A vulnerability has been discovered that affects the following versions of VirusScan Enterprise (VSE) and Host Intrusion Prevention (Host IPS):
The CVSS score (http://nvd.nist.gov/cvss.cfm) for this vulnerability is 5.6, but McAfee recommends that the upgrade and hotfix installation take high priority.
For full instructions and information, see the following articles:
What if we already have a Hotfix checked in for HIPS 8.0 Patch 2 like 771202? Can I check in more than one HF into my Current branch? If so will my clients install both HFs and in the correct order?
Thanks in advance.
Looks like for VSE it states in the KB:
IMPORTANT: The order of installation is important. For both VSE 8.8 and Host IPS 8.0, Patch 2 must be installed before the accompanying hotfix.
Yes I understand that the HF has to be installed after the Patch is installed. My point is that after I have HIPS 8.0 Patch 2 installed I have an older HF (771202) that is also installed after Patch 2 is applied to may machines because it is checked into my ePO server's current branch. I just tried to check the new HF into my test ePO server that also has the older HF for patch2 (771202) and they could not both be checked into the same branch within ePO. So I called McAfee support and they said that I would have to first deploy my older HF to my machines (771202) and then check in the new HF 791162 and deploy it. My question is what do I do with new machines that need both Hotfixes (771202 and 791162)? As is stands right now it looks like I would have to have one checked into the current branch and then have the other one checked into another branch like previous. I would then have to chnage the McAfee Agent policy for the machines to pull the updates from the current branch then switch it to pull from the previous branch in order to get both HotFixes. Am I missing something? Is there an easier way? We have multiple new machines everyday and this seems like a ton of overhead.
Yes, We can checkin as many Hotfixes as we want.
Please follow this table tofix this Vulnerability.For VSE 8.8 P1, first apply P2 and then HF 805660.
|VSE 8.7i Patch 5||Apply HF 792686|
|VSE 8.8 Patch 1||Apply Patch 2** + HF 805660|
|VSE 8.8 Patch 2||Apply HF 805660|
|Host IPS 8.0 Patch 1||Special Considerations*|
|Host IPS 8.0 Patch 2||Apply HF791162 (KB77336)|
This has not been my experience. When I attempted to check in 2 hotfixes for HIPS 8.0 Patch 2 into the current branch of the ePO server it would not let me. It would either move one of the hotfixes to another branch or dump it all together. This is also what McAfee support has stated to me today fater sekaing with them on this issue.
Oh, I see - well, you can't do more than one to current I don't think, but I believe that the product update task will actually draw from current or eval. A problem will be making sure the patch 2 isn't in either when the patch/hf task is run.
Is there some sort of tool that can combine McAfee Hotfixes into one hotfix like a SuperDAT or similar to facilitate this? I realize this is a newly found vulnerability but when can we expect a patch that includes all of the Hotfixes so we do not have to deploy three separate pieces of software? (HIPS 8.0 P2 Installation, HotFix 771202, and HotFix 791162)Message was edited by: kink80 on 2/11/13 3:47:17 PM GMT-06:00
Please see below, you can checkin all 3 Hotfixes in the same branch, until or unless same package is already there.
Message was edited by: alexn on 2/11/13 4:07:01 PM CST
I have 2 screenshots showing what I mean. In the first screenshot you see that Host Intrusion Prevention Hot fux 8.0.0 771202 is installed in the Current Branch. I then check in Host Intrusion Prevention 8.0.0 Hot Fix 791162 into the Current branch and the second screenshot shows what I get. There is no Hot Fix 771202 at all in any branch and 791162 is in the current branch.