An update released recently by McAfee for one of its products is preventing Windows users from logging on to their systems, and some major organizations appear to have been affected.
McAfee informed users on Wednesday that they might be prevented from logging in to their Windows devices after they installed version 9418 of Exploit Prevention on Endpoint Security 10.2 and earlier.
Endpoint Security 10.2 reached end of life in December 2018, but some organizations still appear to be using it and it has caused problems for their employees after they installed the Exploit Prevention update.
British electricity distribution network operator UK Power Networks appears to have been impacted by the issue, according to a post on Reddit. Based on the initial post, which did not contain any technical information, some believed the company might have been hit by ransomware, but it later turned out that the problems were caused by the McAfee update.
US consumer credit reporting agency Experian also appears to have been affected. The company said it was experiencing problems due to a “global Microsoft Windows update issue,” but researcher Kevin Beaumont learned that it was in fact the latest Exploit Prevention update that caused the disruptions.
Many other organizations may have been impacted.
“I work in Infrastructure for an MSP [managed service provider]. Our biggest customer had this issue as a priority 1 ticket today. Shit tons of users all over the world couldn’t log in,” one user wrote on Reddit.
McAfee released Exploit Prevention content version 9419 on July 10 to address the issue. The company has advised customers to recover their systems by accessing the operating system in Safe Mode and setting the Enable value to “0” for the following key in the Windows Registry:
HKEY_LOCAL_MACHINESOFTWAREMcAfeeEndpointCommonBusinessObjectRegistryBO
Once this is done, users should be able to log on to Windows after they reboot the system and install the Exploit Prevention update.
Related: Malwarebytes Delivers Buggy Update to Home, Enterprise Users
Related: HP, Dell Halt BIOS Updates Over Buggy CPU Patches
Related: Microsoft Disables Spectre Mitigations Due to Instability
Related: Apple Reissues Security Update After Blocking Ethernet on Mac OS X
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- VMware ESXi Servers Targeted in Ransomware Attack via Old Vulnerability
- High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
- GoAnywhere MFT Users Warned of Zero-Day Exploit
- UK Car Retailer Arnold Clark Hit by Ransomware
- EV Charging Management System Vulnerabilities Allow Disruption, Energy Theft
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
Latest News
- Comcast Wants a Slice of the Enterprise Cybersecurity Business
- Critical Baicells Device Vulnerability Can Expose Telecoms Networks to Snooping
- New York Attorney General Fines Vendor for Illegally Promoting Spyware
- SecurityWeek Analysis: Over 450 Cybersecurity M&A Deals Announced in 2022
- 20 Million Users Impacted by Data Breach at Instant Checkmate, TruthFinder
- Cyber Insights 2023 | Zero Trust and Identity and Access Management
- Cyber Insights 2023 | The Coming of Web3
- European Police Arrest 42 After Cracking Covert App
