Following a McAfee anti-virus update, Portrait Foundation fails to start

Product Feature: General enquiry


Following an update to McAfee anti-virus (McAfee KB77190 - Vulnerability with an unquoted service path in SiteAdvisor Enterprise), the Portrait Foundation services fail to start.
This prevents Portrait Foundation from working on any server that has had this patch applied.


The vulnerability that McAfee is trying to patch is described here.
Unfortunately, the McAfee patch fails to consider whether the Image Path for any Windows Service includes any runtime parameters...


UPDATED: April 4, 2017
The resolution for this issue is to open the registry* and navigate to the following location:

Locate the four Portrait Foundation service keys. They should be called:
  • MyPortraitClientEvents
  • MyPortraitController
  • MyPortraitServiceHostAlternate
  • MyPortraitServiceHostPrimary
(Where MyPortrait is the name of your Portrait System).
In the ImagePath setting for each of the above services, note that the value contains the full path to the Hostu.exe service and two parameters called /System and /Service.

In native Portrait Foundation, there are no quotation marks in this value.
To resolve the issue - and effectively apply the vulnerability patch manually - simply edit the existing value so that the full Hostu.exe file path is surrounded by double quotes.
For example, with the Controller service:
"C:\Program Files (x86)\PST\Portrait Foundation\Common\Bin\Hostu.exe" /System MyPortrait /Service MyPortraitController

If you find that the McAfee patch has been applied to multiple servers, you may wish to create a .reg file that can write the correct values in one go.

* Editing the Windows registry is dangerous and can cause your PC to become unresponsive or irrecoverable. Please do not attempt to make any changes to the registry if you are not completely sure of what you are doing. Pitney Bowes take no liability if a registry change breaks your system.