When Microsoft released the monthly cumulative updates for Windows 7, Windows eight.1, and Server products, nobody may think about what a nightmare these patches would turn out to be for a lot of system directors.
Microsoft acknowledged two days later that one thing was not alright, and that the updates triggered compatibility points with sure Sophos and Avast security products. Microsoft added products by Avast and ArcaBit to the list of recognized points later that week.
Users and the security corporations reported that units would possibly fail to boot or seem frozen or locked for a protracted interval of time. The solely resolution again then was to uninstall the updates to resolve the challenge.
Today, Microsoft added products from one other security firm — McAfee — to the list of products that didn’t like the newly launched replace.
Microsoft and McAfee have recognized a difficulty on units with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) eight.zero put in. It could trigger the system to have gradual startup or turn out to be unresponsive at restart after putting in this replace.
McAfee offers some perception on the trigger of the challenge, and it appears probably that it’s the identical trigger for all techniques with affected security products.
Changes in the Windows April 2019 replace for Client Server Runtime Subsystem (CSRSS) launched a possible impasse with ENS.
The firm’s workaround suggests that system directors ought to “disable any Access Protection rule that protects a service”.
Woody Leonard notes — accurately — that the “announcement’s unusual” as Microsoft lists the challenge just for the month-to-month rollup patches however not the security-only patches. The security-only patches list points with Sophos, Avira, and Avast products solely; ArcaBit and McAfee are lacking.
Are not units with security-only patches and McAfee or ArcaBit software program put in affected as well? Woody suggests that it may very well be “sloppy documentation”; it might not be the first time that Microsoft’s supplied documentation lacks very important info.
Anyway, in case you run an Enterprise security resolution on units working any of the affected working techniques, you higher keep away from the launched patches till issues are sorted out. At the very least, create a backup on a single machine, apply the replace and monitor the conduct fastidiously.