SSEAuth.dll") | SPE_7.5.5_HF02.zip | TECH236235 |
2016-11-16 | SPE 7.5.5 |
4012550 4008615 |
1) SPE Jar certificate expired due to which error pop up come while opening SPE UI. 2) Removal of TLS 1.0 support for SPE 7.5.x Web Console. |
SPE_755_HF03.zip | TECH247291 |
2016-11-16 | SPE 7.5.5 | 4015789 | Symantec Protection Engine 7.5.5 file scan issue with NetApp 7G Filer | SPE_755_HF04.zip | TECH236338 |
2016-12-14 | SPE 7.5.* |
4010423 4015369 4017699 4007777 |
Multiple Decomposer modifications for SPE |
SPE_7.5.2_HF09.zip SPE_7.5.5_HF05.zip |
TECH236643 |
2017-06-02 | SPE 7.5.5 | 4093427 | Symantec Protection Engine (SPE) hotfix for miscellaneous hardening and few defects | SPE_7.5.5_HF08.zip | INFO4389 |
2018-07-23 | SPE 7.5.5 | N/A | Fixes for security hardening | SPE_7.5.5_HF13.zip | TECH251028 |
2019-07-19 | SPE 7.5.5 | N/A | HTTP/HTTPS support for RR in SPE 7.5.5/ CSAPI 10.1.7 | SPE_7.5.5_HF17.zip | TECH255560 |
2019-08-02 | SPE 7.5.5 | N/A | Decomposer hotfix for bzip2 vulnerability | SPE_7.5.5_HF18.zip | TECH255747 |
Release Date | Target Build | Etrack # | Issues | Corresponding Hotfix | KB |
2014-04-04 | SPE 7.0.2 | 3406281 3409566 3409559 3437595 |
With JRE 7 update 51 and onward a Java security warning which suggests blocking SSE/SPE applets with a future version of Java is shown | SPE70_2_HF02 | TECH213129 |
2014-11-19 | SPE 7.0.3.5 | 3649842 3660720 3642637 |
OpenSSL POODLE vulnerability(CVE-2014-3566) and expired java certificate application | SPE-7.0.3-HF01 | TECH225844 TECH226027 |
2016-06-29 | SPE 7.0.* |
3965867 3965868 3965869 3965871 3965872 3965873 |
Decomposer vulnerabilities | SPE_7.0.0_HF01.zip SPE_7.0.1_HF01.zip SPE_7.0.2_HF10.zip SPE_7.0.3_HF02.zip SPE_7.0.4_HF01.zip SPE_7.0.5_HF01.zip |
INFO3791 |
2016-10-29 | SPE 7.0.2 | 4010653 | Hotfix request (re-sign "SSEAuth.dll") | SPE_7.0.2_HF12.zip | TECH236235 |
2016-11-16 | SPE 7.0.5 | 4012549 | SPE Jar certificate expired due to which error pop up come while opening SPE UI. | TBD | TBD |
2016-12-14 | SPE 7.0.* |
4010423 4015369 4017699 4007777 |
multiple Decomposer modifications for SPE |
SPE_7.0.2_HF13.zip SPE_7.0.4_HF03.zip SPE_7.0.5_HF04.zip |
TECH236643 |
2017-06-22 | SPE 7.0.5 | 4099656 | Unable to load GUI on SPE 7.0.5 when using JAVA 1.8.0_131 or higher | SPE_7.0.5_HF05.zip | TECH246817 |
2017-11-13 | SPE 7.0.2 | 4138498 | Hotfix request (re-sign "SSEAuth.dll" and "DefUDply.dll") | SPE_7.0.2_HF14.zip | TECH248157 |
2019-07-22 | SPE 7.0.5 | N/A | HTTP/HTTPS support for Rapid Release in SPE 7.0.5/CSAPI 10.0.4 | SPE_7.0.5_HF07.zip | TECH255577 |
2019-08-02 | SPE 7.0.5 | N/A | Decomposer hotfix for bzip2 vulnerability | SPE_7.0.5_HF08.zip | TECH255747 |