Currently LiveUpdate is not protected by SEP Tamper Protection r anything leaving a major flaw in Symantec Endpoint Protection. If a virus can get onto the system and run a simple script to uninstall LiveUpdate your SEPM and clients will basically just stop updating allowing for an attacker to then freely attack your network with a zero day vulnerability as nothing will get updates.
LiveUpdate should come under the protection of either Tamper Protection of applicaion and device control to stop someone being able to uninstall this without coming up against a password or some form of prevention.