An update released by McAfee for the Exploit Prevention module of Endpoint Security 10.2 and earlier wreaked havoc on Windows as it blocked users from logging in to the operating system.

The botched release, which was shipped on Wednesday, updated the security app to version 9418, as per the official McAfee advisory.

But as many organizations discovered, installing the update made it impossible to log in to Windows, with some even suspecting a possible ransomware infection on the affected systems.

Others blamed Windows updates for the issue, including US consumer credit reporting company Experian. Several services offered by the company went down on Wednesday after the faulty update was installed, and some company employees said a Windows update issue caused their services to go offline.

Fix already available for impacted devices

But in a technical advisory, McAfee confirms that “users are unable to log on to Windows if ENS 10.2 or earlier is installed” and the update to version 9418 is deployed.

The security vendor rolled out update 9419 to correct the issue, and customers are recommended to boot in to Safe Mode to install the patch.

What’s worth knowing is that Endpoint Security 10.2 is no longer supported, as McAfee discontinued it on December 15, 2018. Organizations, however, continue to run it on their devices, mostly because the migration to a newer security product is considered a costly transition.

For the time being, it’s not yet known how many customers were affected, but what’s worth emphasizing that the issue isn’t by any means caused by a Windows update. Microsoft rolled out new security updates for supported Windows versions (Windows 7, Windows 8.1, and Windows 10) on July 9 as part of the monthly Patch Tuesday cycle, but none of the updates are causing locking users out of their Windows systems.