Jump to content
Welcome to our new Citrix community!
  • 0

Server 2016 Windows Defender Service Disabled and greyed out after upgrade to 7.15 CU5


Ken Z

Question

Hi everyone

 

anyone come across the following....

 

Server 2016 XenApp Farm running 7.15 LTSR CU3, installed with /FEATURE_DISABLE_HTML5 and BCR 15.15. System is/was running Windows Defender OOTB

Did a standard upgrade to 7.15 LTSR CU5 on the  StoreFront, Director, etc servers with no issues.

Started upgrading the XenApp hosts one at a time, but first disabled Real-Time Protection. When it came to re-enabling the Real-Time protection, noticed it was greyed out in the console. Went to look at the service and noticed it was set to disabled and was greyed out so I couldn't set it back to automatic. Tried the usual stuff; command line based "sc config WinDefend start= auto", tried editing the registry ("services\WinDefend\Start=2"), etc, but each time access denied (and yes, did the sc command in an elevated DOS prompt, set owner\permissions on registry key, etc)

 

When i upgraded the next XenApp host, I monitored the "Windows Defender Service" service, and noticed that it switched from "Automatic" to "Disabled" at the point in the upgrade where it says "Component Initialization" in the Post Install part of the upgrade. 

 

does anyone know why the 7.15 CU5 upgrade would disable Windows Defender at this point? or even why it's setting the service to disabled in the first place, when it was set to Enabled\Automatic before?

 

Regards

 

Ken

Link to comment

7 answers to this question

Recommended Posts

  • 0

Salim

 

thanks for the link. That's definitely confirmed that the CU3 -> CU5 upgrade disables Windows Defender.

Why i does that I don't know, as anyone depending on the built-in AV for their XenApp (and I assume XenDesktop VDI) sessions are royally scr*wed.

There's also no easy way to re-enable it. Just tried "psexec -sid c:\windows\regedit.exe" to try and run regedit as SYSTEM and that didn't work either. Will keep on investigating other ways to re-enable Defender on Server 2016...

 

Just did a test upgrade of my Windows 10 VDI Desktops to 7.15 CU5 (from 7.15 CU2) and that didn't disable the AV... very strange.

 

Regards

 

Ken

Link to comment
  • 0
On 11/15/2019 at 10:47 AM, Ken Zygmunt said:

Salim

 

thanks for the link. That's definitely confirmed that the CU3 -> CU5 upgrade disables Windows Defender.

Why i does that I don't know, as anyone depending on the built-in AV for their XenApp (and I assume XenDesktop VDI) sessions are royally scr*wed.

There's also no easy way to re-enable it. Just tried "psexec -sid c:\windows\regedit.exe" to try and run regedit as SYSTEM and that didn't work either. Will keep on investigating other ways to re-enable Defender on Server 2016...

 

Just did a test upgrade of my Windows 10 VDI Desktops to 7.15 CU5 (from 7.15 CU2) and that didn't disable the AV... very strange.

 

Regards

 

Ken

 

So, is there any way to re-enable the Windows Defender Firewall service?

 

 

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...