It is always advised that users first apply any major operating system update, such as the Windows 10 April 2018 Update, in a test environment with your production applications to test for any incompatibilities with any vendor’s product.
In the event that WFBS-SVC managed endpoints with the latest major operating system update (e.g. April 2018 Update) still observe any major issues in your environment such as a BSoD, users are advised to add the following processes exceptions into the Behavior Monitoring approved list by using the following steps:
-
Identify whether there is an endpoint that has already applied the Windows 10 April 2018 Update by checking the WFBS-SVC web console and going to the Security Agents screen, sorting by Operating System in the Group Information table, and looking for Windows 10 (10.0.17134).
Click the Customized Columns gear icon to add the Operating System column in the table. -
Select endpoints with the Windows 10 April 2018 Update, apply the following exclusions via Configure Policy > Scan Exclusion > Behavior Monitoring > Add to Approved Program List.
Add the following processes:
- C:\Program Files\WindowsApps\Microsoft.Messaging_*\SkypeHost.exe
- C:\Windows\SystemApps\*\SearchUI.exe
- C:\Windows\ImmersiveControlPanel\SystemSettings.exe
- C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_*\HxTsr.exe
- C:\Windows\SystemApps\Microsoft.LockApp_*\LockApp.exe
- C:\Windows\SystemApps\Microsoft.MicrosoftEdge_*\MicrosoftEdge.exe
- Save and exit.
If the issue persists after the above exclusion list is applied, refer to the KB article: Generating a memory dump by forcing a system crash and consult Trend Micro Technical Support for further assistance.