Iniciar sessão com a Microsoft
Iniciar sessão ou criar uma conta.
Olá,
Selecione uma conta diferente.
Tem várias contas
Selecione a conta com a qual pretende iniciar sessão.
Inglês
Pedimos desculpa, mas este artigo não está disponível no seu idioma.

Symptoms

Threat overrides that you had previously authored in the Forefront Endpoint Protection (FEP) or System Center 2012 Endpoint Protection (SCEP) area of the Configuration Manager console are missing. Clients are also missing threat overrides set by FEP or SCEP policy. Threats you choose to allow via policy are cleaned by the FEP or SCEP client when they should be allowed.

Cause

This can happen if the threat override section in the FEP or SCEP policy is overwritten with blank data. There are two situations that can cause the threat override section to be overwritten with blank data and either situation causes the symptoms described in this article. The situations are listed below:

  • FEP or SCEP policy is edited from the Configuration Manager console on a computer that does not have the FEP or SCEP client software installed.

  • A data race condition in the UI can also cause this problem if a FEP or SCEP policy is opened, edited, and saved before FEP or SCEP definition enumeration is completed in the UI. Because the UI is not fully populated, a blank section is saved for threat overrides. This enumeration process typically takes less than a minute. This process only occurs the first time a FEP or SCEP policy is opened in a Configuration Manager UI session, or when definitions are updated on the FEP or SCEP client that protects the computer hosting the Configuration Manager console.

Resolution

  • Do not edit FEP or SCEP policy from a Configuration Manager console on a computer that does not have the FEP 2010 or SECP 2012 client software installed. If the computer hosting the Configuration Manager console does not have the FEP client software installed, you must install the FEP or SECP client software to avoid this problem.

  • To resolve the second cause, you must give the FEP or SECP policy UI sufficient time to load the override section of policy. You can verify that the section is loaded by clicking the Antimalware tab, and then clicking Overrides. If the dialog box displays a Loading Data message, the override data is not yet loaded into the UI (this process typically takes less than a minute). If you see the custom threat override data in this section, the data is loaded and the policy can be applied.

More Information

The FEP or SCEP policy dialog box in the Configuration Manager console pulls a list of all known threats from the FEP 2010 or SECP 2012 client software installed on the same system. Once this data is gathered, FEP/SECP caches it in the memory of the UI process. This means that in the same session there will only be a delay loading this data the first time you open a FEP/SECP policy for editing. However, the first time you open a FEP or SECP policy after you start the Configuration Manager console the override data may not have sufficient time to load before you save the policy, and a blank override section may be saved with the policy, resulting in the loss of any customized override data.

Microsoft is aware of this problem, and it will be addressed in a future release of the product.

Facebook LinkedIn E-mail
SUBSCREVER FEEDS RSS

Precisa de mais ajuda?

Quer mais opções?

Discover Community

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Microsoft 365 subscription benefits

Microsoft 365 training

Microsoft security

Accessibility center

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.

Ask the Microsoft Community

Microsoft Tech Community

Windows Insiders

Microsoft 365 Insiders

Estas informações foram úteis?

O que afetou a sua experiência?
Ao selecionar submeter, o seu feedback será utilizado para melhorar os produtos e serviços da Microsoft. O seu administrador de TI poderá recolher estes dados. Declaração de Privacidade.

Obrigado pelo seu feedback!

×