News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security

    Home Forums AskWoody blog Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security

    Viewing 9 reply threads
    • Author
      Posts
      • #579978 Reply
        woody
        Da Boss

        And the hits keep on rolling… Last night, Microsoft added a new “Known issues with this update” entry to both KB 4493472, this month’s Win7 and Serv
        [See the full post at: Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security]

        6 users thanked author for this post.
      • #583605 Reply
        anonymous
        Guest

        What is my Great-aunt Martha supposed to make of the instruction:

        Workaround: Disable any Access Protection rule that protects a service.

        HMcF

        My own machine: Win7 Pro SP1 x64 group W.

        A relative’s machine: Win8.1 Home group A, with McAfee pre-installed by the OEM. Should I worry about the support implications on the latter machine (smile)?

        2 users thanked author for this post.
        • #586328 Reply
          woody
          Da Boss

          Proving once again that McAfee knows how to write user instructions that are every bit as understandable as Microsoft’s.

          Eschew Obfuscation….

          1 user thanked author for this post.
          • #600027 Reply
            warrenrumak
            AskWoody Plus

            These are instructions for IT administrators — it’s an enterprise-only product.  Writing the instructions for the “grandma” audience would, frankly, be offensive.

            2 users thanked author for this post.
            • #602363 Reply
              Elly
              AskWoody MVP

              Should I worry about the support implications on the latter machine (smile)?

              As non-techies need help with their computers as much, if not more, than IT administrators… and they often don’t have the IT terminology knowledge to tell if something applies to them or not… it would be useful to reassure such a person that this doesn’t apply to a home system.

              As a grandma and great-aunt, I’ve been really blessed by the people here helping me understand what is going on with my computer, how to make it work the way I want and need, and clarifying what needs worrying about or what is something normal that I just hadn’t noticed before. None of them have ever acted as if helping me was insulting, or beneath their dignity. I’ve asked a lot of questions that probably seemed dumb or ignorant… and by receiving appropriate answers, I am becoming much less ignorant.

              Writing the instructions for the “grandma” audience would, frankly, be offensive.

              It is helpful to all the community here to respond to people respectfully… and this grandma can accomplish some otherwise too technical things, if given clear and concise instructions (but it takes a real expert to be able to translate tech to non-techy English… and they need the heart for beginners)… and, yes, they need the patience to repeat the same instructions over and over again, because it is needed by another newbie. @Kirsty and PCKano are excellent role models for this, as well as many other MVPs. If it offensive to you, then by all means, don’t step up and try… but don’t be rude, either.

               

              Non-techy Win 10 Pro and Linux Mint experimenter

              5 users thanked author for this post.
              • #636284 Reply
                warrenrumak
                AskWoody Plus

                I put “grandma” in quotes purposefully — to identify the figurative group of people (the ones that, e.g., the Grandma Finds the Internet meme riffs on), not the literal group of people (women whose children have had children).  In grammatical terms, they’re scare quotes.

                If that wasn’t clear, hey, sorry.  It definitely wasn’t intended to be rude.

                That said, my point remains the same — documentation targeted for a professional audience will always exclude details that a non-professional would require to understand the topic.  Microsoft’s documentation on “ReFS mirror-accelerated parity“, for example, isn’t going to take the time to describe the basics of hard drives, perfmon, or Powershell.  There are literally dozens of distinct concepts you need to understand before that page will make complete sense.

                Getting upset that content targeted towards IT pros isn’t making affordances to hobbyists is wasted energy.  This is doubly true when it comes to extremely time-sensitive issues such as software that suddenly started malfunctioning.  “Anything” is almost always better than “nothing” in these matters.  (Also, try to think of this content as being written, not by some faceless corporation, but by human beings on a tight deadline…. perhaps in the middle of the night after being woken up because something’s gone horribly wrong.)

                1 user thanked author for this post.
        • #587760 Reply
          wmelonman
          AskWoody Lounger

          Please don’t worry about your great-aunt Martha as she’s not likely having to deal with these instructions.

          McAfee Endpoint Security (ENS) is a product for corporate environments, not for consumers. As an admin dealing with ENS I immediately know where to go to change Access Protection rules.

           

          3 users thanked author for this post.
          • #622189 Reply
            anonymous
            Guest

            Many thanks.

            I picked up the word “McAfee” (which my relative does have installed on her Home machine) and missed the “End Point Security” signficance.

            I am much relieved, thank you again.

            HMcF

      • #585487 Reply
        Seff
        AskWoody Plus

        Call me old-fashioned, but the workaround I prefer when a bad patch hits my machines is to uninstall the bad patch.

        2 users thanked author for this post.
      • #588913 Reply
        Alex5723
        AskWoody Plus

        “Workaround: Disable any Access Protection rule that protects a service”

        Make your enterprise PCs insecure in order to fix Microsoft’s blunder ?

        2 users thanked author for this post.
      • #590537 Reply
        TaskForce141
        AskWoody Lounger

        So, if I don’t have any of the 3rd party anti-virus software that’s listed as affected by the monthly patch, there’s no slowdown and it’s ok to install the April patches?  I have Win 7, MS Security Essentials, daily scan turned off, but background protection ON.

        Or is MS careless enough to not test with their own security products?

        • #590647 Reply
          Seff
          AskWoody Plus

          It’s never ok to install the monthly patches until Woody has raised the Defcon rating to 3 or higher.

          That’s especially true this month, given that as he indicates in this article it has taken 10 days for the McAfee issue to be made public. Who knows what else lurks just around the corner?

