Security Experts:

Users Unable to Log on to Windows Due to McAfee Update

An update released recently by McAfee for one of its products is preventing Windows users from logging on to their systems, and some major organizations appear to have been affected.

McAfee informed users on Wednesday that they might be prevented from logging in to their Windows devices after they installed version 9418 of Exploit Prevention on Endpoint Security 10.2 and earlier.

Endpoint Security 10.2 reached end of life in December 2018, but some organizations still appear to be using it and it has caused problems for their employees after they installed the Exploit Prevention update.

British electricity distribution network operator UK Power Networks appears to have been impacted by the issue, according to a post on Reddit. Based on the initial post, which did not contain any technical information, some believed the company might have been hit by ransomware, but it later turned out that the problems were caused by the McAfee update.

US consumer credit reporting agency Experian also appears to have been affected. The company said it was experiencing problems due to a “global Microsoft Windows update issue,” but researcher Kevin Beaumont learned that it was in fact the latest Exploit Prevention update that caused the disruptions.

Many other organizations may have been impacted.

“I work in Infrastructure for an MSP [managed service provider]. Our biggest customer had this issue as a priority 1 ticket today. Shit tons of users all over the world couldn't log in,” one user wrote on Reddit.

McAfee released Exploit Prevention content version 9419 on July 10 to address the issue. The company has advised customers to recover their systems by accessing the operating system in Safe Mode and setting the Enable value to “0” for the following key in the Windows Registry:


Once this is done, users should be able to log on to Windows after they reboot the system and install the Exploit Prevention update.

Related: Malwarebytes Delivers Buggy Update to Home, Enterprise Users

Related: HP, Dell Halt BIOS Updates Over Buggy CPU Patches

Related: Microsoft Disables Spectre Mitigations Due to Instability

Related: Apple Reissues Security Update After Blocking Ethernet on Mac OS X

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.