All machines that have been upgraded to Windows 10 1903 report "Restart your computer to finish installing an update". Even after multiple reboots, the message remains.
The Apex One Agent creates two registry keys to disable Windows Defender:
In this case, the registry keys are created successfully, but Windows Defender does not stop.
This issue can be isolated to a registry key that only exists on Windows 10 1903 machines. For reference: Prevent changes to security settings with Tamper Protection.
If the Tamper Protection setting is On, you won't be able to turn off the Windows Defender Antivirus service by using the DisableAntiSpywaregroup policy key.
To resolve the issue:
- Create a GPO to update "TamperProtection"=dword:00000001 to "TamperProtection"=dword:00000000.
Setting the value to "0" will disable TamperProtection and allow the upgrade to succeed.
- After the change, restart the endpoint.