Closed Bug 791331 Opened 13 years ago Closed 10 years ago

McAfee is blocking Updates, by preventing applications from running from temp

Categories

(Toolkit :: Application Update, defect)

Product:
Toolkit
Component:
Application Update
Version:
16 Branch
Platform:
x86_64
Windows 7
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1098112

People

(Reporter: jason, Unassigned)

Details

User Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:16.0) Gecko/20100101 Firefox/16.0 Build ID: 20120911232325 Steps to reproduce: Tried to update Firefox, from "About Firefox" came up with an error message "Partial update could not be applied" Neither can a full update be applied as well. Reviewed logs System Events, and an error message was there Blocked by access protection rule. Access to object C:\Users\<USERPROFILE>\AppData\Local\Temp\MozUpdater-3\updater.exe was blocked by rule Common Standard Protection:Prevent common programs from running files from the Temp folder. Actual results: Tried to update Firefox, from "About Firefox" came up with an error message "Partial update could not be applied" Neither can a full update be applied as well. McAfee prevented updater.exe from running from the temp directory. Expected results: System should have updated. It use to update prior to 15, without a problem, the files use to be stored in C:\Users\<USERPROFILE>\AppData\Local\Mozilla\Firefox\ on updates.
Stupid software and I don't believe that we can do anything about this. The help/about doesn't use the background update at the moment. We have a bug for that to change that. Maybe that will help ?
Component: Untriaged → Application Update
Product: Firefox → Toolkit
The funny part was, that it worked until about 2 months ago, and it was totally coincidental that I had Microsoft Access installed around the same time as that, which redefines .mar for itself. Prior to that updates worked without a problem, even though this rule was not changed, from the McAfee EPO side. It has always blocked from the temp directory. Maybe in the installer, move the update program to something like .../Common Files/Mozilla Firefox/update and run it from there
Jason, does this still reproduce when using current versions of Firefox and McAfee?
Flags: needinfo?(jason)
Last I checked it still does, but I haven't tried in a little while, I'll have to check. But as long as it uses the Temp Directory, it will fail if the EPO policy has prevented executing from the temp directory (In reply to Wayne Mery (:wsmwk) from comment #3) > Jason, does this still reproduce when using current versions of Firefox and > McAfee?
Flags: needinfo?(jason)
I did check today when I came into the office it seems to update now. (In reply to Wayne Mery (:wsmwk) from comment #3) > Jason, does this still reproduce when using current versions of Firefox and > McAfee?
Sorry my mistake I didn't check fully it isn't working still, the box about the failed update was under the firefox menu. (In reply to Wayne Mery (:wsmwk) from comment #3) > Jason, does this still reproduce when using current versions of Firefox and > McAfee?
The error for Firefox is The Update could not be installed (patch apply failed). Again I would recommend moving the file from Temp for the update, as more companies may lock down the temp directory, which would mean Firefox may not become an option for the enterprise.
I can confirm this on 29.0 beta channel. After clicking the 'restart to apply update' button I get the 'The Update could not be installed (patch apply failed)" message. Screenshot: http://i.imgur.com/0NeIfIf.png I get the following message in my McAfee Access Protection Log File: C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\charlesr\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe Common Standard Protection:Prevent common programs from running files from the Temp folder Action blocked : Execute
We no longer run the updater.exe from the temp directory. Resolving duplicate to the main bug that fixed this which is bug 1098112
Status: UNCONFIRMED → RESOLVED
Closed: 10 years ago
No longer depends on: CVE-2015-2720
Resolution: --- → DUPLICATE
WRONG! You are STILL running the updater from the temp directory, and the bug has NOT been resolved! PLEASE FIX THIS!
You need to log in before you can comment on or make changes to this bug.