The Information Server downloads spyware pattern (SSAPTN) 1105 from the ActiveUpdate server and deploys it to the Normal Servers. However, the Normal Servers still use the previous SSAPTN version.
ServerProtect 5.8 uses VSAPI to read the SSAPTN pattern number. The issue occurs when a defect in VSAPI causes ServerProtect to read the version number incorrectly. For instance, SSAPTN "1.105" will be read "0.105". Because of this, the Normal Servers remove the latest version 1105 and retain the previous one. Spyware detection still works with the use of the previous SSAPTN.
To resolve the issue, download and install Critical Patch 1268.