Windows Updates: Issues with McAfee and Sophos AV SW

Windows Update[German]A brief overview of the status of known issued during update installation under Windows, if antivirus software from third party manufacturers is installed. Microsoft warns of security solutions from McAfee and Sophos in the list of known issues for the 14 May 2019 security updates. But also Sophos is causing issues.


Advertising

A brief review of the problem

In April 2019, the Patchday (2nd Tuesday of the month) significant install issues with Windows updates has been observed on systems where third-party antivirus products from Avira, Avast, McAffee and Sophos were installed. Microsoft even had to block the distribution of updates to systems on which the affected security solutions were installed. I've made reference to this in the following articles on this blog, among others:

Windows 7: Mc Afee is causing issues with April Updates
Windows patchday issues–one week later (April 17, 2019)
AVAST and Avira confirms April 2019 Update issues

Avira and Avast had improved their security solutions and stated that there were no more problems with the April 2019 updates. Before the May 2019 patchday (14 May 2019), I had explicitly asked in my German blog post Windows Mai 2019-Patchday, wo steht Avira?  if there were any known issus. Avira told me that the issues have been fixed and that Microsoft is releasing the blocked April 2019 updates. There were also no comments from blog readers on new problems.

May updates: Issues with Sophos and Mc Afee

In April 2019 both, Mc Afee and Sophos antivirus software has been causing issues with Windows security updates. And for May 2019 updates Microsoft explicitly mentioned again issues with Mc Afee antivirus software for Windows 7 and Windows 8.1 and their server counterparts (see Patchday: Updates for Windows 7/8.1/Server (May 14, 2019)).

There is a problem that was identified in April 2019 on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8. The antivirus solution may cause the system to boot slowly after this update is installed, or may cause the system to stop responding when rebooted.


Advertising

Microsoft is silent about Sophos in its KB articles. But the manufacturer Sophos has published the support article Following the Microsoft Windows 14th May update some machines hang on boot. For some customers, the May 14 security updates on Windows cause an error. After the update installation the systems get stuck when booting with the message "Configuring 30%". This refers to:

  • KB4499164 (Monthly Rollup) for Windows 7/Windows Server 2008 R2
  • KB4499175 (Security-only update) for Windows 7/Windows Server 2008 R2

The problem occurs when Sophos has installed the following security solutions for corporate environments.

  • Sophos Endpoint Security and Control
  • Sophos Central Endpoint Standard/Advanced

According to the support article, Sophos is still investigating the problem with Microsoft. At the moment there is only the blocking of updates and, if already installed, their uninstallation.

Mc Afee has a fix

A few hours ago, German blog reader Michael Py left a comment, mentions that Mc Afee released a fix (thx for the hint). A support articles about Mc Afee Endpoint Security 10.6.1 mentioned within a linked PDF file a 'May 2019 Update'. Referenz 1270648 says:

Systems no longer have slower restart times and performance after installing Microsoft Windows April 2019 updates. See KB91476 and KB91465 for more information.

The KB articles listed above are Mc Afee Support articles and have nothing to do with the Microsoft KB articles for updates. However, according to my reading, Mc Afee only mentioned a fix for the issues related to the April 2019 Windows updates. Since the Mc Afee warnings in the Know-Issues for the May 2019 updates in the Microsoft KB articles have not yet disappeared, it is currently unclear to me whether the fix will finally fix the problems. Hence the question to administrators using Mc Afee Endpoint Security 10.6.1 in corporate environments: Does it fix the patchday issues?


Advertising

This entry was posted in issue, Update, Windows and tagged , , , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).