Symantec Endpoint Protection 14.3 Build 558 | Must Read |

Policies determine how the antivirus behaves.

  • Host Integrity (Firewall):
  • Exploit Protection:

    • Build 558 was the first build to fully integrate the "SEP Client" with the cloud management dashboard (though on-prem remains an option). The agent includes telemetry connectors that automatically forward file hash data to Symantec Endpoint Detection and Response (EDR) if deployed.

    Consult the official Symantec release notes and product documentation for exact build-specific fixes, CVE references, and the supported platform matrix.

    If you want, I can:

    (Invoking related search suggestions.)

    Symantec Endpoint Protection (SEP) version 14.3 (14.3.558.0000) is the initial release of the 14.3 branch, launched on May 5, 2020. This build introduced several architectural changes, including a unified agent and enhanced integration with cloud management consoles. Key Details for Build 14.3.558 Release Date: May 5, 2020.

    Major Features: This release focused on performance improvements and the introduction of a more modular architecture to facilitate cloud management.

    Security Advisory: Shortly after release, a security update (SYMSA1762) was issued to address specific vulnerabilities found in this build.

    Upgrade Path: To provide content updates to 14.3.558 clients, the Symantec Endpoint Protection Manager (SEPM) must also be running at least version 14.3.558. Status and Recommendations

    While build 558 was the standard at its release, it has since been superseded by numerous Release Updates (RU) and patches. As of early 2026, the current stable version is 14.4 (Build 115), released in March 2026. Client only patch Endpoint Protection 14.3 (14.3.558.0000)

    Symantec Endpoint Protection (SEP) 14.3 Build 14.3.558.0000 (also known as the initial release or ) was officially released on May 5, 2020

    . It introduced significant architectural changes, specifically aimed at optimizing memory usage and integrating more deeply with Windows security features. Broadcom Community Core Release Details 14.3 (Build 14.3.558.0000). Release Date: May 5, 2020. Successor: symantec endpoint protection 14.3 build 558

    This version was followed by 14.3 MP1 (Build 14.3.1169.0100) and later Release Updates like 14.3 RU1. Broadcom Community Key Features and Architectural Changes Antivirus Scan Process Separation:

    A major change in this build was the separation of the antivirus scan process into a distinct service from the main non-security service. This results in: More efficient memory usage.

    Continual protection even if the main service encounters issues. AMSI Integration: Deepened integration with the Microsoft Antimalware Scan Interface (AMSI)

    , allowing the client to scan user-provided scripts (PowerShell, JavaScript, VBScript) for malicious behavior before they execute. Enhanced Web Protection: Introduced support for custom Proxy Auto-Configuration (PAC)

    files via the WSS Local Proxy Service, solving compatibility issues with third-party apps. Modernized Console Requirements:

    Symantec Endpoint Protection Manager (SEPM) and the remote console began requiring Broadcom TechDocs Platform Support First-time support for Windows 10 version 2004 Expanded support to include Ubuntu 18.04 Added support for Microsoft SQL Server 2019 Broadcom TechDocs Critical Component Upgrades

    This build updated several underlying third-party components to improve security and performance: Broadcom TechDocs Web Services: Apache Tomcat Networking: cURL, OpenSSL Libraries: Boost C++ Libraries, Jackson-core, jackson-databind Microsoft JDBC Driver for SQL Server Installation Notes Client Patches:

    Client-only patches for build 558 were typically made available 1–2 weeks after the full release. Third-Party Removal: AppRemover

    tool was updated to a newer version to more effectively remove competing security software before installation. Broadcom Community troubleshooting steps for this 2020 build? Client only patch Endpoint Protection 14.3 (14.3.558.0000)

    The standout feature of Symantec Endpoint Protection (SEP) 14.3 Build 558 (the initial 14.3 release) is the Antimalware Scan Interface (AMSI) integration, which allows the software to block dynamic script-based malware from third-party applications like PowerShell, JavaScript, and VBScript. Key Features of Build 14.3.558

    Enhanced Script Protection: Uses Windows AMSI to scan user-provided scripts in real-time, blocking malicious behavior before execution. Policies determine how the antivirus behaves

    Scan Process Separation: The antivirus scan now runs as a separate service from the main non-security service, improving memory efficiency and stability.