          1 user thanked author for this post.
        • #590675 Reply
          PKCano
          Da Boss

          Most of us here work on the DEFCON system. See the big numbers at the top of the blog.
          You can read about it by clicking on the button in the top gray menubar.

          Basically, it says wait to install and let others be the Guinea pigs/cannon fodder. When it is OK to update, the DEFCON number will be 3 or greater and Woody will give advice for safe patching in his ComputerWorld article.

          For example, we have just learned about the McAfee problem, a week and a half after Patch Tuesday. If there is no big exploit causing immediate danger, it is better to wait for a while to patch.

          2 users thanked author for this post.
      • #600594 Reply
        Susan Bradley
        AskWoody MVP

        But if it’s an Enterprise only product, why isn’t this found before it’s released?  Microsoft likes Enterprises.

        Susan Bradley Patch Lady

        4 users thanked author for this post.
      • #606395 Reply
        Myst
        AskWoody Plus

        As non-techies need help with their computers as much, if not more, than IT administrators… and they often don’t have the IT terminology knowledge to tell if something applies to them or not… it would be useful to reassure such a person that this doesn’t apply to a home system.

        Would it be crazy for Woody to split up the lounge and call out two sections, one for IT types and another for Non-Techies? Trying to imagine doing this without a big fuss taking into account we just went through the Windows Secrets merge. Off topic here on this particular thread but since the subject came up of IT and Non-Tech it seems fitting to throw this in the pot for the heck of it.

        Win7 SP1 Home x64, MacOS / Chromebook

        • #606959 Reply
          Elly
          AskWoody MVP

          There are both DevOps and IT Admin Lounges that are set up already- see list of forums on right.

          I may have been too quick to take offense… but no one is forced to reply to any post, and it is relatively easy to be polite about pointing out that something is for Enterprise only, and effectively relieve the anxiety that non-techies and newbies experience when faced with so many problem reports.

          Non-techy Win 10 Pro and Linux Mint experimenter

          4 users thanked author for this post.
          • #608765 Reply
            Myst
            AskWoody Plus

            Thanks for the info Elly I’m still trying to navigate my way around the lounge, you’re the best.

            Win7 SP1 Home x64, MacOS / Chromebook

            2 users thanked author for this post.
      • #614526 Reply
        EP
        AskWoody_MVP

        well woody I did find this Mcafee forum topic (barely a week old):

        https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-and-Windows-updates-of-this-week/m-p/622363#M3642

        1 user thanked author for this post.
      • #629758 Reply
        Geo
        AskWoody Lounger

        Get Defender or MSE.  They’re free.  Add  Adw Cleaner.

      • #714190 Reply
        bsfinkel
        AskWoody Lounger

        I had a strange occurrence.  Last Thursday morning at 09:40 I powered-off my Windows 7 Professional computer before an out-of-town trip.  Nothing out of the ordinary.  When I powered-on my computer Sunday night at 20:27, the computer went through it usual “chkdsk c:” (another long-standing problem that no one has been able to “diagnose/fix”), then instead of bringing up Windows, I got a “Configuring Windows updates ..;.” message.  I had not installed any Win 7 patches before shutdown due to the Defcon-1 status.  After that message, there was an auto-reboot and another “Configuring Windows updates …” message.  After another auto-reboot, Windows came up.  When I checked the Windows Update log, I saw that MS had installed KB4493472 (April Win 7 Security Updates) Thursday at 09:43 during the shutdown process WITHOUT MY PERMISSION.  I run MSE, so I have no conflict with the other A-V software mentioned in previous posts above.  There seems to be no problems.  Why was this security patch installed without my permission ?

        • #714549 Reply
          Elly
          AskWoody MVP

          Is Windows Update set to Never Update? Or?

          Non-techy Win 10 Pro and Linux Mint experimenter

          • #715600 Reply
            bsfinkel
            AskWoody Lounger

            Important Updates: Download updates but let me choose whether to install them.

            Recommended Updates: Give me recpmmended updates the same way I receive important updates.

            • #716056 Reply
              Elly
              AskWoody MVP

              When the updates download, the important ones will be automatically checked. If you don’t uncheck them, and save that setting, Windows Update will assume that they have been approved, and install when the machine reboots. This has happened to me when the power failed, and shut the computer down, when I wasn’t there to monitor. It is much safer to leave WU on Never Check, and do manual checks at your convenience.

              Non-techy Win 10 Pro and Linux Mint experimenter

        • #719686 Reply
          SteveTree
          AskWoody Lounger

          I may – emphasize ‘may’ – have had the same happen but had been having an issue with other Microsoft updates (Office, IE) not showing and had run troubleshooter beforehand. I would have sworn update was set to notify only but have to allow I may have forgotten.  KB4493472 had installed and when I looked update was set to automatic. I uninstalled and hid  KB4493472 and believed I set update to notify.

          The next day KB4493472  installed itself again and I found update set to automatic. Thinking I was going mad  I checked hidden updates and found it still listed as hidden. Again I am fairly sure I had automatic update off and was suspicious it had switched itself on but did not make a note of it so cannot be 100% certain.

          A check of hidden updates after the second installation found it set a hidden so I presumed an updated version had come through. Since then I left KB4493472 in place with no issues and update is holding the ‘notify’ setting.

          Group A (but Telemetry disabled Tasks and Registry)
          Win 7 64 Pro desktop
          Win 10 64 Home portable

    Viewing 9 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel