Issue:
Windows 7 SP1 and Windows Server 2008R2 MUST be patched with KB4474419 to maintain protection due to changes made by Microsoft related to driver signing.
If patch KB4474419 is not installed, the F-Secure client will fail to install updates and request for restart / reboot.
The product user interface will show a different status, depending on if you are using a for home or business F-Secure product:
- Business products, such as Client Security, Server Security and Server Protection, will show "Computer is not protected" status.
- For home products, such as SAFE and Internet Security, will show "You are not protected" status.
Resolution:
Due to changes made by Microsoft related to driver signing, Windows 7 SP1 and Windows Server 2008R2 will require a patch to be installed, in order for our drivers to protect these computers.
Most devices will have already received this patch, as it was released as a Security update by Microsoft in March 2019, and should have been automatically applied. However, some customers maintain their Windows Updates separately, and they should immediately ensure they have the patch from KB4474419 applied. Failure to do so will prevent F-Secure and WithSecure clients from functioning correctly.
For customers who use Software Updater, an optional part of our endpoint protection clients, this patch is available as "2019-09 Security Update for Windows 7 for x64-based Systems (KB4474419) 6.1.7601"
Newer Operating Systems, and Windows 7 SP1 or Windows Server 2008 R2 that have this patch installed are not affected, and the clients will continue to function normally.
Please note that this also affects software products from vendors other than F-Secure and WithSecure as well, if those products contain drivers signed by Microsoft.
Article no: 000031760