    Microsoft Edge Support: Added browser intrusion prevention support for Edge, applying IPS signatures to inbound and outbound traffic.

    Simplified Exceptions: You no longer need to manually exclude "known risks"; the policy focus shifts to SONAR behavioral-based exclusions.

    SQL Server 2019: First version to introduce official support for Microsoft SQL Server 2019 databases. Important Release Notes Release Date: May 5, 2020.

    Management Requirement: To update clients to this build, the Symantec Endpoint Protection Manager (SEPM) must also be upgraded to version 14.3.

    Deployment: Includes a client-only patch for easier upgrading of existing endpoints. Comparison with Newer Versions

    While 14.3.558 was a major step, Broadcom TechDocs shows that later "Refresh Updates" (RU) added critical capabilities: 14.3 RU1: Enhanced parsing for Excel-based threats. 14.3 RU3: Support for Windows 11 and Windows Server 2022.

    14.3 RU8: Introduction of Adaptive Protection and enhanced EDR.

    💡 Key Takeaway: Build 558 is best known for fixing the performance "overhead" of previous versions by decoupling the scan process from the management agent. If you'd like, I can: Provide the system requirements for this specific build.

    Check if there are newer patches available for the 14.3 branch. Help with troubleshooting an upgrade from version 14.2. Client only patch Endpoint Protection 14.3 (14.3.558.0000)

    Symantec Endpoint Protection 14.3 Build 558: A Comprehensive Guide Host Integrity (Firewall):

    Symantec Endpoint Protection (SEP) 14.3 Build 558 (14.3.558.0000), released on May 5, 2020, marked a major evolution in Broadcom's security suite. This version introduced fundamental changes to the software's architecture, including a shift toward more efficient memory usage and the integration of advanced cloud-based protection features. Key Features and Enhancements

    Build 558 introduced several architectural and functional improvements designed to streamline performance and bolster defense:

    Antimalware Scan Interface (AMSI) Support: This build allows third-party applications to call the Windows AMSI interface to request scans for dynamic script-based malware (e.g., PowerShell, JavaScript, VBScript).

    Separated Scan Process: The antivirus scan now operates as a separate service from the main non-security service, ensuring more efficient memory usage and continuous protection even if the main service encounters issues. Database and Platform Support: Added support for Microsoft SQL Server 2019. The remote console was upgraded to support Java 11.

    Enhanced Cloud Connectivity: Broadcom streamlined the process for enrolling Symantec Endpoint Protection Manager (SEPM) domains into the cloud console for hybrid management. System Requirements

    To ensure optimal performance of SEP 14.3 Build 558, systems should meet the following minimum specifications: Minimum Requirement Recommended Processor 2 GHz Intel Pentium 4 (2 cores) 4 cores or greater RAM 512 MB (Client) / 2 GB (SEPM) 4 GB (Client) / 8 GB (SEPM) Storage 16 GB for SEPM 100 GB+ for SEPM OS Support Windows 10, Windows Server 2019+ Latest patched versions Implementation and Management

    Managing Build 558 involves using the Symantec Endpoint Protection Manager (SEPM) to deploy and update clients.

    Installation: New installations typically use the Setup.exe found in the installation package.

    Client Deployment: Administrators can use the Client Deployment Wizard to create and distribute installation packages.

    Patches: Version 14.3.558.0000 was the initial full release for the 14.3 branch. Subsequent updates, such as SEP 14.3 RU1, expanded these capabilities with features like behavioral protection for macOS. Security Best Practices

    To maximize the protection provided by Build 558, it is recommended to: Symantec ™ Endpoint Protection 14.3 Release Notes

    Performance, security, and management improvements in this mature but still-relevant endpoint protection platform.

    Though released before Windows Server 2022 became mainstream, Build 558 included "compatibility manifests" that allowed the driver (sysfer.sys) to pass the stricter Microsoft HLK tests for virtualization-based security (VBS).