Windows Boot Issues after MS Security Patches applied

A

AndyBain1

We have a strange issue that seems to occur after security updates are applied from Microsoft - but we are not 100% convinced it is a Microsoft issue. Apologies for the long post but I wanted to provide as much detail as possible.


Our laptops are all HP 840 Elitebooks (G1 through to G5) running Windows 10 Enterprise version 1803, all laptops have bitlocker enabled. The problem only affects a certain number of laptops and we've not found a common pattern yet.


Problem

- Windows automatic updates take place and includes a security update

- User shuts their laptop down at the end of the working day

- The following morning when trying to boot, the laptop gets stuck at the "HP Sure Start" screen and doesn't boot

- We switch the laptop off and on a few times to force automatic repair and then boot to safe mode

- We perform a standard reboot and everything works (on occasions we have to remove the security update but that's only on 1 in 10 laptops)


If this was a HP Sure Start issue then we wouldn't expect it to boot to safe mode so we can only assume that something at the start of the boot up of Windows is causing the problem and, by using Safe Mode, it is allowing us to boot properly and, my theory, is that the security update may have needed a reboot and can finally apply correctly when there are no other programs interfering/blocking it.


The programs we load that could be contributing to the problem are:


- Cisco Umbrella

- Carbon Black

- Cylance

- Connected MX

- CheckPoint VPN Client

- Ivanti Landesk


Our vendors have not found anything to suggest it is their software causing the problem but the top 3 in the list above are security products and do not load in Safe Mode so if it is anything causing it, it may be one of them. Windows Event logs do not show anything to suggest the cause of the issue.


We cannot reproduce the issue at will because once the laptop is working again, it won't fail again. We did try removing the last security update, rebooting, running Windows update manually (which then re-applies that security update). In theory, we should now be able to reboot and reproduce the issue but it boots normally.


The problem is that if we wait until the monthly patch Tuesday for the next updates, then it means we can only troubleshoot once a month so that approach won't work. I'm hoping for some other suggestions that can help us get to to the bottom of this issue without us disabling too many programs that then make our IT security department nervous.


Thanks in advance


Andy

Continue reading...
 
Back
Top Bottom