This article describes patch requirements for McAfee products when upgrading to Windows 7 or Windows 2008 R2.

Patches and Upgrades Description; McAfee Web Gateway Products; McAfee Web Gateway formerly Webwasher and McAfee Web Content Reporter Patches and Upgrades.

McAfee VirusScan Enterprise 8.8 Patch 3 This article contains important information about known issues of high or medium rating that are outstanding with this.

VirusScan Enterprise 8.7i Patch 4 Known Issues. Technical Articles ID: KB69562 Last Modified: The remaining events are resolved in McAfee Agent 4.5 Patch 3 or later.

Purpose. This release of McAfee VirusScan Enterprise 8.8.0 contains a variety of improvements and fixes. Although McAfee has thoroughly tested this release, we.

Don t Take Chances Online.

Protect all your devices online with one McAfee product.

License s is are for personal use on all supported devices you own for the duration of your subscription.

Not all features are available for all operating systems; see system requirements for supported devices.

Copyright 2003-2015 McAfee, Inc. All Rights Reserved.

Print

VirusScan Enterprise 8.8 Patch 5 Known Issues Technical Articles ID:  KB81381

Last Modified:  12/1/2015

Rated:

Environment

McAfee VirusScan Enterprise VSE 8.8 Patch 5

For details of VSE 8.x supported environments, see KB51111.

Summary

This article contains important information about known issues of high or medium rating that are outstanding with this product release. This article will be updated if new issues are identified post-release or if additional information becomes available. To read the Release Notes, see:  PD25913.

Release to Support RTS : April 20, 2015

Release to World RTW : May 19, 2015 

Issue resolutions in patches and major releases are cumulative; therefore, Intel Security recommends that you install the latest version. To find the most recent release for your product, visit the Product Downloads site at

Known Issues

CRITICAL: 

Reference Number

Related Article

Issue Description

n/a

Issue: VSE 8.8 Patch 6 installs a version of SYSCORE that is not compatible with VirusScan Enterprise for Storage VSES 1.0.2. VSES 1.0.2 is not compatible with any product that installs SYSCORE 15.3 or 15.4. Examples: VSE 8.8 Patch 5 and 6, Host IPS 8.0 Patch 6, McAfee Agent 5.x

Workaround: VSES 1.0.2 is compatible with any product that installs SYSCORE 15.1 or earlier. Examples: VSE 8.8 Patch 2, 3, and 4; HIP 8.0 Patch 4; MA 4.x

Solution: A hotfix for VSES 1.1.0 is in development to add compatibility with VSE 8.8 Patch 7, Host IPS 8.0 Patch 7, and McAfee Agent 5.0.2.

An SNS will announce when the VSES 1.1.0 hotfix is released. To receive information about McAfee product updates, sign up for the Support Notification Service at https://sns.snssecure.mcafee.com/content/signup_login.

 

KB84987

Issue: Hyper-V VMs using pass through disks will not boot after installing VSE 8.8 Patch 5.

Resolution: See the related article.

Non-critical:

985788 1018728

KB83443

Issue: Non page pool memory leak on Server 2003 operating systems when On Demand Scan is configured to scan memory of running processes and/or rootkits.

Workaround: See the related article.

966892

KB84913

Issue: Access Protection rules are not visible in the ePolicy Orchestrator console after checking in the Patch 5 management extension.

1077093

KB70432

Issue: Windows Action Center indicates VirusScan is disabled, but inspection of the status of the scanner shows it is healthy and working.

KB84900

Issue: Access Protection rules designed to block the EXECUTE action continue to block processes that have been added to the Processes to Exclude list.

KB84087

Issue: McAfee Agent can lose communication with the ePO server and fail to enforce policies due to Access Protection blocking new McAfee Agent processes.

Issue: VSE uses. MSP files for product patches. Windows handles these files as a new product installation while adding the changes from the Patch to the original installation. VSE 8.8 Patch 5 . msp file does not support patch rollback or removal. Although the VSE product can be removed, the patch on its own cannot.

Resolution: To restore to an earlier VSE patch, you must first uninstall the current VSE product/patch, then reinstall the VSE product with the required earlier patch.

1046993

1053515

Issue:Incorrect action is recorded in Access Protection log file. Expected action was Delete but recorded action shows Write. Similarly entries where Execute was expected will show Read.

