cancel
Showing results for 
Search instead for 
Did you mean: 

Re: Windows Defender problem reported by MICROSOFT

@chealey, can you indicate the reference number for the fix in the 10.6.1 October release notes (https://docs.mcafee.com/bundle/endpoint-security-v10-6-1-release-notes/raw/resource/enus/endpoint-se... )?  Based on the resolved issue descriptions, I can't find where co-existence with WCS/WDA is resolved.

Thank you.

Highlighted

Re: Windows Defender problem reported by MICROSOFT

@chealey, similar to @JayMan we will not be disabling WDA via GPO.  This fix is supposed to address this exact issue. 

A new requirement to disable WDA via GPO to use ENS would be unacceptable.

Trying October builds now...

McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 103 of 167

Re: Windows Defender problem reported by MICROSOFT

@billmoller It would appear the release notes don't mention this issue. I will try to follow up with the team who create the Release Notes, and see why this was missed. 

Please do share your feedback from the October Build. As mentioned all customers who received the Early Access Build, reported the issue was no longer seen, so based on this feedback, we consider the issue resolved and further investigation would be needed if this is not the case on your system. 

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: Windows Defender problem reported by MICROSOFT

Disabling via GPO wont be an option for us.  (as we use Microsoft ATP, so requires Defender to be in the correct state)

McAfee Employee chealey
McAfee Employee
Report Inappropriate Content
Message 105 of 167

Re: Windows Defender problem reported by MICROSOFT

Just to comment on the Windows Defender part.

Appreciate there may be reasons you leave it on, however by leaving it on you will risk seeing huge performance issues and many other issues > It is not advised to run two AVs on the same system. It will cause conflicts.

Was my reply helpful?
If this information was helpful in any way, or answered your question, will you please select "Accept as Solution" in my reply, or give kudos as appropriate, so together we can help other members?

Re: Windows Defender problem reported by MICROSOFT

In our environment (until this issue) Defender was not active, it was in Passive mode (required by Microsoft so we can also use Microsoft Defender ATP, which has always functioned alongside ENS).  Obviously having 2 AV "active" is not a supported state, hence my support call.  support seems very slow to respond / openly identify this issue!

Reliable Contributor SWISS
Reliable Contributor
Report Inappropriate Content
Message 107 of 167

MCAFEE communications to Partners extreme bad in this case

Angry customers all over due the way this was handeld. Check forum here.

 

We were almost FORCED to do a POC (Proof of concept) yesterday 08.10.2019 ONE day (A few Hours) before the offical Release of ENS 10.6.1 OCTOBER release to ALL customers this night. Explain why ONE day before a enterprise customer has to do a POC when next day the official release is out?

The same day (After the release in EPO) someone send me a file via FTP and tells me that this is a special version for us?

 

Does the person amange (one) epo somwhere? 

Does the person get SNS alerts and ready them?

 

2019-10-09 14_41_47-Window.png

 

 

Re: Windows Defender problem reported by MICROSOFT

@chealey, "by leaving [WDA] on you will risk seeing huge performance issues and many other issues > It is not advised to run two AVs on the same system." is exactly the issue we're trying to fix.  WSC/WDA is supposed to coexist with other AV providers.  When ENS is working properly, WDA is NOT RUNNING.

Now for the good news (at least for me), the October update, deployed from ePO seems to have immediately fixed the issue.  Also, after a reboot the fix has remained.  ENS seems to have registered itself an additional time in WMI as an AV provider, so I am seeing duplicate ENS entries now, however, the important part seems to be that the correct productState is 397312 now (vs. 393232), which was the state it was working in with debug on (though, I now have debug off).

Annotation 2019-10-09 085127.pngAnnotation 2019-10-09 085142.png

Annotation 2019-10-09 085757.png

Re: Windows Defender problem reported by MICROSOFT

For us Defender is not "on", its in Passive mode, which is fully supported by McAfee and Microsoft.  (passive is not enabled!)  Until this issue / release our Defender status was fine.  Defender should stand down into passive mode as soon as ENS is detected.  It shouldn't need to be disabled via GPO.  (and for us, that wont be an option)

Reliable Contributor SWISS
Reliable Contributor
Report Inappropriate Content
Message 110 of 167

Re: Windows Defender problem reported by MICROSOFT

@billmoller

We know that both can't run. That's where the API from MS Comes into Play. The bug is either on MS side or on MCAFEE.

Steve is asbolut right. There was ONCE when an ISSUE in 2017/2018 where CLIENT OS had Probleme because we had set the Windows Defender Service with Deployment "SC" to disabled. Suddenly from that point we HAD to leave the SERVICE enabled (OFF) not disabled (passive) and APROVE WSUS Windows Updates problems to solve a Problem which was highly discussed in SOCIAL MSDN Forums.

That no matter of MCAFEE ENS was on the Systems or not.

We could only solve a Problem with re-activation of Windows Defender Updates through WSUS (Even all customer have ENS).

The story is not as easy as it seams and we fully trusted Mcafee until know that they have full control over the issue.

 

 

 

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community