14 DAY TRIAL // We’ve already told you that one of the updates released recently for Microsoft’s anti-malware solutions caused problems to Windows XP users, so it was only a matter of time until the company actually acknowledged the issue and provided more information on what happened.
According to a report by The Register, thousands of computers running Windows XP have been affected by the issue, which was apparently caused by a faulty update for System Center Endpoint Protection (SCEP) and Forefront Endpoint Protection (FEP). Most computers which received the dodgy virus definition were hanging at boot, with the issue tracked down to Msmpeng.exe.
As the aforementioned source writes, this is the main process of Microsoft’s anti-malware engine, so killing it completely is the only way to deal with the issue.
Posts on the TechNet support forums confirm the problems, with some users revealing that the majority of Windows XP machines are freezing after getting the updates.
“This morning all of our remaining XP machines are unresponsive for up to 30 minutes after startup until MsMPEng crashes,” one user reported. “After the engine has crashed the system is responsive again until a few minutes later, after the service has restarted, the problem begins anew.”
A Microsoft spokesperson confirmed that a signature update delivered to Windows XP computers caused “interrupted service for customers,” but added that a newer update would automatically resolve the issue.
One user who posted on the TechNet forums confirmed that disabling Behavior Monitoring on the affected devices solves the problems temporarily.
“Removing the tick from Enable Behavior Monitoring appears to be working for us at the moment, GPO keeps reapplying it so we are currently looking to change that until a new sig comes out,” he posted.
To disable Behavior Monitoring, use the following path and switch the default configuration to “No”:
SCCM console > Assets and Compliance - AntiMalware Policies > <your policy> > Real Time Protection > Enable Behavior Monitoring > NO
Basically, those who are encountering the same issues on their Windows XP computers are strongly recommended to deploy the latest virus signatures released by Microsoft, which is supposed to address the problems and restore full functionality of the PC.
Disabling the anti-malware protection completely isn’t quite a thing that should be done given that no Windows XP support is available right now, so act carefully and make sure that your PC is still protected in order to stay away from any exploit that could be aimed at your computer.