This issue was observed on following Deep Security Agent versions:

• 20.0.0-5995 
• 20.0.0-6860
• 20.0.0-6690
• 20.0.0-7119

When you perform the agent upgrade via the web console, during the upgrade process, the MSIEXEC exits with unexpected exception. According to the investigation, there are two factors that contribute to this scenario. The first one is the agent process shutdown time increased when the Web Reputation is enabled; And the second is the dsa_connect.exe process exit code affects the msiexec while there is a time increased in agent shutdown. 


To verify this issue

From the install.log or MSI events you may see that during the upgrade that the MainEngineThread is returning the error 1601:

Solution

To prevent this issue from happening in future upgrades, a fix will be included on the next release, however the steps below should be followed to be able to upgrade from the web console without any issue. 

1. Start the Agent service back to running locally or through remote cmd solution like Windows Remote Management
2. Wait for the Agent status to become Online on the Manager Console, and then disable the Web Reputation and Activity Monitoring Modules.
3. Trigger the upgrade from the Manager Console again. 
4. Verify the agent upgrade is successful
5. Re-enable the Web Reputation and Activity Monitoring Feature
6. Upgrade to Deep Security Agent version 20.0.0.7303 (20 LTS Update 2023-06-28) or above

1. Verify the status of the agent service is stopped, do not start the agent service at this point. 

   Download the installer package (msi) and run it via cmd or remote cmd solution using the following command, note you need to change the installer package name in the command: 

   msiexec.exe /l <installer package name>.msi /q /l*v! install.log ALLUSERS=1 REBOOT=ReallySuppress SKIPDELAYUPGRADE=1
   

2. Upgrade to Deep Security Agent version 20.0.0.7303 (20 LTS Update 2023-06-28) or above