Resolution: Under investigation for Patch 7.

940611

Issue: Upgrading to Patch 5 from Patch 1 does not update the strings.bin file, causing the Help menu option for Known Issues to display as IDS_MENU_KNOWNISSUES.

Workaround: Apply Patch 2 first or uninstall the product and install the repost package that has Patch 5 already included.

832150

Issue:Modified ePO tasks are not applied to the client.

Workaround: Edit the task and click Save. The task can be applied to the clients using the option Force complete policy and task update.

901979

Issue: Access Protection alerts occur after installing Patch 5 on systems with SiteAdvisor installed.

Workaround: Reboot the client to establish Trust with McAfee components.

1046952

Issue: Access Protection fails to block a registry action when the protected key contains extended characters.

Resolution: Install VSE 8.8 Patch 6 which is available from the Product Downloads site using a valid Grant Number and the ServicePortal. See the Related Information section for details.

900042

Issue: VSE Patch 5 does not install on 64-bit systems running VSE Patch 1.

Workaround: Apply Patch 2 or later first, or uninstall the product and reinstall the repost package that has Patch 5 already included.

888146

KB78645

Issue: Access Protection violations triggered when uninstalling or upgrading from VSE 8.7i.

Workaround: See the related article.

903631

Issue: In ePO queries, filtering on BufferOverflow is not possible. Product BufferOverflow ALL Query BufferOverflow is missing from the drop-down list in a new query.

Resolution: Under Investigation for Patch 7.

903224

Issue: Double-byte languages do not properly display text for Query Criteria Properties in ePO.

1090908

KB85293

Issue: Bugcheck 8E with VirusScan Enterprise 8.8 Patch 5

Resolution: This issue is planned for resolution in VSE 8.8 patch 8. See the article for details.

n/a not available

Related Information

NOTE: When building an ePO query for the VSE Hotfixes field, the field is found in the section VirusScan Enterprise - Additional Properties. For information about how to create ePO queries to report on installed hotfixes, see KB67406.

Submitting a Product Enhancement Request

The Product Enhancement Request PER system is currently unavailable. For additional information on PERs, see KB60021.

To download from the Product Download Site

McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at:

NOTE: You will need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, as well as alternate locations for some products.

To download from the ServicePortal

Patches are available by logging in to the ServicePortal at: https://support.mcafee.com/downloads. 

Signing up for SNS service

To receive information about McAfee product updates, sign up for the Support Notification Service at https://sns.snssecure.mcafee.com/content/signup_login.

Rate this document

1

2

3

4

5 Best

Did this article resolve your issue.

Yes

No

Please provide any comments below

Affected Products

Known Issue/Product Defect

VirusScan Enterprise 8.8

Languages:

This article is available in the following languages:

German

English United States

Spanish Spain

French

Italian

Japanese

Korean

Dutch

Portuguese Brasileiro

Chinese Simplified

Chinese Traditional

Beta

Translate

with

Select a desired language below to translate this page.

Glossary of Technical Terms

Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.

Access Protection Policy content no longer displays in ePolicy Orchestrator after deploying the VirusScan Enterprise 8.8 Patch 5 or Patch 6 extension Technical Articles ID:  KB84913

Last Modified:  9/23/2015

McAfee ePolicy Orchestrator ePO

McAfee VirusScan Enterprise VSE 8.8 Patch 5 and Patch 6 extension

Problem

Access Protection Policy content no longer displays in ePO after deploying the VSE 8.8 Patch 5 or Patch 6 extension to a non-C: volume.

Cause

If ePO is installed on a volume where the 8.3 naming convention has been disabled, the VSE 8.8 Patch 5/6 extension will not display Access Protection content.

ePO 5.x is supported on volumes where 8.3 8.3 filename creation is disabled; however, the VSE 8.8 patch 5/6 extension has an issue that causes the described symptom when 8.3 naming is disabled.

Solution

Intel Security is evaluating this issue to determine if a solution can be included in VSE 8.8 patch 7 not yet available.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged in to subscribe.

Workaround 1

Perform the following steps to reinstall the extension.

CAUTION: This article contains information about opening or modifying the registry.

The following information is intended for System Administrators. Registry modifications are irreversible and could cause system failure if done incorrectly.

