Unable to access proxy resources after upgrade to Windows 10 version 1809
Last Updated May 15, 2019
If Symantec Endpoint Protection (SEP) is left installed on a Windows 10 version 1507 system, and that system is then upgraded directly to Windows 10 version 1809, proxied web traffic fails to connect when using Internet Explorer or Edge. However, when a Windows 10 version 1607 system is upgraded to version 1809, there is no issue.
Windows 10 version 1507 upgraded to version 1809
sysfer.dll (DLL for Application and Device Control) fails to inject into the pacjsworker.exe process. This process handles PAC file parsing.
Windows 10 version 1507 does not include the ALL RESTRICTED APPLICATION PACKAGES security group. However, version 1607, and up, do. When version 1507 is upgraded direct to 1809, this security group does not get properly assigned to the sysfer.dll driver under C:\Windows\System32. As a result, sysfer.dll is unable to inject into the pacjsworker.exe process, which results in that process terminating without properly handling the PAC file parsing. As a result, web traffic requests may be incorrectly routed. This has been determined to be an issue with Microsoft Windows and not the SEP product.
To work around this behavior, the SEP client should either be unininstalled prior to the OS upgrade, or SEP should be reinstalled after the OS upgrade. Doing so will allow the Windows OS to properly assign this security group, thus allowing proper injection.
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe