Details
Applies to Lumension Endpoint Security 4.5+
ISSUE
By default, LES blocks the VMWare driver “hcmon” because it disconnects USB devices from the host machine and connects them to Virtual Machines. It does this in a manner that enables the Virtual Machine to bypass the protection provided by LES.
The same error occurs when VMWARE attempts to install the HCMON driver on a non-LES endpoint running SADEC.
Resolution
Disable the “hcmon” blocking functionality by creating a registry value (DWORD type, Data 1) in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SK\Parameters with the name EnableHCMON.
WARNING: Use this solution at your own discretion as it exposes a security vulnerability.
The recommended procedure to successfully install the VMware Client:
- Enable HCMON by creating a EnableHCMON registry value (DWORD type, Data 1) in HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SK\Parameters.
- Reboot the endpoint.
- Install VMWare View Client.
- Disable HCMON by removing the EnableHCMON registry value.
- Reboot the endpoint again.
Comments