News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security

    Home Forums AskWoody blog Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security

    This topic contains 23 replies, has 15 voices, and was last updated by  SteveTree 5 months, 4 weeks ago.

    • Author
      Posts
    • #579978 Reply

      woody
      Da Boss

      And the hits keep on rolling… Last night, Microsoft added a new “Known issues with this update” entry to both KB 4493472, this month’s Win7 and Serv
      [See the full post at: Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security]

      6 users thanked author for this post.
    • #583605 Reply

      anonymous

      What is my Great-aunt Martha supposed to make of the instruction:

      Workaround: Disable any Access Protection rule that protects a service.

      HMcF

      My own machine: Win7 Pro SP1 x64 group W.

      A relative’s machine: Win8.1 Home group A, with McAfee pre-installed by the OEM. Should I worry about the support implications on the latter machine (smile)?

      2 users thanked author for this post.
      • #586328 Reply

        woody
        Da Boss

        Proving once again that McAfee knows how to write user instructions that are every bit as understandable as Microsoft’s.

        Eschew Obfuscation….

        1 user thanked author for this post.
        • #600027 Reply

          warrenrumak
          AskWoody Plus

          These are instructions for IT administrators — it’s an enterprise-only product.  Writing the instructions for the “grandma” audience would, frankly, be offensive.

          2 users thanked author for this post.
          • #602363 Reply

            Elly
            AskWoody MVP

            Should I worry about the support implications on the latter machine (smile)?

            As non-techies need help with their computers as much, if not more, than IT administrators… and they often don’t have the IT terminology knowledge to tell if something applies to them or not… it would be useful to reassure such a person that this doesn’t apply to a home system.

            As a grandma and great-aunt, I’ve been really blessed by the people here helping me understand what is going on with my computer, how to make it work the way I want and need, and clarifying what needs worrying about or what is something normal that I just hadn’t noticed before. None of them have ever acted as if helping me was insulting, or beneath their dignity. I’ve asked a lot of questions that probably seemed dumb or ignorant… and by receiving appropriate answers, I am becoming much less ignorant.

            Writing the instructions for the “grandma” audience would, frankly, be offensive.

            It is helpful to all the community here to respond to people respectfully… and this grandma can accomplish some otherwise too technical things, if given clear and concise instructions (but it takes a real expert to be able to translate tech to non-techy English… and they need the heart for beginners)… and, yes, they need the patience to repeat the same instructions over and over again, because it is needed by another newbie. @kirsty and PCKano are excellent role models for this, as well as many other MVPs. If it offensive to you, then by all means, don’t step up and try… but don’t be rude, either.

             

            Win 7 Home, 64 bit, Group B

            5 users thanked author for this post.
            • #636284 Reply

              warrenrumak
              AskWoody Plus

              I put “grandma” in quotes purposefully — to identify the figurative group of people (the ones that, e.g., the Grandma Finds the Internet meme riffs on), not the literal group of people (women whose children have had children).  In grammatical terms, they’re scare quotes.

              If that wasn’t clear, hey, sorry.  It definitely wasn’t intended to be rude.

              That said, my point remains the same — documentation targeted for a professional audience will always exclude details that a non-professional would require to understand the topic.  Microsoft’s documentation on “ReFS mirror-accelerated parity“, for example, isn’t going to take the time to describe the basics of hard drives, perfmon, or Powershell.  There are literally dozens of distinct concepts you need to understand before that page will make complete sense.

              Getting upset that content targeted towards IT pros isn’t making affordances to hobbyists is wasted energy.  This is doubly true when it comes to extremely time-sensitive issues such as software that suddenly started malfunctioning.  “Anything” is almost always better than “nothing” in these matters.  (Also, try to think of this content as being written, not by some faceless corporation, but by human beings on a tight deadline…. perhaps in the middle of the night after being woken up because something’s gone horribly wrong.)

              1 user thanked author for this post.
      • #587760 Reply

        wmelonman
        AskWoody Plus

        Please don’t worry about your great-aunt Martha as she’s not likely having to deal with these instructions.

        McAfee Endpoint Security (ENS) is a product for corporate environments, not for consumers. As an admin dealing with ENS I immediately know where to go to change Access Protection rules.

         

        3 users thanked author for this post.
        • #622189 Reply

          anonymous

          Many thanks.

          I picked up the word “McAfee” (which my relative does have installed on her Home machine) and missed the “End Point Security” signficance.

          I am much relieved, thank you again.

          HMcF

    • #585487 Reply

      Seff
      AskWoody Plus

      Call me old-fashioned, but the workaround I prefer when a bad patch hits my machines is to uninstall the bad patch.

      2 users thanked author for this post.
    • #588913 Reply

      Alex5723
      AskWoody Plus

      “Workaround: Disable any Access Protection rule that protects a service”

      Make your enterprise PCs insecure in order to fix Microsoft’s blunder ?

      2 users thanked author for this post.
    • #590537 Reply

      TaskForce141
      AskWoody Lounger

      So, if I don’t have any of the 3rd party anti-virus software that’s listed as affected by the monthly patch, there’s no slowdown and it’s ok to install the April patches?  I have Win 7, MS Security Essentials, daily scan turned off, but background protection ON.

      Or is MS careless enough to not test with their own security products?

      • #590647 Reply

        Seff
        AskWoody Plus

        It’s never ok to install the monthly patches until Woody has raised the Defcon rating to 3 or higher.

        That’s especially true this month, given that as he indicates in this article it has taken 10 days for the McAfee issue to be made public. Who knows what else lurks just around the corner?

