cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Reliable Contributor twenden
Reliable Contributor
Report Inappropriate Content
Message 1 of 3

Is it OK to leave most systems on May Update and only install July Repost to new installs

In our environment, we have several thousand systems that are running ENS Threat Prevention 10.6.1 with Patch 1 and the May Update. This makes them compatible with Windows 10 1903 if their system was to upgrade to it.

However, I noticed that the July Repost has been released which is the full installer that supports Windows 10 1903. Is it OK to just install the full installer and deploy it to fresh installs off Windows 10 1903 and leave the systems with May Update as they are?

I am trying to avoid too much impact on the end systems. I assume that later on McAfee will release say September Update and that this should upgrade our May Updates via the updater tasks. 

How are other people handling the different packages in their environments?

2 Replies
Reliable Contributor Pmaquoi
Reliable Contributor
Report Inappropriate Content
Message 2 of 3

Re: Is it OK to leave most systems on May Update and only install July Repost to new installs

i would avoid this choice mainly for two reasons First, for performance reason, the new full update correct a few performance issues especially the memory management when using Exploit prevention rules on x86 applications, some memory leak for ATP module, and more globally, another issue with exploit prevention module. second, as this version is a full installer, it is installed quite quicker on computers. If you stay on a May version, this means that if you need to reinstall after repair the ens suite, you'll go for a full install at first step then a second phase where all may patches will be pulled / pushed. It takes time before being secured. Finally, one main version is easier to manage. so if you add to these points all other feature or stability fixes, avoiding this Repost version seems for me inapropriate. I'm quite used to ENS upgrade processes in my environment. This morning i just published that repost version on 220 alpha & beta computers (real computer in production environment) without being noticed by almost all agents. And when my test will be over, i'll go for 9000 nodes silently. By waiting for september update, you will be confronted more probably to a patch set instead of a full installer. So it will add delay and complexity in my opinion to your work. Based on my own experience, when you have the possibility to shorten and simplify the install process, you should take advantage of it. Of course this is just a personal opinion. My apologies for my English knowledge.
Reliable Contributor twenden
Reliable Contributor
Report Inappropriate Content
Message 3 of 3

Re: Is it OK to leave most systems on May Update and only install July Repost to new installs

Thanks. Will test against a test group next week. 

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community