Where we found that was under Local Machine\Intermediate Certificate Authorities Store. I wasn't personally involved, but was CC'd as to what the solution was and how it solved the problem for our subsidiary offices. Basically they found that specific certificate in that store and deleted it manually. Once they did that, it worked. As that office needed to install Patch 2 on a lot of systems, they created an SCCM advertisement to run that certutil command to delete the certificate across all systems in their office and that allowed them to push Patch 2.
Here is the official bulletin from McAfee with their workarounds: http://kc.mcafee.com/corporate/index?page=content&id=KB77683 From: [email protected] [mailto:[email protected]] On Behalf Of Burke, John Sent: Monday, January 20, 2014 12:16 PM To: [email protected] Subject: [MDT-OSD] RE: Anyone see issues with mcafee anti virus (their current cert has expired as of 2013) yeah i looked at that. I also saw the expired one for 2004 but removing it didn't fix the issue. Unless we deleted that from the wrong store location. When we look at the cert you'd swear it's exactly that issue, You just delete the expired root cert ? I couldn't find a "code signing 2004 ca certificate" I did find a a root cert that it was connected to though. ________________________________ From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Edward Woo Sent: Monday, January 20, 2014 4:02 PM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] RE: Anyone see issues with mcafee anti virus (their current cert has expired as of 2013) Some of us ran into this issue as well when trying to install patch 2 for VSE 8.8. Rolling back the clock for the install wasn't ideal so we had removed the expired VeriSign Class 3 Code Signing 2004 CA certificate. (They also have one named the same, but that certificate hasn't expired so be careful) After removing it, performing the patch 2 install allowed the system to get the latest certificate and it allowed the install to work. You should be able to script a certificate removal job. (Eg. certutil -delstore ca <ID of certificate>) From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Burke, John Sent: Monday, January 20, 2014 11:50 AM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] RE: Anyone see issues with mcafee anti virus (their current cert has expired as of 2013) yes. mcafee has been working on a patch all week. we are running mcafee virusscan enterprise 8.8 patch 3. They signed it with a cert that expired the last day of the year. Not sure it's taking them so long to resign it. It basically won't install on a system at all. You have to set the year back then it will install, then set the year back. I've not been able to find a policy that prevents exe's with expired signed certs on our systems so i'm guessing mcafee is just redirecting with that. Unless someone here knows... ________________________________ From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of [email protected]<mailto:[email protected]> Sent: Monday, January 20, 2014 2:22 PM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] RE: Anyone see issues with mcafee anti virus (their current cert has expired as of 2013) "Anyone see issues with mcafee anti virus" That sir, is a loaded question. :) Are you running the latest point release for your version? If you are, well then, more ammo to get off that terrible product. Christopher Catlett Consultant | Detroit [cid:[email protected]] Sogeti USA Office 248-876-9738 |Fax 877.406.9647 26957 Northwestern Highway, Suite 130, Southfield, MI 48033-8456 www.us.sogeti.com<http://www.us.sogeti.com/> From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Burke, John Sent: Monday, January 20, 2014 1:16 PM To: [email protected]<mailto:[email protected]> Subject: [MDT-OSD] Anyone see issues with mcafee anti virus (their current cert has expired as of 2013) we have out anti virus in the task sequence to keep it up to date - it fails because the cert is expired. Set the time year back to 2013, run the install and it works. It seems to be happening on a fair number of systems. 1 in 10 or so.
<<inline: image001.jpg>>