        1 user thanked author for this post.
      • #590675 Reply

        PKCano
        Da Boss

        Most of us here work on the DEFCON system. See the big numbers at the top of the blog.
        You can read about it by clicking on the button in the top gray menubar.

        Basically, it says wait to install and let others be the Guinea pigs/cannon fodder. When it is OK to update, the DEFCON number will be 3 or greater and Woody will give advice for safe patching in his ComputerWorld article.

        For example, we have just learned about the McAfee problem, a week and a half after Patch Tuesday. If there is no big exploit causing immediate danger, it is better to wait for a while to patch.

        2 users thanked author for this post.
    • #600594 Reply

      Susan Bradley
      AskWoody MVP

      But if it’s an Enterprise only product, why isn’t this found before it’s released?  Microsoft likes Enterprises.

      Susan Bradley Patch Lady

      4 users thanked author for this post.
    • #606395 Reply

      willygirl
      AskWoody Plus

      As non-techies need help with their computers as much, if not more, than IT administrators… and they often don’t have the IT terminology knowledge to tell if something applies to them or not… it would be useful to reassure such a person that this doesn’t apply to a home system.

      Would it be crazy for Woody to split up the lounge and call out two sections, one for IT types and another for Non-Techies? Trying to imagine doing this without a big fuss taking into account we just went through the Windows Secrets merge. Off topic here on this particular thread but since the subject came up of IT and Non-Tech it seems fitting to throw this in the pot for the heck of it.

      Win7 SP1 Home 64-bit, GrpA

      • #606959 Reply

        Elly
        AskWoody MVP

        There are both DevOps and IT Admin Lounges that are set up already- see list of forums on right.

        I may have been too quick to take offense… but no one is forced to reply to any post, and it is relatively easy to be polite about pointing out that something is for Enterprise only, and effectively relieve the anxiety that non-techies and newbies experience when faced with so many problem reports.

        Win 7 Home, 64 bit, Group B

        4 users thanked author for this post.
        • #608765 Reply

          willygirl
          AskWoody Plus

          Thanks for the info Elly I’m still trying to navigate my way around the lounge, you’re the best.

          Win7 SP1 Home 64-bit, GrpA

          2 users thanked author for this post.
    • #614526 Reply

      EP
      AskWoody_MVP

      well woody I did find this Mcafee forum topic (barely a week old):

      https://community.mcafee.com/t5/Endpoint-Security-ENS/McAfee-and-Windows-updates-of-this-week/m-p/622363#M3642

      1 user thanked author for this post.
    • #629758 Reply

      Geo
      AskWoody Plus

      Get Defender or MSE.  They’re free.  Add  Adw Cleaner.

    • #714190 Reply

      bsfinkel
      AskWoody Lounger

      I had a strange occurrence.  Last Thursday morning at 09:40 I powered-off my Windows 7 Professional computer before an out-of-town trip.  Nothing out of the ordinary.  When I powered-on my computer Sunday night at 20:27, the computer went through it usual “chkdsk c:” (another long-standing problem that no one has been able to “diagnose/fix”), then instead of bringing up Windows, I got a “Configuring Windows updates ..;.” message.  I had not installed any Win 7 patches before shutdown due to the Defcon-1 status.  After that message, there was an auto-reboot and another “Configuring Windows updates …” message.  After another auto-reboot, Windows came up.  When I checked the Windows Update log, I saw that MS had installed KB4493472 (April Win 7 Security Updates) Thursday at 09:43 during the shutdown process WITHOUT MY PERMISSION.  I run MSE, so I have no conflict with the other A-V software mentioned in previous posts above.  There seems to be no problems.  Why was this security patch installed without my permission ?

      • #714549 Reply

        Elly
        AskWoody MVP

        Is Windows Update set to Never Update? Or?

        Win 7 Home, 64 bit, Group B

        • #715600 Reply

          bsfinkel
          AskWoody Lounger

          Important Updates: Download updates but let me choose whether to install them.

          Recommended Updates: Give me recpmmended updates the same way I receive important updates.

          • #716056 Reply

            Elly
            AskWoody MVP

            When the updates download, the important ones will be automatically checked. If you don’t uncheck them, and save that setting, Windows Update will assume that they have been approved, and install when the machine reboots. This has happened to me when the power failed, and shut the computer down, when I wasn’t there to monitor. It is much safer to leave WU on Never Check, and do manual checks at your convenience.

            Win 7 Home, 64 bit, Group B

      • #719686 Reply

        SteveTree
        AskWoody Lounger

        I may – emphasize ‘may’ – have had the same happen but had been having an issue with other Microsoft updates (Office, IE) not showing and had run troubleshooter beforehand. I would have sworn update was set to notify only but have to allow I may have forgotten.  KB4493472 had installed and when I looked update was set to automatic. I uninstalled and hid  KB4493472 and believed I set update to notify.

        The next day KB4493472  installed itself again and I found update set to automatic. Thinking I was going mad  I checked hidden updates and found it still listed as hidden. Again I am fairly sure I had automatic update off and was suspicious it had switched itself on but did not make a note of it so cannot be 100% certain.

        A check of hidden updates after the second installation found it set a hidden so I presumed an updated version had come through. Since then I left KB4493472 in place with no issues and update is holding the ‘notify’ setting.

        Group A (but Telemetry disabled Tasks and Registry)
        Win 7 64 Pro desktop
        Win 10 32 Home portable

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: Yet another conflict acknowledged with this month’s Win7 and 8.1 Monthly Rollups, this time with McAfee Endpoint Security

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Cancel