skip to content

IT Help and Support

University Information Services
 

Windows Security Center intermittently incorrectly reports that Endpoint Security is disabled when running on Windows 10.

McAfee Technical Articles ID:   KB91830
Last Modified:  25/11/2019


Environment:

McAfee Endpoint Security (ENS) Threat Prevention 10.7.x, 10.6.1 July Update and later, 10.5.5 and later
Microsoft Windows Security Center (WSC)
Microsoft Windows 10

Problem:

The WSC intermittently incorrectly reports that ENS is disabled. WSC can prompt to enable Windows Defender.

Solution:

McAfee is actively working with Microsoft toward a solution to this issue. Microsoft has provided workaround instructions to alleviate the symptom until a fix is available.

This issue will be addressed in a future release of ENS.

Workaround:

ENS is enabled and functioning, but not being reported in the WSC. You can disable Windows Defender to avoid a conflict until a permanent solution is available.

Microsoft has provided the procedure below for McAfee customers to disable the Windows system toast notifications for Security and Maintenance. This action avoids alerting users to resulting false positive "antivirus disabled" messages.
 

Use Group Policy settings to disable Windows Defender Antivirus:
(For more information, see https://docs.microsoft.com/en-us/windows/security/threat-protection/wind....)

  1. On your Group Policy management system, open the Group Policy Management Console, right-click the Group Policy Object (GPO) you want to configure, and click Edit.
  2. In the Group Policy Management Editor, go to Computer configuration.
  3. Click Administrative templates.
  4. Expand the tree to Windows componentsWindows Defender Antivirus.
  5. Enable the setting Turn off Windows Defender Antivirus.
  6. Deploy the updated GPO as you normally do.

Use Group Policy settings to disable Windows system toast notifications for Security and Maintenance on Windows 10 1803 and earlier:

  1. On your Group Policy management system, open the Group Policy Management Console, right-click the GPO you want to configure, and click Edit.
  2. In the Group Policy Management Editor, go to User configuration.
  3. Expand the tree to PreferencesWindows Settings.
  4. Click Registry.
  5. From the Action drop-down list, select NewRegistry Item.
  6. Fill in the New Registry Properties:
     

Action

Update

Hive

HKEY_CURRENT_USER

Key Path

Software\Microsoft\Windows\CurrentVersion\Notifications\

Settings\Windows.SystemToast.SecurityAndMaintenance

Value name

Enabled

Value type

REG_DWORD

Value data

00000000

  1. Click OK.
  2. Deploy the updated GPO as you normally do.

Use Group Policy settings to disable all Windows system toast notifications for Security and Maintenance on Windows 10 1809 and later:
(For more information, see https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.)

  1. On your Group Policy management system, open the Group Policy Management Console, right-click the GPO you want to configure, and click Edit.
  2. In the Group Policy Management Editor, go to Computer configuration.
  3. Click Administrative templates.
  4. Expand the tree to Windows componentsWindows SecurityNotifications.
  5. Open the Hide all notifications setting and set it to Enabled. Click OK.
  6. Deploy the updated GPO as you normally do.