Before proceeding, Intel Security strongly recommends backing up your registry and understanding the restore process. For more information, see:

Do not run a. REG file that is not confirmed to be a genuine registry import file.

Preserve your current data

WARNING: Intel Security strongly recommends that you back up your ePO server before you perform the steps in this workaround. This procedure removes product extensions, resulting in a total loss of any configured policies and tasks. Verify that your backup strategy allows for restoration, and that the policies and tasks exported below include ALL items that will be lost when the extensions are removed.

Back up the ePO server.

Verify your backup.

Enable 8.3 on the volume where ePO is installed.

Use the following fsutil.exe commands to Query and Enable 8.3 Per Volume on Windows 6.2, where X: is the volume where ePO is installed:

fsutil.exe 8dot3name query X:

fsutil.exe 8dot3name set X: 0

 

Verify that 8.3 is now set to ENABLED for the volume where ePO is installed regardless of the configuration of 8.3 on other volumes :

Navigate to the following registry location:

                    

HKEY_LOCAL_MACHINE SYSTEM CurrentControlSet Control FileSystem

Check the value of NtfsDisable8dot3NameCreation. 

The ideal setting is either 0, or 2  where the volume setting for X: is 0.

Restart the server.

Export any policies and tasks for VSE-dependent products such as VSE for Storage, VSE for Offline Virtual Images, and VSE for SAP.

Export the VSE 8.8 policies and tasks, the assignments for each, and any custom VSE queries.

Verify all required policies and tasks, and any other content that will be lost as a result of extension removal, are present in the exports.

Remove and reinstall the extensions

Remove the extensions for any VSE-dependent products, if any.

Remove the VSE 8.8 Patch 5/6 extension.

Reinstall the VSE 8.8 Patch 5/6 extension.

Install the extensions for any VSE-dependent products.

Import the VSE 8.8 policies and tasks.

Import any policies and tasks for VSE-dependent products.

Workaround 2

Enable 8dot3NameCreation on the drive where ePO was installed.

NOTE: This applies if NtfsDisable8dot3NameCreation has an existing value of 2 or a newly configured value of 0.

This SHOULD NOT be attempted if 8dot3 enabled shortnames are already in use on the drive in question. Use the DIR /X command if you are uncertain whether or not 8dot3 enabled shortnames are currently in use.

Stop the ePO services.

IMPORTANT: If you do not stop the ePO services, you will see Access Denied messages when you attempt the setshortname commands below. You may also need to disable the ePO services and reboot the system to avoid any file locks.

Run the following commands from an elevated command prompt, using the drive letter that hosts the ePO installation directory example shown below as X: :

fsutil.exe 8dot3name set X: 0

fsutil file setshortname X: Program Files x86 PROGRA 2

fsutil file setshortname X: Program Files x86 McAfee ePolicy Orchestrator EPOLIC 1

fsutil file setshortname X: Program Files x86 McAfee ePolicy Orchestrator Server extensions installed VIRUSCAN8800 VIRUSC 1

fsutil file setshortname X: Program Files x86 McAfee ePolicy Orchestrator Server extensions installed VIRUSCANREPORTS VIRUSC 2

fsutil file setshortname X: Program Files x86 McAfee ePolicy Orchestrator DB Software Current BOCVSE__1000 BOCVSE 1

NOTE: The last entry will only exist if a current Buffer Overflow DAT is already checked in to the Master Repository.

Start the ePO services.

Workaround 3

Enable 8.3 names, move the VSE extensions directory to another location, then replace it.

Open a command prompt as an Administrator and run the following command  example shown below as X: :

Move the X: Program Files x86 McAfee ePolicy Orchestrator Server extensions installed VIRUSCAN8800 directory to another location, then move it back again.

This will create the 8dot3 name automatically. This solution has resolved the issue during Intel Security internal testing without the need to move the other above mentioned directories.

NeitherWindows or McAfee are not working when not connected to the netgear router. This is a new computer and if I remove the router from the configuration, the.

Resolving the recent update issues with McAfee Consumer Products. Summary: This document explains how to update McAfee Consumer products using the McAfee.

Featured Free Trials McAfee Complete Endpoint Protection Enterprise. Antivirus, antispam, web security, firewall, and intrusion prevention for all your endpoints in.

As part of their security subscription users will automatically receive the upgrade to the Windows 7 compatible version of their McAfee product.