Hi Kiwi, I've been troubleshooting this for a while now. I did see in the logs it is considering it as a threat whenever the download status reach 85% and it is failing at that point. So, I created a test policy for exclusively to that machine which is trying to upgrade and narrowed the issue down to my file blocking security profile. I have 7z, bat, chm, cpl, dll, hlp, hta, jar, msi, ocx, PE, pif, rar, scr, torrent, vbe, wsf file types in the block list at the moment. Now, it is just the matter of finding which exact file type needs to be allowed. I have a palo support guy say the same. Trying to get help from Apple support to see what exact file type they need has been a nightmare.
... View more