rgcowie4D

Problems with Patch C

103 posts in this topic

 

Trying to get network corrected after patch B. Tried to install patch C with the following results:

 

1. For clients that had the "protection is off with no user logged in" behavior from patch B, I cannot deploy patch C unless a user is logged in. Have to address each client machine individually or wait until business hours when users are logged in.

 

2. For clients that had more serious issues from patch B (slowdown, hang, components unable to start), installation of patch C hangs and does not complete, even through several attempts and reboots. KES reports "Application privelege malfunction". I updated the KES installation package in KSC then did a Modify/Repair install of KES using that package. This successfully re-installs KES with patch A & B, but not C. Then allowed it to update from KSC, after which it still does not have patch C. Then allowed to update from Kaspersky Lab servers, still no patch C. Then logged off and confirmed that patch B problems remain. Then tried pushing an update task from KSC. Still no patch C.

 

Reviewing all computers on the network, it appears that deployment of patch C from KSC is random. Some clients receive it and some do not. I saw this also with patch B, the roll-out was not uniform.

 

I verified that KSC did receive the patch C from Kaspersky, it is present in the repository, and did deploy to some computers. Also verified that settings are to allow application module updates. Again this worked with some clients.

 

So now I have a partially corrected network, but still about a third of the clients with problems and no patch C. The debacle continues.

 

Kaspersky, the ball is in your court again. Solutions?

 

 

 

 

Share this post


Link to post
Share on other sites

FYI, I no longer believe that the installed version and patch status reported by Kaspersky is correct in the short term, for either the "About" feature of KES, or in the KSC software version report. Possibly there is a significant time lag before the true version & patch are reported.

 

I now have 13 clients that show patch A only, but in the last 4 hours as I applied updates, have begun to exhibit the behavior of patch B (protection off until user logged in). I also have several which report patch A & B, but now exhibit the repaired behavior of patch C (no loss of protection on log-out).

 

It seems as though patch B is being pushed out ahead of patch C, for those clients that did not already receive it before I began working on things today.

 

About 70% now show patch A, B, & C. So I'm going to leave it overnight and check the status in the morning.

 

Share this post


Link to post
Share on other sites
Trying to get network corrected after patch B. Tried to install patch C with the following results:

 

1. For clients that had the "protection is off with no user logged in" behavior from patch B, I cannot deploy patch C unless a user is logged in. Have to address each client machine individually or wait until business hours when users are logged in.

 

2. For clients that had more serious issues from patch B (slowdown, hang, components unable to start), installation of patch C hangs and does not complete, even through several attempts and reboots. KES reports "Application privelege malfunction". I updated the KES installation package in KSC then did a Modify/Repair install of KES using that package. This successfully re-installs KES with patch A & B, but not C. Then allowed it to update from KSC, after which it still does not have patch C. Then allowed to update from Kaspersky Lab servers, still no patch C. Then logged off and confirmed that patch B problems remain. Then tried pushing an update task from KSC. Still no patch C.

 

Reviewing all computers on the network, it appears that deployment of patch C from KSC is random. Some clients receive it and some do not. I saw this also with patch B, the roll-out was not uniform.

 

I verified that KSC did receive the patch C from Kaspersky, it is present in the repository, and did deploy to some computers. Also verified that settings are to allow application module updates. Again this worked with some clients.

 

So now I have a partially corrected network, but still about a third of the clients with problems and no patch C. The debacle continues.

 

Kaspersky, the ball is in your court again. Solutions?

 

You do know that after a patch deployment you need to restart the endpoints to make it effective?

Share this post


Link to post
Share on other sites
You do know that after a patch deployment you need to restart the endpoints to make it effective?

 

How about Kaspersky get off their backsides and provide an executable that we can force to install remotely on machines without having to depend on machines which are alrady crippled by their useless update to use their crappy crippled software to fix itself?

Share this post


Link to post
Share on other sites
How about Kaspersky get off their backsides and provide an executable that we can force to install remotely on machines without having to depend on machines which are alrady crippled by their useless update to use their crappy crippled software to fix itself?

 

If the machines are crippled then how would you be able to install an executable on them? I don't think updating from KSC or KL Update Servers directly or installing an executable to make your life easy is any different.

 

Have you tried updating with a safe-boot?

Share this post


Link to post
Share on other sites
If the machines are crippled then how would you be able to install an executable on them? I don't think updating from KSC or KL Update Servers directly or installing an executable to make your life easy is any different.

 

Have you tried updating with a safe-boot?

 

We still have some connectivity - but not much. Can't do a safe-boot as they are on a remote site with no-one there at the moment. Can't even get them to do a remote shutdown/restart.

