I cant be the only one experiencing this. S1 seems to be causing issues with Windows Servers being consistently patched. We have exclusions in place, but this doesn't seem to help. When we want patches to be fully applied across all servers, we have to disable the S1 agent completely during patching window. This is of course unacceptable. Anytime I contact support all they say is they see the device that had issues when trying to scan and receive this error:
{"args":"","response":":\"255\",
They then point me to their documented S1 exclusions. I’ve attached our S1 exclusions that we have in place but they don't seem to help. I even tried changing the amagent execution directory to C:\ProgramData\amagent and that didn't help either.

