Not so much a question but an entry for the community. This appears to be a very serious bug. I discovered it on my machine only when I noticed that HIPS was fully disabled. There is nothing in ePO to suggest the machine may be in this state. Support cannot tell me (yet) what the scope of the issue is and are simply suggesting I push patch 14 globally. The only way we can identify the issue at the moment is via entry in local firesvc.log:
I am considering trying to parse that file on each machine for an error whilst hoping that support will come up with something better.
Also note that there appears to be nothing more about the issue in KB. Some of the other issues addressed in the patch also look rather serious. Scary. Why would I rush out a patch when the last one has done this much damage? Small wonder it was delayed...............
Sort of. The issue actually seems to be that a higher version of syscore is installed than the product you have just installed. In this instance I had installed HIPSP14 and then removed HIPS and installed HIPSP13. Indeed, upgrading to P14 fixed this, but the underlying concern is that there was no way to identify systems in such state from ePO. I suppose one could run a a query on 'Systemore Version', but we are not using ENS and that field does not work. I guess I can get the systemcore from the registry and use that either in SIR or by populating a custom field, but that is messy and probably not worth it.
I say 'probably', but imagine if you found a nasty bug in P14 and decided to downgrade all systems back to P13. Hopefully someone would notice quickly!
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.
Community Help Hub
New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.