cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

Microsoft has published the following article:

https://support.microsoft.com/en-us/help/4072699/important-information-regarding-the-windows-securit...

That article states that there is a known issue with their patch for the recent Intel security vulnerability (Meltdown) with AV vendor products. Microsoft says to check with your vendor to see if they are affected and if so what the vendor's response is. As well, the vendor is expected to set a registry key on compliant systems which allows the Microsoft patch to be offered for install.

What is McAfee's official response? Does it depend on McAfee's AV product? If so what is the matrix of compatibility (McAfee AV product, version, notes, etc.)?

Looking for an official corporate response from McAfee on this one. Appreciate the help!

8 Replies
twenden
Level 13
Report Inappropriate Content
Message 2 of 9

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

Waiting on  response from our McAfee Account Manager. Hopefully, this only affects the AV and not other McAfee products. On another thread, someone got a response and said that McAfee is not supported. We will have to wait and see what the fix will be. Kinda of crazy since most of use have thousands of endpoints to manage.

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

We're looking for answers as to when McAfee is going to address this as well.

twenden
Level 13
Report Inappropriate Content
Message 4 of 9

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

FYI,

There is a KB90167 article from McAfee, the link is below. Got both of thse links from our McAfee Account Manager today.

McAfee Corporate KB - Meltdown and Spectre – Microsoft update (January 3, 2018) compatibility issue ...

Decyphering the Noise Around ‘Meltdown’ and ‘Spectre’

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

As usual, McAfee only addresses the latest release of each product, even though previous releases are still under Platinum Support Agreements. For example VirusScan Enterprise 8.8 Patch 4 is still supported by McAfee but is not explicitly listed in the bulletin above. The same goes for their other products. I tested the Microsoft updates on VSE 8.8 Patch 4 and Agent 4.8 Patch 2 and no issues on Server 2012 R2.

cdobol
Level 10
Report Inappropriate Content
Message 6 of 9

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

This is frustrating that they won't validate all previous patches that they would support.  This is an example of one of the reasons why we migrated to a different AV vendor.

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

I understood that they are, they are working backwards from the most recent releases to the oldest supported releases. They figure that by Tuesday they will have everything tested.

cdobol
Level 10
Report Inappropriate Content
Message 8 of 9

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?

I hope you are correct...  I will be pleasantly surprised.   The support person I spoke to set the expectation that they would only go as far back as patch 8 because most people are already on those patch versions (8+).

exbrit
Level 21
Report Inappropriate Content
Message 9 of 9

Re: What is McAfee's official response to Intel's security flaw and Microsoft's Update statement?