cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Exploit prevention disabled on Win 10 1909

We are experiancing strange issue where, newly installed Win 10 1909 system getting error message "Exploit prevention is disabled"

It is getting a policy from ePO where Exploit Prevention is enabled, if I look on the client Endpoint Security the Exploit Prevention box is ticked but it says Status : Disabled

We hare using  #ENS Platform Version : 10.6.1.1607

TP:- 10.6.1.1666

FW :- 10.6.1.1340

 

But after deploying ENS october patch issue seems to be resolving but on few systems issue remains 

2 Replies
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 3

Re: Exploit prevention disabled on Win 10 1909

Hi @girishm,

Thank you for your post. As I understand, you have a solution with you - upgrading to the latest version.  However, it has only worked for few machines. If your question is to identify whether this is a known issues, I could see a couple of similar issues reported and resolved in the known issues KBA:

https://kc.mcafee.com/corporate/index?page=content&id=KB82450

Although, you are running ENS in a ePO managed environment, here is something that caught my attention and is very similar to the issue you have faced:

ENSW-27971   10.6.1 July Update
10.5.5 July Update
10.6.1 October Update
10.5.5 October Update
Issue: In a standalone environment, Exploit Prevention is disabled forcibly after an upgrade to ENS 10.5.5 July Update or ENS 10.6.1 July Update.

Workaround: Re-enable Exploit Prevention manually after the upgrade to ENS 10.5.5 July Update or ENS 10.6.1 July Update.

Resolution: This issue is resolved in ENS 10.5.5 October Update and ENS 10.6.1 October Update.

 

However, before we conclude this is an already known issue, have you tried reinstalling the endpoint again on the same machine with same version? I ask this because, the upgrade process is not only about upgrading to a new version but also involved removal of previous versions. a re-installation also pretty much removed the existing versions and re-installs, however, the same version. hence the upgrade though resolves the issue, may not have been the actual solution. 

May I know how many machines are impacted by this issue? What does the install logs say for each component? Has a reboot been made on the endpoints after installation of Endpoint Security and the issue still remains?

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 3 of 3

Re: Exploit prevention disabled on Win 10 1909

Hi @girishm

Just adding to my previous response, I would still recommend creating a Service Request with us. This may require further investigation provided after applying the latest available version (ENS 10.6.1 December update) the issue still remained unresolved. However, the main reason behind a Service request is the possibility of collecting logs and investigating the same further.

Was my reply helpful?
If you find this post useful, Please give it a Kudos! Also, Please don't forget to select "Accept as a solution" if this reply resolves your query!

Thanks and regards,
Adithyan T
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community