Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
1
Helpful
8
Replies

Cisco Secure Endpoint 8.4.4 blocks PowerShell command for 5 seconds

sriediger
Level 1
Level 1

‎03-12-2025 02:44 PM

Dear Cisco Support Team,

after upgrading to Cisco Secure Endpoint 8.4.4.30419 PowerShell Scripts/Command are blocked for 5 seconds

Environment

  • Windows 11 24H2

Steps to reproduce

  • Open PowerShell ISE
  • Create a PowerShell Script and save it as TestExecutionDuration.ps1

 

 

 

# Measure the time taken to execute Get-Service
$duration = Measure-Command { Write-Host "Hello World!" }

# Output the duration in seconds
Write-Host "The command took $($duration.TotalSeconds) seconds to execute."

 

 

 

  • Execute the Script 
  • The duration for the execution of the script for different anti-virus programs
Cisco Secure Endpoint 8.4.4.304195.01 seconds
Cisco Secure Endpoint 8.2.10.01 seconds
Windows Defender0.01 seconds

sriediger_0-1741815448712.png

sriediger_1-1741815602108.png

sriediger_2-1741815658886.png

Hopefully you can fix the bug.

Best regards,

Stefan

 

 

 

 
 

 

 

1 person had this problem
Labels:
0 Helpful
8 Replies 8

sriediger
Level 1
Level 1

‎03-12-2025 02:46 PM

Sorry I have added the wrong screen shot before. Here is the correct one for 8.4.4.30419

sriediger_0-1741815937121.png

 

0 Helpful

Roman Valenta
Cisco Employee
Cisco Employee
In response to sriediger

‎03-12-2025 03:34 PM - edited ‎03-12-2025 03:35 PM

Hi,

 

We do track currently some performance issues regarding 8.4.x train, and there was few BUGS already raised. Also if I understand this correctly the issue is not necessarily with blocking anything rather than delayed response is that correct?

In other words the execution will eventually happened but delayed.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwo32158

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwo37513

Roman

0 Helpful

ajmudrak
Level 1
Level 1
In response to Roman Valenta

‎04-11-2025 01:09 PM

I'd like to add that if you open a PowerShell window, when you run a script the first time it is very slow and delayed as discussed. When you run it a second and subsequent times in the same window, it is normal speed.  However, if you make changes to the script, the next run in that PowerShell window will be very slow again--but once again additional runs after that run is normal speed again.  If you close that window, or simply open a second separate PowerShell window and run the same script, it is very slow on the first run, but subsequent runs are fast, unless modified.

Bunged
Level 1
Level 1
In response to Roman Valenta

‎04-13-2025 11:02 PM

I don't think these two bugs match the description in this thread.
In my case, there is no detectable (high) CPU usage. Instead, it just seems to be artificially delayed.
Opening PowerShell 7 on a Windows Server or Windows 11 client looks like this

PowerShell 7.5.0
Loading personal and system profiles took 5060ms.
PS C:\Users\me>
0 Helpful

sriediger
Level 1
Level 1

‎03-12-2025 08:55 PM

Hi Roman,

Yes, you are right, the line is executed but the response is 5 seconds delayed.

best, Stefan

0 Helpful

David Janulik
Cisco Employee
Cisco Employee

‎04-16-2025 02:56 AM

Hello, the test you're performing might not validate executing PS command itself, but the software accessing the .Net buffer.

My test performed on Win 11 24H2

Visual Studio:

TotalSeconds : 0.0094327

Powershell 7 cli:

TotalSeconds : 0.050658

 

 

Cyber security escalation engineer
0 Helpful

sriediger
Level 1
Level 1
In response to David Janulik

‎04-16-2025 03:59 AM

Hi David,

As an end user, the root cause—whether it's related to .NET buffering, file access, or something else—is not relevant to me. What matters are the effects, which are the actual problem. For example, in my MSI installers, I use a lot of PowerShell scripts, which result in a poor user experience: when clicking the Next > button in the wizard, the UI freezes for 50 seconds.

I just wanted to help you reproduce the issue with that example.

I would be really super happy if you could fix it soon.

Thank you in advance.

Best regards,
Stefan

 
 

 

 

0 Helpful

ajmudrak
Level 1
Level 1
In response to David Janulik

‎04-18-2025 07:40 AM

David, what were the steps you used in your test, and did the test machine have Cisco Secure Endpoint 8.4.4.30419?  I wanted to try this on my end as well; in case your steps happen to be different than the ones we tried.

Also, would you be able to provide more detail on what you meant by "validate executing PS command itself" in this case?  Do you literally mean typing in and executing a single command in the console by hand as opposed to running a script that happens to use .NET?  I was also wondering if you considered the additional information I provided about first-runs vs. subsequent runs, separate PowerShell processes, and editing the file, and its effects on the test? 

The issue is when a .ps1 script is run within a PowerShell process, if that helps clarify things.  It also takes an additional 5 seconds when a PowerShell script runs another PowerShell script within it (for the first time it attempts to run it, in a fresh PowerShell process).

0 Helpful
Customers Also Viewed These Support Documents