There is an error in the installation code of Defender For Endpoint for macOS. The issue occurs while the installation process tries to determine if the app is already installed.
I troubleshooted this already and while extracting the pkg I found the issue in installlib.sh on line 145. The installation gets stuck in a while loop because the command on line 145 is wrong. This line will return the pid if any running service that contains "telemetryd". And if you have any other service that contains that the function will return a pid which will block the installation from continuing and timeout after 10min.
Issue code: PIDS=$(pgrep wdavdaemon telemetryd)
I have successfully changed the code and managed to install the app successfully. But whenever I apply an update the same issue occurs again so this needs to be fixed.
We are currently migrating from F-secure to DfE and so it seems its actually F-Secure that haves a service with that name.
#: /usr/local/f-secure/bin/fsctelemetryd.xpc/Contents/MacOS/fsctelemetryd
/Emil
