- FEP or SCEP policy is edited from the Configuration Manager console on a computer that does not have the FEP or SCEP client software installed.
- A data race condition in the UI can also cause this problem if a FEP or SCEP policy is opened, edited, and saved before FEP or SCEP definition enumeration is completed in the UI. Because the UI is not fully populated, a blank section is saved for threat overrides. This enumeration process typically takes less than a minute. This process only occurs the first time a FEP or SCEP policy is opened in a Configuration Manager UI session, or when definitions are updated on the FEP or SCEP client that protects the computer hosting the Configuration Manager console.
- Do not edit FEP or SCEP policy from a Configuration Manager console on a computer that does not have the FEP 2010 or SECP 2012 client software installed. If the computer hosting the Configuration Manager console does not have the FEP client software installed, you must install the FEP or SECP client software to avoid this problem.
- To resolve the second cause, you must give the FEP or SECP policy UI sufficient time to load the override section of policy. You can verify that the section is loaded by clicking the Antimalware tab, and then clicking Overrides. If the dialog box displays a Loading Data message, the override data is not yet loaded into the UI (this process typically takes less than a minute). If you see the custom threat override data in this section, the data is loaded and the policy can be applied.
Microsoft is aware of this problem, and it will be addressed in a future release of the product.
Article ID: 2494908 - Last Review: Jul 9, 2012 - Revision: 1