Once I applied the SAV patches, the problem dissappeared on our end. SAV version 10.1.0.394 seemed to be the vulnerable version. Once we updated to 10.1.0.396, all has been well.
About the only thing I don't like about Symantec is how much of a pain in the ass it is to obtain patches/license keys through their portal.
The object of war is not to die for your country but to make the other bastard die for his - George Patton