locked
WSUS update to windows 10 enterprise RRS feed

  • General discussion

  • Hello,

      I encountered today the following scenario:

    Computer running Windows 10 enterprise 1607 and having Symantec Endpoint Protection 14.0.1904 AV client installed received upgrade to Windows 10 1703 via WSUS. A message is displayed to the logged in user that the Symantec client is not compatible with the version 1703 and it must be uninstalled before upgrade. The user press on "Yes" and the Symantec client is uninstalled and the upgrade works smoothly...just one problem here: the logged user is a regular user not an administrator!!!
    The computer ends up with latest version of Windows 10 but with no AV until an admin enables Windows Defender or installs a compatible version for the managed AV.
    I triggered a security incident inside the company after this as we can end up with lots of Windows 10 clients not having the managed AV installed.
    @Microsoft: please take immediate action. No regular user should be able to perform that uninstall regardless of what process triggers the uninstall.

    Regards,
    Catalin

    Monday, August 7, 2017 4:51 PM