I, too, have noticed this problem, starting the morning of 3/17.
We have McAfee VS Enterprise 8.5.0i, scan engine 5400.1158, current DAT version 5924.0000 (although it started on 3/17 with an earlier DAT).
Also on machines of users with admin privilege.
See also another thread on same topic: http://community.mcafee.com/message/120087Message was edited by: lowlyenduser to add link to another thread on 3/19/10 8:36:09 AM CDT
Got this from Support.
It looks like the problem is being caused by the new BOP(Buffer Overflow Protection) DAT update that went out on March 16th. The new version 480 vscan.bof file (Buffer Overflow and Access Protection rules file) has a change in it that can results this kind of problem.
They are working on a fix but the work around is to exclude Outlook.exe from the protection rules.
Will post an update when they come back with the fix.
i am at dat version 5930 and am still having the issue. i am so glad to see it's not just me. any ideas when McAfee will get it fixed? i am waiting to see if anyone else is having the issue in our organization.
I'm having the same issue. On phone with tech right now and he is telling me I should call microsoft. Found this article, gave it to him and am now on hold.
Thank you BOP...
McAfee posted a response in the other thread relating to this issue; http://community.mcafee.com/message/120323#120323
Just to give you all some assurance here as to what is happening.
McAfee is aware of this behaviour occuring on machines running VirusScan 8.5 primarily. This issue seems to have occured when a new Buffer Overflow DAT was released on the 16th March 2010 which was version 480
I can assure you all that this issue is being investigated by McAfee seniors and should be fixed with a new BOC DAT update. This is most likely to be version 491 and should be released soon.
In the meantime, a workaround would be to add Outlook.exe as an exclusions in the rule of Access Protection that is being triggered.
Hope this helps.
Looks like this has been cured, no notification from McAfee but checked our ePO this morning and we have updated
|Buffer Overflow DAT for VirusScan Enterprise||DAT|
Checked out fat clients and citrix servers and the error has now gone
I can confirm receiving the 493 version of Buffer Overflow and Access Protection, however I did not see any mention of this upgrade in the daily DAT email, is there any other way McAfee alerts customers when this is updated?
Our users have started to see this McAfee notifications related outlook.exe. I know this is known issue but is there any permanent fix other than adding outlook.exe as exlusion in Access Protection.
Please update me.
Download the new ePolicy Orchestrator (ePO) Support Center Extension which simplifies ePO management and provides support resources directly in the console. Learn more about ePO Support Center