How to recover a system with a non-functional Exploit Prevention module:
Use one of the following resolutions if you see the issue described in this article and the Exploit Prevention module is non-functional.
- Option 1:
- Update to V3 Virus Definition Update (DAT) version 3786.
- Disable the Exploit Prevention module from ePolicy Orchestrator (ePO) in the Threat Prevention, Exploit Prevention policy. Then, enforce policies to the system.
- Enable the Exploit Prevention module from ePO in the Threat Prevention, Exploit Prevention policy. Then, enforce policies to the system. The Exploit Prevention functionality is restored.
- Option 2:
- Update to V3 Virus Definition Update (DAT) version 3786.
- Restart the system. The Exploit Prevention functionality is restored.
If the above options don't resolve the issue, apply Exploit Prevention remediation content after you update the V3 Virus Definition (DAT) to version 3786 or later. The Exploit Prevention functionality is restored with content equivalent to the content in the previous month’s release version.
