May 2019 updates for Windows 7 and Server 2008 R2 don't play nice with McAfee or Sophos software, again
It seems that the saying "history repeats itself" is true, at least when it comes to Microsoft patches. Microsoft released updates for all supported versions of Windows -- client and server -- on the May 2019 Patch Day.
We covered the updates in our monthly security updates overview for Windows. Microsoft confirmed two issue: an update might be installed twice on affected systems, and some UK government sites were not accessible in Internet Explorer 11 or Microsoft Edge.
Microsoft added gov.uk to the list of HTTP Strict Transport Security Top Level Domains, and that caused issues for government sites that did not support it.
Things looked better compared to last month. Several Enterprise-focused security products did not play nicely with last month's updates for Windows 7, Windows 8.1, Windows 10, and the Server variants.
Patch notes suggest that the issues are fixed. The monthly rollup patch KB4493472 for Windows 7 SP1 and Windows Server 2008 R2 SP1 states that the issues with security software has been resolved and that Microsoft removed the temporary update block as a consequence.
Fast forward to May 2019. If you check the known issues of the monthly rollup patchÂ KB4499164 for Windows 7 and Windows Server 2008 R2, you may have a deja vu when you go through the known issues.
A new issue, added on May 18, 2019 suggests that systems with McAfee security products installed may freeze, hang or start very slowly after update installation.
Microsoft and McAfee have identified an issue on devices with McAfee Endpoint Security (ENS) Threat Prevention 10.x or McAfee Host Intrusion Prevention (Host IPS) 8.0 or McAfee VirusScan Enterprise (VSE) 8.8 installed. It may cause the system to have slow startup or become unresponsive at restart after installing this update.
The known issue and the listed products are identical. McAfee updated its knowledge center on May 14 (the Patch Day) and May 16 (Endpoint Security), and on May 17 (VirusScan Enterprise).
McAfee reveals that all Microsoft updates released in April 2019 or later are known to cause the issues. Workarounds should work for the May 2019 updates as well.
Sophos is not listed by Microsoft but Sophos published a support article that suggests that the May 2014 updates are causing issues on Windows 7 and Windows Server 2008 R2 devices after installation. (via Ask Woody)
We have had an increase in customers reporting that following on from the Microsoft Windows 14th May patches they are experiencing a hang on boot where the machines appear to get stuck on "Configuring 30%"
Both issues appear to be limited to Windows 7 and Windows Server 2008 R2 updates. It is possible that the products of other security companies are affected by the issue again as well but that has not been confirmed.
- Is the issue limited to Windows 7 and Windows Server 2008 R2?
- Is the security-only update affected? Microsoft says no (McAfee), Sophos says yes for its products.
- Are all other security products unaffected by the issue?
The issue is limited to Enterprise security software; Home users and small businesses should not run into these issues. It is still a good idea to create backups before updates are installed, and to wait with the installation of updates until absolutely necessary (e.g. active exploit of security issues or major bug fixes).
Now You: Any bets for next month's updates?Advertisement