Problem Statement:
Users may face login failures, application launch failures, or delayed login time with Accops HySecure and Accops Workspace client on Microsoft Windows OS.
Issue Symptoms:
- The latest Microsoft Defender update KB2267602 (Version 1.421.1647.0 for Win 10 & Version 1.421.1648.0 for Win 11), released on February 1, 2025, is causing issues with the Accops Client.
- Affected users are experiencing delayed connections and intermittent login failures while accessing the HySecure gateway.
- Verify in your latest Windows updates under Definition updates > Security Intelligence Update for Microsoft Defender Antivirus - KB2267602 (Version 1.421.1647.0 for Win 10 & Version 1.421.1648.0 for Win 11) Installed on 01st Feb 2025.
Impacted Client Versions:
Client | Version(s) Impacted |
Accops HySecure client for Windows OS | Yes - All Versions |
Accops Workspace client for Windows OS | Yes - All Versions |
Accops HyID (Credential provider with pre-login connectivity) for Windows OS | Yes - All Versions |
Accops HyID (Credential Provider only) for Windows OS | None of the versions are impacted |
All other Accops clients on all other Operating Systems | None of the versions are impacted |
Root Cause Analysis:
- The latest Windows Defender update appears to have increased scrutiny over file access patterns and I/O operations. It seems Windows Defender is throttling frequent write operations in a log file stored in User's home directory, temp directory and Windows temp directory.
- Accops client for Windows stores logs files in User's home, temp and Windows temp directory.
- The new behavior of Windows Defender has impacted the event logging process of affected Accops clients for Windows OS, causing significant delays in the overall client operations.
- Because of the new behavior of Windows Defender, users may face problems in signing in and launching application.
Recommendation:
Update Windows Defender Antivirus Security Intelligence to version 1.421.1763.0 or a later version. This update is expected to lessen the severity of the symptoms; however, some delays in login through the client may still be experienced.
We are continuing to work with Microsoft to further optimize this issue to eliminate the need for temporary workarounds (as detailed below) or updates to the Accops Workspace Client for Windows to address the behavior of Defender.
Temporary Workaround:
Exclude Accops Folder from Windows Defender (via GPO) (Recommended)
To exclude Accops-related folders from Windows Defender using Group Policy Object (GPO):
Steps to Apply in Group Policy (GPO)
Open Group Policy Management Console (GPMC)
- Run
gpmc.msc
to open the Group Policy Management Console.
- Run
Edit or Create a New GPO
- Navigate to:
Computer Configuration > Administrative Templates Windows Components > Microsoft Defender Antivirus > Exclusions
- Navigate to:
Configure the "Path Exclusions" Policy
Double-click "Path Exclusions".
Set the policy to "Enabled".
Click "Show…" and add the following paths in the Value name field:
C:\Users\*\AppData\Local\Accops\edc\softclient\*.log C:\Windows\Temp\ACCOPS\*.log C:\Users\*\AppData\Local\Temp\ACCOPS\*.log
After adding the paths, set the Value as 0.
Click OK and Apply.
Force Group Policy Update on Client Machines
- Run the following command on the client machines to apply the policy immediately:
gpupdate /force
- Run the following command on the client machines to apply the policy immediately:
Verify the Exclusion in Windows Defender
- Open Windows Security (Windows Defender).
- Navigate to:
Virus & threat protection > Manage settings > Exclusions
- Ensure that the exclusions appear in the list.
Solution:
While awaiting a definitive update from Microsoft, we are offering a revised version of the Workspace client with optimizations to address the behavior of Windows Defender.
Support Article containing download links and Release Notes
Revision Table:
Version | Changes Made | Date |
1.0 | Initial advisory document published. | Feb 1, 2025 (Saturday) |
1.1 | Document updated with Additional Workarounds | Feb 4, 2025 (Tuesday) |
1.2 | Link added to download batch file for quickly applying Solution 1 | Feb 4, 2025 (Tuesday) |
1.3 | Additional updates and reivision to recommended solution | Feb 5, 2025 (Wednesday) |
1.4 | Details of applying GPO policy indicated | Feb 5, 2025 (Wednesday) |
1.5 | Listed only the most viable solutions | Feb 6, 2025 (Thursday) |
1.6 | Added Solution and Recommendations | Feb 13, 2025 (Thursday) |