Let's do a quick review of this "conflict":
Symantec Resource Protection logs multiple entries indicating that Defender
is accessing some of the Symantec files.
The Defender Real-time module that performs this access appears to be the
Application Execution agent, which per WD Help; "Monitors when programs start
and any operations they perform while running."
Since the Defender AE agent would likely perform at least an md5 check to
determine if the Symantec executables are malware, this is also likely to
trigger the Symantec Resource Protection to indicate an "Unauthorized
access", which is really nothing more than a read of the file. Obviously this
is an over-reaction, but this is what the Symantec Resource Protection is
designed to do, since it didn't 'authorize' Defender's access.
At this point it appears that the result is nothing more than log entries of
these file access attempts that Symantec Resource Protection blocks and
indicates as "Unauthorized access", which sounds far more threatening than it
really is.
Since it's the Symantec Resource Protection that's deciding that Defender is
'attacking' and Defender itself seems to experience no ill effects, even due
to the block caused by Symantec Resource Protection, there doesn't appear to
be a real problem, and if there is, it's the logging of the entries by
Symantec Resource Protection.
Conclusion: Contact Symantec Support and ask them to stop detecting the
Defender file reads as an Unauthorized access, or disable the Defender
Application Execution agent (which protects from far more important things
than SRP), or disable the Symantec Resource Protection, or better yet, simply
ignore this useless false positive detection by Symantec Resource Protection.
Moral: AntiMalware that watches itself is like watching yourself twiddle
your thumbs, while your house is burning down around you.
Bitman
