The endpoint agent stops installing or stops running on Windows endpoints and a Windows Platform FIPS error message appears in the endpoint agent logs.
You see the error message in the EndpointAgent.txt log file located here:
- %ProgramData%\Malwarebytes Endpoint Agent\Logs\EndpointAgent.txt
The following error shows in the log file:
- Error: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
Cause
Malwarebytes Nebula does not support the FIPS validation for encryption modules and the endpoint has this enabled.
Resolution
- Disable Microsoft FIPS in the Group Policy or Local Policy.
- Group Policy: Disable the Microsoft FIPS module in the group policy. For more information, see Microsoft FIPS.
- Local Policy: Follow the steps below to disable Microsoft FIPS in your local policy:
- In Control Panel, click Administrative Tools, and double-click Local Security Policy.
- In Security Settings, expand Local Policies, and then click Security Options.
- Under Policy in the right pane, double-click System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing, and then click Disabled.
- Click OK.
- Install the Malwarebytes endpoint agent.