Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Participant

Windows update from 1809 to 1903 with Endpoint Security E82.00 breaks BCD Boot on Probook 640 G4

Jump to solution

Has anyone experienced problems with Endpoint Security E82.00 breaking during the feature update to 1903? It's an identical problem to that described in this post:

https://community.checkpoint.com/t5/Endpoint-Security-Products/Windows-10-1803-Auto-Upgrade-with-FDE...

The problem occurred on two Probook 640 G4s. Both had Endpoint Security E82.00 installed and Windows 10/1809 with recent security updates. In both cases, bcdboot was enabled (as advised in the other post) and the Bios was up to date.

There is a boot loop as the 1903 update tries to finish installing, and Checkpoint is not listed among the devices in the boot menu. Decrypting the hard drive (via recovery media) allowed the 1903 update to complete and the machine to boot to Windows. Checkpoint then was uninstalled and reinstalled from scratch. 

 

0 Kudos
Reply
1 Solution

Accepted Solutions
Highlighted
Participant

The issue appears to be solved.

I noticed that HP had released a BIOS update (labeled as a May 11th release), and this BIOS update solved the issue. Indeed, one of the fixes listed for this update was “- Fixes an issue where the original boot entry is deleted when a third-party encryption software creates a boot entry.”

Secure Boot needed to be disabled, but then the Feature Update from 1809 to 1903 worked on the Probook G4 without killing the Checkpoint boot entry. We also updated the BIOS on several Elitebooks (G5) and the Windows update (from 1803 to 1903) worked.

What I do not understand is that when I contacted HP about this issue, they said to contact Windows, even as they were busy fixing it. 

View solution in original post

0 Kudos
Reply
6 Replies
Highlighted
Admin
Admin
Might want to get the TAC involved here
0 Kudos
Reply
Highlighted

upgrade the Client to E82.30

Tags (1)
0 Kudos
Reply
Participant

Thanks, I installed E82.40 on the client and the Checkpoint server is also upgraded to R80.30. That did not help - the boot loop came back under the same conditions.

My service partner forwarded the case onto Checkpoint Support, who claim they are working with HP on this issue.

 

 

 

0 Kudos
Reply
Highlighted
Advisor

You may want to make sure that your BIOS is current. We have a large number of HP's notebooks here and have seen occasionally unpredictable behavior on encrypted machines with outdated firmware.  

R80 CCSA / CCSE
0 Kudos
Reply
Highlighted
Participant

The Bios is up to date (10.0.0). A new Bios version was released a month ago. I also checked for updates on the SSD's firmware, but none were available.

Of three Probook 640 G4s I tested, two do not survive the 1903 update and one does survive it. I cannot find any differences in the hardware or Bios settings among the machines. The VBios firmware version differs, in case that is relevant.

Other HP machines we tested (including a Probook 640 G5) survived the update.

0 Kudos
Reply
Highlighted
Participant

The issue appears to be solved.

I noticed that HP had released a BIOS update (labeled as a May 11th release), and this BIOS update solved the issue. Indeed, one of the fixes listed for this update was “- Fixes an issue where the original boot entry is deleted when a third-party encryption software creates a boot entry.”

Secure Boot needed to be disabled, but then the Feature Update from 1809 to 1903 worked on the Probook G4 without killing the Checkpoint boot entry. We also updated the BIOS on several Elitebooks (G5) and the Windows update (from 1803 to 1903) worked.

What I do not understand is that when I contacted HP about this issue, they said to contact Windows, even as they were busy fixing it. 

View solution in original post

0 Kudos
Reply