Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
2363 Views 7 Replies Latest reply: Mar 29, 2013 1:59 AM by pollewops RSS
pollewops Newcomer 30 posts since
Nov 17, 2008
Currently Being Moderated

Jan 15, 2013 10:47 AM

SCCM 2012 DISM McAfee issue

There are known issues with McAfee, SCCM 2012 and DISM.

 

See also the article:

https://kc.mcafee.com/corporate/index?page=content&id=KB76867&cat=CORP_PRODUCTS& actp=LIST

http://social.technet.microsoft.com/Forums/en-US/mdt/thread/fbbc45f7-9d21-4e29-a 154-c85486bef856

 

But disabling Access Protection ois not a solution for us since it is against the security rules we have.

 

How can be solve this or how can this be solved ?

  • wwarren McAfee SME 766 posts since
    Nov 3, 2009
    Currently Being Moderated
    1. Jan 28, 2013 4:57 PM (in response to pollewops)
    Re: SCCM 2012 DISM McAfee issue

    There is no other workaround.

     

    Others have already explored potentially feasible options, without success.

    We cannot say why the Microsoft app decides to fail, all we can be confident in is that we're not causing it to fail - it somehow reached that conclusion by us simply being present.

  • bhagat.pranay Newcomer 1 posts since
    Jan 30, 2013
    Currently Being Moderated
    2. Jan 30, 2013 5:20 AM (in response to wwarren)
    Re: SCCM 2012 DISM McAfee issue

    I am having the exact same problem,I am using SCCM 2012 SP1 and in my SCCM server there was McAfee Virus Scan Enterprise 8.8 installed due to which the boot images present in SCCM where not getting updated,i then disabled the Access protection and everything worked fine.

    But we need to have a solution for this as it's causing problem where McAfee is centrally managed & we don't have rights to disable Access Protection.

    as i have added the folder exclusion in On access scan ,Full Scan & on demand scan but it's of no use.

    Is there any option to exclude folders in Access protection.

     

    Please Suggest.

     

    Thanks,

    Pranay.

  • wwarren McAfee SME 766 posts since
    Nov 3, 2009
    Currently Being Moderated
    3. Jan 30, 2013 2:56 PM (in response to bhagat.pranay)
    Re: SCCM 2012 DISM McAfee issue

    If there was something the McAfee code was actively 'doing' to the operation, then there would be opportunity for us to make product enhancements somewhere in our code. But for situations where failures occur simply from our code being present, we cannot solve that within our code (since our code will obviously still be present).

     

    Related to this, I have seen product enhancement requests (PER) submitted before (and repetition doesn't hurt) seeking for a way to allow users a temporary "visa" - allowing them some short-lived access to protected areas of the system.

    i.e. an alternate to disabling the feature, and enabling it again.

    I cannot say if a feature such as this has been committed for future releases in the roadmap, but having the PER submissions ensures the product management staff are aware of the need.

  • neelyrock Newcomer 2 posts since
    Mar 28, 2013
    Currently Being Moderated
    4. Mar 28, 2013 9:58 AM (in response to wwarren)
    Re: SCCM 2012 DISM McAfee issue

    One of my colleagues is now seeing this behavior. We have talked with Microsoft and they confirm that the only current work around is to disable Access Protection. What I don't understand is the following line from the reply above:

     

    "all we can be confident in is that we're not causing it to fail - it somehow reached that conclusion by us simply being present."

     

    If the scenario fails simply by Access Protection being present, then why does disabling this feature - yet leaving it installed on the system, thus the code still simply being present on the machine - have any effect at all?

     

    Have you reached out to Microsoft to work directly with them to try and better understand what is happening?

  • neelyrock Newcomer 2 posts since
    Mar 28, 2013
    Currently Being Moderated
    6. Mar 28, 2013 12:47 PM (in response to pollewops)
    Re: SCCM 2012 DISM McAfee issue

    Apologies for the confusion. I meant has McAfee reached out to Microsoft to work directly with them to better understand what is happening.

     

    It seems that this needs to be resolved between McAfee and Microsoft. Since this would specifically benefit McAfee customers I think they should be the ones to reach out and work with Microsoft on a more complete solution.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points