Jump to content

ewallace

Members
  • Content Count

    2
  • Joined

  • Last visited

About ewallace

  • Rank
    New Member
  1. I should add - once the LAN based PCs received the external DNS entry via DHCP, we were able to access them via our web based remote access support tool (GoToAssist), elevate the credentials to local admin, and remove MalwareBytes Client. This allowed for immediate access to the LAN, as opposed to waiting for four hours for the MBAM Update.
  2. We are another MalwareBytes for Business customer, with a few hundred users. The subnets on our LANs are 172.16.x.x - right in the range that was excluded by this bad update. Our DNS servers are local - on the 172.16.x.x LANs. What we finally figured out to remedy the situation for PCs that were in the hands of non-admin or remote users was: Our MBAM policy stated that after 4 hours of not being able to get updates from the MBAM update server on the LAN, the PCs are to try to get a definition update from the Internet. With local unreachable DNS servers, the PCs could not get on to the Internet, of course, and therefore could not complete the policy directions. We updated all of our DHCP servers to dole out a DNS list that included an external DNS entry along with our internal ones. With the new external DNS entry, we found that PCs started to get MBAM updates - almost exactly 4 hours after being restarted. Of course, after that they regained LAN access. --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- I was informed by one of my techs of 'a problem' on Saturday, 10:00 AM CST. We chased network problems for about 4 hours - that is what this problem looked like originally. Looking for answers, I finally got around to uninstalling MBAM Client on my PC. Immediately I was able to access our LAN, and browse the Internet. (Our DNS servers were local, and although we could ping 8.8.8.8 - for example - on Saturday, we could not access www.google.ca, rendering browsing useless.) Manually uninstalled MBAM was an acceptable but laborious process to do for local PCs that we could physically access and login with admin credentials. However we support many devices in remote offices, (that use 172.16.x.x subnets), and home offices too. I was not aware of what the bad MBAM update was actually doing until this morning. I received an email from a MBAM tech in Europe that stated IP addresses in the 128.0.0.0 to 191.255.255.255 range were being blocked by the bad MBAM update. Had we known the actual cause earlier, we MAY have set the DHCP DNS list and restarted the PCs on Saturday evening, or Sunday. Then, someone in the remote offices could have restarted the PCs on the weekend, with the assurance that on Monday (or within 4 hours) their PCs would be working correctly again.
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.