FS Server security slowing down/preventing windows update
as long as I remember, I've had problems with F-secure products and windows updates (10+ years).
For now example, I'm trying to update 2020-01 Cumulative for Win Server 2016 and it's been sitting in 0% for couple of hours while fssm32 hogs up all the CPU.
Is there ever going to be any change on this by F-secure? (maybe test the updates released by microsoft?)
If not, is there a list of locations that should be excluded from F-secure to succesfully install updates?
I know this is a really really really bad choice, but I'm getting desperate.
Yet again, waited 4+ hours to update to finish, but it was stuck at 37% for another couple of hours.
Once again, disabled all the FS services, stoppped remaining FS processes and update finished immediatly.
pls advice. Pointles to do this every month for dozens of servers.
If you are using F-Secure Server Security version 12.x, a hotfix has been created to address this issue with the product. The hotfix is available in F-Secure Server Security public web "Support and downloads" pages under "Hotfixes" section.
Proceed to select 12.12 tab and download the F-Secure Server Security (Standard & Premium) 12.x FSAV Hotfix.
First of all, we would recommend to upgrade your product to SS 14 version.
If this is not possible, then the workarounds, which may help are:
1. Recommended exclusions.
2. Turning off DeepGuard advanced process monitoring feature.
You can also try with DeepGuard fully turned off, but this is not recommended approach.
F-Secure's recommendation is to NEVER set any exclusion except for debugging or temporary workaround!
And to be more painful: This is a very bad UX for any new customer using the trials on any Windows platform (server and client).
The product must work out of the box!
The Firewall should be no problem
1. previous SS had no firewall. Thus a bypass all configuration would do the job
2. latest setup allows to drop the firewall interface completely, which will lead to unchanged settings as only Windows firewall an GPOs control what is happening.
Thus no reason to wait!1 1Like
Same prolem continues with 2020-03 Cumulative Update for Windows Server 2016 for x64-based Systems (KB4540670).
As a test I installed update in question on a server that has f-secure services turned off, it took less than an hour.
For server with identical hw (except faster disks) the installation first took 2 hours (in gui) and after that it has been stuck for additional hour in "Getting Windows ready Don't turn off your computer".
Again, same problem with KB4556813 (2020-05 cumulative update for windows server 2016)
update status has been "preparing to install updates" for 2,5 hours now. Identical server with f-secure services disabled installed the update in 40minutes. Opened a support ticket yet again.