Windows Security Center intermittently incorrectly reports that Endpoint Security is disabled when running on Windows 10.
McAfee Technical Articles ID: KB91830
Last Modified: 25/11/2019
Environment:
McAfee Endpoint Security (ENS) Threat Prevention 10.7.x, 10.6.1 July Update and later, 10.5.5 and later
Microsoft Windows Security Center (WSC)
Microsoft Windows 10
Problem:
The WSC intermittently incorrectly reports that ENS is disabled. WSC can prompt to enable Windows Defender.
Solution:
McAfee is actively working with Microsoft toward a solution to this issue. Microsoft has provided workaround instructions to alleviate the symptom until a fix is available.
This issue will be addressed in a future release of ENS.
Workaround:
ENS is enabled and functioning, but not being reported in the WSC. You can disable Windows Defender to avoid a conflict until a permanent solution is available.
Microsoft has provided the procedure below for McAfee customers to disable the Windows system toast notifications for Security and Maintenance. This action avoids alerting users to resulting false positive "antivirus disabled" messages.
Use Group Policy settings to disable Windows Defender Antivirus:
(For more information, see https://docs.microsoft.com/en-us/windows/security/threat-protection/wind....)
- On your Group Policy management system, open the Group Policy Management Console, right-click the Group Policy Object (GPO) you want to configure, and click Edit.
- In the Group Policy Management Editor, go to Computer configuration.
- Click Administrative templates.
- Expand the tree to Windows components, Windows Defender Antivirus.
- Enable the setting Turn off Windows Defender Antivirus.
- Deploy the updated GPO as you normally do.
Use Group Policy settings to disable Windows system toast notifications for Security and Maintenance on Windows 10 1803 and earlier:
- On your Group Policy management system, open the Group Policy Management Console, right-click the GPO you want to configure, and click Edit.
- In the Group Policy Management Editor, go to User configuration.
- Expand the tree to Preferences, Windows Settings.
- Click Registry.
- From the Action drop-down list, select New, Registry Item.
- Fill in the New Registry Properties:
Action |
Update |
Hive |
HKEY_CURRENT_USER |
Key Path |
Software\Microsoft\Windows\CurrentVersion\Notifications\ Settings\Windows.SystemToast.SecurityAndMaintenance |
Value name |
Enabled |
Value type |
REG_DWORD |
Value data |
00000000 |
- Click OK.
- Deploy the updated GPO as you normally do.
Use Group Policy settings to disable all Windows system toast notifications for Security and Maintenance on Windows 10 1809 and later:
(For more information, see https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-security-center/wdsc-hide-notifications.)
- On your Group Policy management system, open the Group Policy Management Console, right-click the GPO you want to configure, and click Edit.
- In the Group Policy Management Editor, go to Computer configuration.
- Click Administrative templates.
- Expand the tree to Windows components, Windows Security, Notifications.
- Open the Hide all notifications setting and set it to Enabled. Click OK.
- Deploy the updated GPO as you normally do.