I wanted to bring this to the Community's attention and get some feedback whether we are the only ones experiencing issues. Since the release / installation of KB4485449 on Windows 10, multiple Check Point functions seem to have stopped working.
I have been able to specifically identify these symptoms:
SmartConsole R80.20: Unable to initiate manual IPS updates. I get a generic "Failed to download update package" error. I was able to reproduce this on two Windows 10 management machines; each with the KB4485449 update installed. I was able to update IPS once I went back to an old Windows Server 2008 R2 machine running the same version of SmartConsole as the Win10 machines.
Endpoint / Sandblast Agent: This update hit a lot of our machines last Wednesday or Thursday evening. On Friday (2/15), we noticed machines were unable to update Anti-Malware signatures. When running a manual update, the Endpoint client would return that it was unable to connect to the server despite the Endpoint client being connected. We found other machines in our environment of the same build that hadn't been patched yet and Anti-malware signatures are able to be updated from those machines.
I began to suspect recent updates might be causing the problem since recently patched Windows 10 machines were all the common denominator to these problems. Then, I came across this thread where the OP is reporting the Windows Server 2016 version of this patch broke AD Query for Identity Awareness:
Microsoft Updates KB4487026/KB4485447 stops IA and remote access via RADIUS from working??
I had an open ticket with TAC regarding my IPS update issue. We spent hours testing and debugging and weren't able to determine a root cause for these failures. So, I'm wondering if anyone at Check Point is aware of this problem? I'd imagine that a lot of people may not aggressively patch their workstations, so this issue may be awaiting more users as the patch slowly rolls out.
It may be worth noting that it seems these Servicing Stack Updates are dependent upon the base OS version. In our case, all the machines were running Windows 10 Build 1803. I suppose it could be possible that other builds received a different version of the Servicing Stack Update that could behave differently?
I will update my TAC case with this information as well as pass it along to my SE.
R80 CCSA / CCSE