Security Experts:

Connect with us

Hi, what are you looking for?


Endpoint Security

Users Unable to Log on to Windows Due to McAfee Update

An update released recently by McAfee for one of its products is preventing Windows users from logging on to their systems, and some major organizations appear to have been affected.

An update released recently by McAfee for one of its products is preventing Windows users from logging on to their systems, and some major organizations appear to have been affected.

McAfee informed users on Wednesday that they might be prevented from logging in to their Windows devices after they installed version 9418 of Exploit Prevention on Endpoint Security 10.2 and earlier.

Endpoint Security 10.2 reached end of life in December 2018, but some organizations still appear to be using it and it has caused problems for their employees after they installed the Exploit Prevention update.

British electricity distribution network operator UK Power Networks appears to have been impacted by the issue, according to a post on Reddit. Based on the initial post, which did not contain any technical information, some believed the company might have been hit by ransomware, but it later turned out that the problems were caused by the McAfee update.

US consumer credit reporting agency Experian also appears to have been affected. The company said it was experiencing problems due to a “global Microsoft Windows update issue,” but researcher Kevin Beaumont learned that it was in fact the latest Exploit Prevention update that caused the disruptions.

Many other organizations may have been impacted.

“I work in Infrastructure for an MSP [managed service provider]. Our biggest customer had this issue as a priority 1 ticket today. Shit tons of users all over the world couldn’t log in,” one user wrote on Reddit.

McAfee released Exploit Prevention content version 9419 on July 10 to address the issue. The company has advised customers to recover their systems by accessing the operating system in Safe Mode and setting the Enable value to “0” for the following key in the Windows Registry:


Once this is done, users should be able to log on to Windows after they reboot the system and install the Exploit Prevention update.

Related: Malwarebytes Delivers Buggy Update to Home, Enterprise Users

Related: HP, Dell Halt BIOS Updates Over Buggy CPU Patches

Related: Microsoft Disables Spectre Mitigations Due to Instability

Related: Apple Reissues Security Update After Blocking Ethernet on Mac OS X

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Incident Response

Cygnvs emerges from stealth mode with an incident response platform and $55 million in Series A funding.

Data Breaches

T-Mobile disclosed another massive data breach affecting approximately 37 million customer accounts.

Incident Response

A new Mississippi Cyber Unit will be the state’s centralized cybersecurity threat information, mitigation and incident reporting and response center.

Identity & Access

Strata Identity has raised $26 million in a Series B funding round led by Telstra Ventures, with additional investment from Forgepoint Capital, Innovating Capital,...

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...