I am running Application Control (currently trial version) on my Windows 10 LTSB system and am wondering if there is away to allow for Windows updates on the system without the user entering update mode. I am looking for something similar to certificate based updates for applications where you can just add a trusted certificate. Is there anything like that for Windows OS updates? Thanks!
Solved! Go to Solution.
for standalone solidcore use the finetune.bat tool and run following command:
finetune.bat ADD u-WindowsUpdate
which you can find here: "C:\Program Files\McAfee\Solidcore\finetune.bat"
for epo managed click "Add" in you application control rule" policy
Hi,
there is a predefined rule group called "windows Update" which you can add to your Appcontrol policy which will allow you to install windows updates in enabled mode.
Thank you! Do you know how I can add this rule group to my whitelist? I am searching the documentation for it now.
for standalone solidcore use the finetune.bat tool and run following command:
finetune.bat ADD u-WindowsUpdate
which you can find here: "C:\Program Files\McAfee\Solidcore\finetune.bat"
for epo managed click "Add" in you application control rule" policy
Hmm sadly this did not work 😞 the command seemed to run successfully and after a reboot and even resolidify-ing the drive, my Windows updates are still unable to install. Looking in the Windows event logs it looks like McAfee is still blocking the update. Is there any other step I need to take?
Looks like it did work after all! I just needed to change some firewall settings.
Corporate Headquarters
6220 America Center Drive
San Jose, CA 95002 USA