 

I've also tried logging on to several machines remotely so that KSC sees KES as running. Then forced an update (after forcing an update 40 or so mins ago of the repositories and checking Patch C is in there), checked in the RDP session that a reboot is required and done one (and watched to check it was running shutdown scripts).

 

I've then logged back on remotely (after the reboot), this is to check on the machine that KES *IS* running and the update applied, then logged off again. Lo and behold, KSC *STILL* thinks protection is off or KES isn't running (some machiens have one sympton, some the other and it can change after a reboot from one sympton to the other).

 

So, either Patch C is not being applied or just plain doesn't work properly.

 

And for good measuere, KSC only reports a single machine has having patch C - and that seemed to happen (as it is supposed to) automatically.

 

Basically all I can caonclue are Kaspersky or making a dog's dinner of this and the lack of communication from them says they don't give a flying ****.

 

The one *good* point for me is that I'm not one of the poor buggers that has 1000's of machines affected by this - we only have a handful of PCs and almost all have been hit by this crap.

Share this post


Link to post
Share on other sites

 

This morning I found that 2 more of the clients have their versions reporting patch C.

 

I also have at least 1 client that reports patch C but still has the behavior of patch B.

 

For now my strategy is:

 

1. Remote login to client with patch B behavior (allows Kaspersky to start).

 

2. Allow update to run along with any scans that have been deferred while off-line.

 

3. After idle period, run update manually again.

 

4. Disconnect remote session from client (leave user logged-in so Kaspersky will run).

 

5. After cycling through all problem machines this way, issue master reboot command from KSC.

 

6. Go to step 1 and repeat until no clients show patch B behavior.

 

This does seem to work over time and multiple cycles. But it's a major PITA. At least I can do some other stuff while waiting.

 

The number of cycles required seems to vary. Some clients worked after the first cycle, some are up to 5 or more cycles with no improvement..

My guess is this process might occur anyway over the course of several days, without my intervention. But I need to know things will function on Monday morning.

 

I've also had 1 more client develop the full-blown symptoms of patch B during this process (fail to launch, hang and error messages), and had to re-install Kaspersky to recover. Had to do that on 5% of machines so far.

 

Share this post


Link to post
Share on other sites

Finally seem to be making some progress.

 

Now down to 3 machines which are totally crippled and the rest now up to date with Patch C and (so far!) behaving normally. However, when you consider that I'm only looking at 9 machines in total that is a pretty awful statistic! All of them were hit with the problem and 1/3 crippled by it to the point they need physically touching to fix.

 

The process was also damned painful. The only way I found to reliably force Patch C out was to update the install package for KES 831 to ensure it had the patch in it, then re-install on every damned machine. Then of course, despite KSC reporting each had a valid license key file, I had to re-install that as well.... Done remotely that took all of Sunday. Thanks Kaspersky :angry: :angry: :angry:

 

Whatever Kaspersky say, there seems to be no logic to the way application module updates (i.e. "patches") are deployed. They seem to get pushed out as and when it feels like it.

 

God help you guys with 1,000's of machines to fix!

 

Only six more months of license left then good riddence to this rubbish.

 

 

Share this post


Link to post
Share on other sites
Finally seem to be making some progress.

 

:angry: Spoke too soon. All of the machines which had been ok first of all almost simultaneously logged an "License Agreement Violated" event and disabled the protection. Re-install the license key (again!) and they returned to "green" status. Just checked (50 mins later) and they are all showing "Protection Off" AGAIN!!!!! This time no events logged to explain why.

 

So - problem STILL not fixed! What next Kaspersky? And don't say log a ticket because you won't deal with UK support, just direct me to Wick Hill who are just as bad. I logged a ticket with them over the remote deployment stopping at 51%, had one phone call to the effect of "don't know" then heard nothing more from them. Utter waste of time.

Share this post


Link to post
Share on other sites

George, I agree with you that the Kaspersky update process is mysterious at best. It does always seem to work eventually, but for an admin, eventually can be painful. I consider this to be a weakness of Kaspersky. If the problem is not serious, I let it work itself out and accept that I can't control it. In the case of patch B, though, I had to know that the problem was fixed.

 

So after a weekend spent working on around 100 machines, I'm down to 3 now that have patch C but still exhibit patch B behavior, and about 8 that still do not show patch C, but do not exhibit patch B behavior either. Perhaps that is still to come. I trust the behavior as a more reliable indicator than the reported patch status. KSC did roll out patch B ahead of patch C, so the patch B problem spread throughout the network as I tried to correct things. That was disconcerting but as it was the weekend, no users and no complaints.

 

Each update-and-wait-and-reboot cycle gets me farther along. As I mentioned, I could just leave it alone and let this happen naturally. I believe that it would self-resolve in time, but I would rather not risk the more crippling issues of patch B (beyond loss of protection with no user).

