Random blue screen error (Bug check 3b/Bug check 19/Bug check 50/Bug check 5d) after installing ENS Threat Prevention
Last Modified: 2023-07-07 12:02:26 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
After December 1, 2024, please log in to the Thrive Portal for support, knowledge articles, tools, and downloads. For information about using the Thrive Portal, view the Trellix Thrive Portal User Guide.
Random blue screen error (Bug check 3b/Bug check 19/Bug check 50/Bug check 5d) after installing ENS Threat Prevention
Technical Articles ID:
KB94793
Last Modified: 2023-07-07 12:02:26 Etc/GMT Environment
Endpoint Security (ENS) Threat Prevention 10.7.0 February 2021 Update and later
Problem
You might see a blue screen error after you install or upgrade to the ENS Threat Prevention 10.7.0 February 2021 Update and later. The Bug check code can be Bug check 3b, Bug check 19, Bug check 50, or Bug check 5d. This issue is random and only occurs in a few environments. There have been certain cases wherein when the driver verifier has been enabled on the system, the blue screen error doesn't occur anymore. First example of a stack trace: ffffd001`686e4750 fffff800`f6cd302c : 00000000`00000000 00000000`00000e28 00000000`00000e28 00000000`00000e01 : mfehidk! ffffd001`686e47b0 fffff800`f6c94ac7 : 00000000`00000000 ffffe801`86374080 ffffe001`b4579670 ffffe001`ade17848 : mfehidk! ffffd001`686e4830 fffff800`f6c94c97 : ffffe001`b482de00 00000000`00000e28 ffffe801`86374080 ffffe001`ade177e0 : mfehidk! ffffd001`686e4860 fffff803`5c6437cd : ffffe801`86374080 fffff803`5c553b20 00000000`00000001 ffffe801`86374080 : mfehidk! Second example of a stack trace, for the process ffffd000`21cdad28 fffff802`6caa7156 : 00000000`00000019 00000000`0000000e ffffe000`cae5b110 00730061`006c0063 : nt!KeBugCheckEx ffffd000`21cdad30 fffff801`ae5303a8 : ffffd000`21cdaf00 00000000`00000000 00000000`00000000 00000000`00000000 : nt!ExDeferredFreePool+0x746 ffffd000`21cdae00 fffff801`ae51c11f : ffffe000`c694c230 00000000`00000000 ffffc000`7026c780 ffffe000`00000000 : mfencbdc+0x673a8 ffffd000`21cdae30 fffff801`ae51bf6b : 00000000`00000000 ffffe000`cbaf41e2 ffffd000`21cdb000 ffffe000`cbaf4190 : mfencbdc+0x5311f ffffd000`21cdaed0 fffff801`ae51cfb6 : 00000000`00000000 ffffe000`cbaf41fa ffffe000`c7e071f0 00000000`0000007c : mfencbdc+0x52f6b ffffd000`21cdaf50 fffff801`ae4d181b : ffffe000`c86fca80 ffffe000`c7e071f0 ffffe000`cbaf4180 00000000`c000a3d0 : mfencbdc+0x53fb6 ffffd000`21cdaf90 fffff801`ae5346da : 00000000`00000000 00000000`00000000 ffffe000`c86fcb50 00000000`00000000 : mfencbdc+0x881b ffffd000`21cdb010 fffff802`6cc9bdff : 00000000`00000002 ffffd000`21cdb111 ffffe000`c7e071f0 ffffe000`c7bd6900 : mfencbdc+0x6b6da Cause
This issue occurs due to a single bit in a bitfield variable that's missing a lock on accessing it.
Solution
This issue is resolved in the ENS 10.7.0 September 2021 Update. Our product software, upgrades, maintenance releases, and documentation are available on the Product Downloads site.
NOTE: You need a valid Grant Number for access. See KB56057 - How to download product updates and documentation for more information about the Product Downloads site, and alternate locations for some products. Affected ProductsLanguages:This article is available in the following languages: |
|