Symantec+endpoint+protection+1431215410000+p+patched

System administrators often need to verify whether an endpoint is running the vulnerable base build or the secure, patched build. Here’s how to check:

If the scanner flags this as missing or vulnerable:

To fully appreciate the "patched" status, we must first break down the versioning scheme: symantec+endpoint+protection+1431215410000+p+patched

The string 1431215410000 likely concatenates 14.3.1215.410000 into a single index-friendly identifier used by patch management systems (e.g., Microsoft SCCM, Symantec Patch Manager, or third-party vulnerability scanners). The p in the keyword explicitly flags that this version includes a post-release security or stability patch, meaning the base build has been altered from its original shipped state.

As of 2025, SEP 14.3 RU1 (patched or unpatched) is considered legacy. Broadcom’s current long-term support branches are: System administrators often need to verify whether an

However, many air-gapped, government, and industrial control system (ICS) environments still rely on symantec+endpoint+protection+1431215410000+p+patched due to strict change management policies. If you are still on this build, you should plan an upgrade to at least 14.3 RU7 to receive modern TLS 1.2+ support and detections for post-2023 ransomware families.

Broadcom provides direct upgrade paths:

Do not attempt to upgrade from the patched 14.3.1215 to a newer release without first removing the hotfix; doing so can cause service crashes.