 

I did get several database corrupt/invalid license errors along the way, but a manual update from KES fixed those. Also my crippled machine rate (requiring re-install of KES) after patch B has been steady at about 5%.

 

I hope that as Kaspersky tech support reviews this forum, they realize the time and money that have been consumed by what was essentially lack of quality control on their part. I'm sure that it's been very significant around the world, probably a multi-million dollar event. Can't have very many of those without alienating customers. I came to Kaspersky after the equivalent Bitdefender product pushed an update that knocked down our servers. This wasn't quite as bad, but close.

Share this post


Link to post
Share on other sites

I know what you mean about the invalid key file and data base corrupt issue AFTER pushing out Patch C - even had that on our Admin server.

 

So far ALL of our supposedly "fixed" PCs are still exhibiting the "Protect Off" if a user is not logged on.

 

Not had pro blems this bad since McAfee did something simlar when I worked for RBS IT (while RBS still had a UK IT dept and before the sh*t hit the fan and they always folded). McAfee lost them as a cumstomer along with their 100,000+ machines.

Share this post


Link to post
Share on other sites

Hello

Please

 

1. Create a ticket to the technical support.

2. Post the number of the ticket in this thread.

 

3. If possible collect the full memory dump.

 

http://support.kaspersky.com/490

http://support.kaspersky.com/1771

 

4. Let us know in this thread if you can provide us with the remote session.

 

Thank you.

Share this post


Link to post
Share on other sites
I hope that as Kaspersky tech support reviews this forum, they realize the time and money that have been consumed by what was essentially lack of quality control on their part. I'm sure that it's been very significant around the world, probably a multi-million dollar event. Can't have very many of those without alienating customers. I came to Kaspersky after the equivalent Bitdefender product pushed an update that knocked down our servers. This wasn't quite as bad, but close.

 

Well said Firday and this morning due to patch C over the weekend has given me greif i still have a few machines shutting down awaiting for the patch to be installed.

 

:cb_punk: Some one should get sacked for releasing that patch B :dash1:

 

Share this post


Link to post
Share on other sites
Oh yeah it's totally Kaspersky's fault if you do not test updates before applying them :/

 

 

AUTO UPDATE KES recommends to be set to AUTO UPDATE!!!!!!!!

Share this post


Link to post
Share on other sites

So what ? It does not prevent you to test them before deploying them into production.

Don't you do the same with other editors, like Microsoft ? :mellow:

 

 

Share this post


Link to post
Share on other sites

How do you create a new installation package with all patches (a, b, c) in the KSC?

 

Thanks for any help you can provide.

Share this post


Link to post
Share on other sites

Patch b has caused me so many issues with xp machines not loading explorer.exe, running slow and locking up, I have had to manually go into safe mode on each computer run the kaspersky removal tool reboot and reinstall kaspersky and then install patch c. Not my idea of a fun weekend! :angry:

 

I have remote laptoop users have not been able to work.

 

Anyway my question is, are the patches cumulative, does the client need a,b anc c installed or is just installing c enough?

 

Edited by phileddies

Share this post


Link to post
Share on other sites

Patches are NOT cumulative. Installing c is NOT enough.

 

I suggest you recreate aninstallation package with a and b patches then deploy patch c through KSC update tasks

Share this post


Link to post
Share on other sites
Patches are cumulative. Installing c is enough, as it will include a, b and c together.

 

I suggest you recreate an client installation pakage, as it will include all patches directly.

 

 

Great thanks for the quick reply.

Share this post


Link to post
Share on other sites
So what ? It does not prevent you to test them before deploying them into production.

Don't you do the same with other editors, like Microsoft ? :mellow:

 

 

The problem with this scenario is patch b did not effect all machines the same. In a small test environment it DID work fine but they varied on how long the restart took. So when you push it out to hundreds of users and that reboot time varies so much that no matter what you tell the users they get frustrated after waiting 30 minutes for the reboot to take place they do a hard reboot and then all hell breaks loose and the machines become utterly useless. So even testing it would not give accurate results.

 

So yes I put the blame on kaspersky for this one. I am still trying to get patch c installed on all machines and it is a big pain in the you know what!!!

Share this post


Link to post
Share on other sites

I am still have lockup and network disconnection problems on computers that have patch C installed. Are you sure we don't need to uninstall patch B

Share this post


Link to post
Share on other sites
So yes I put the blame on kaspersky for this one. I am still trying to get patch c installed on all machines and it is a big pain in the you know what!!!

 

Same here on a few machines. going to do a complete unistall and reinstall.

 

as for testing i think i will be turning auto update off afther this issue is fixed and watch and see here on the boards for everyone to grumble about the next patch..

 

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now