This content has been marked as final. Show 9 replies
HIP is not currently supported on XP SP3. HIP 7.0 Patch 2 (June) will support it.
I'm looking for information regarding rolling out SP3 via WSUS onto workstations with HIPS installed.
I know, from tests that HIPS kills the update.
Are there any rules whic I can add to HIPS to allow the SP to be installed?
Raja: when in June?
There is a client utlity available for HIPS that can be packaged with SMS or other software deployment system. The utility can disable HIPS and allow the update to occur.
Neat, where's that then?
It's on the download site.
OK, Now we're cooking...
one small snag, what's it called?
will it allow for deplyment through WSUS?
I am using Landesk for software deployment and patch management. We recently upgraded to McAfee 8.5 and EPO 4.0. After the update I started getting deployment failures and users calling about a pop-up message referring to access to the registry. I found going to the users machine and manually running the install package created the same error. To finally get the software to install I had to temporairly disable McAfee Access Protection then run the install package (manually). Problem with this method is, EPO will reset the Access Protection back to Enabled as soon as it reports back to the EPO server (every 15 minutes). You don't know if you have 15 minutes or 1 minute to install your software because you don't know when the EPO agent last checked in. Against my recommendations the Security Audit Manger had the EPO administrator set the McAfee 8.5 to Maximum Protection. The McAfee logs on the machines clearly show McAfee blocking the software install package executable. We can add exclusions to help but they would have to enter approx. 125 names to cover all of our install packages. Hoping it would not see something else to stop as the package installs...i.e. registry changes.
They are also trying to blame it on HIPS we have running. I don't know if HIPS is the problem...I think it is setting McAfee to MAX protection. If you or anyone out there have run across any fixes, suggestions or helpful utilities to disable McAfee long enough to patch the machine or install software I would appreciate hearing about it.
Also, the powers here have decided to try the LandDesk HIPS rather than McAfee thinking it would allow its (Landesk) packages to go through and not block. I hope they are correct but I still think it is McAfee Access Protection being set to high.
Access protection is a function of VSE 8.5 and has nothing to do with HIP. Who is trying to blame it on HIP?
Do you have an SR#?
Won't mind knowing aswell !