Showing results for 
Search instead for 
Did you mean: 
Level 7

Antivirus support for Thin Clients running Windows 10 Embedded OS in UWF mode

Hello Team,

We would like to know if McAfee VirusScan Enterprise supports Thin Clients running Windows 10 Embedded OS with Unified Write Filter(UWF) enabled.

Windows 10 embedded OS has some inherent challenges as mentioned below

UWF (unified write filter) in Win 10 IoT is a hard block from Microsoft and there is no work around that Microsoft allows for it. In detail as per our analysis:

  1. 1.       The UWF RAM overlay works at the NTFS-block level
  2. 2.       The overlay will never release a block once allocated in the overlay, even if the write is mirrored onto the disk via exclusion or commit
  3. 3.       When the fixed-size overlay fills up, writes fail

So, we feel that definition update will crash when writes fails, which means that if the definitions reside on a drive that is protected by UWF it *will* crash the system, even if we fix the other issues around exclusions and registry keys.

STAR does not, at present, provide a way for us to change which drive is used for definitions  to the drive in which CommonAppData,  and natïve attempts fail on MSI restrictions imposed by Ding2MSI

Due to the above restriction posed by Microsoft,  please suggest if McAfee has enabled support for Win 10 embedded OS.



0 Kudos