Showing results for 
Search instead for 
Did you mean: 
Level 13
Report Inappropriate Content
Message 1 of 5

Release Notes for McAfee VirusScan 8.5i Patch 7

Release Notes for VirusScan Enterprise 8.5i Patch 7 (Readme.txt)


McAfee VirusScan Enterprise 8.5i
Microsoft Windows


NOTE: Patch 7 is currently in a Managed Release period, where select customers receive the Patch and work closely with Tier III Support to implement the Patch and provide feedback. Any issues found are investigated and addressed. This article will be updated when Patch 7 reaches General Release, which is expected to be 7 November 2008.

Customers who wish to participate in this Managed Release program should contact their Technical Account Manager or Support Account Manager. For more details see 615747.

Patch Release: October 6, 2008

This release was developed and tested with:

- VirusScan Enterprise:8.5i
- DAT Version: 5382, September 11, 2008
- Engine Version: 5.3.00


1. The on-demand scanner has been updated to better use the System Utilization setting throughout the
entire scanning process.

Refer to McAfee Support Knowledgebase article
9197288 for further information.

2. This Patch contains a new Buffer Overflow and Access Protection DAT (version 378), which adds an
Access Protection category for Virtual Machine Protection. These rules provide access protection
functionality for virtual machines.

To manage the new Virtual Machine Protectioncategory with ePolicy Orchestrator 3.x or
ProtectionPilot, you must use the latest NAP file, included in this Patch package, or VirusScan 8.5i
Repost Patch 5.

For ePolicy Orchestrator 4.x users, the Extension update also contains the updated rule file. The
updated Extension package is available on the web product download area under the Patches category.


The resolved issues are divided into subsections per
patch, showing when each fix was added to the


When installing a VirusScan Enterprise 8.5i patch, the existing On-Access Scanner service might fail
to unload. This leads to two instances of the service, with one consuming a high amount of CPU

The On-Access Scanner service had been updated to avoid a runaway thread scenario that caused the
service, being replaced, to not stop.

To avoid this issue while installing Patch 7 or later, install HF427887 first. Refer to McAfee
Support KnowledgeBase article 616344 for further information.

Changes to the VirusScan Enterprise core subsystem disabled performance optimization for handling
frequent write actions to INI and LOG files.

The Anti-Virus Filter Driver was corrected to ensure that scanning of specified file extensions
is optimized, as in previous versions.

A three-party deadlock occurred, causing the On-Access Scanner to become blocked until it times
out. This causes the scanner service to time out and eventually self-terminate.

The Common Shell scanner has been updated to prevent the On-Access Scanner from becoming blocked
while the security libraries are loaded by the system.

The extended reports NAP contained some ePolicy Orchestrator stored procedures that were needed to
add support for the VirusScan product line. The ePolicy Orchestrator patches have since made new
modifications to the same stored procedures. Therefore, when the VirusScan extended reports NAP
is checked in after the new ePolicy Orchestrator modified procedures are in place, they are
overwritten and the newer functionality is lost.

The VirusScan extended reports NAP has been revised to no longer replace the ePolicy Orchestrator
stored procedures.

If the Lotus Notes client is running during the uninstall of VirusScan Enterprise 8.5i, the Lotus
Notes Scanner entries might not be properly removed from the NOTES.INI file. This can cause the Lotus
Notes client to crash on subsequent starts.

The Lotus Notes Scanner module has been corrected to remove its entries in the NOTES.INI file for all

The VirusScan Enterprise Patch installer did not correctly preserve the MIDFileTime registry value.
This caused the McAfee Installation Designer (MID) .CAB files to be re-applied at the time of

The Patch installer has been updated to correctly preserve the binary value of MIDFileTime.

Changes made in Microsoft Vista SP1 and later, in how the operating system opens/views network files,
caused delays in opening new network paths, with the On-Access Scanner’s Network Scanning feature

The link driver has been modified to use a different method of accessing the network resources
that avoids the delays imposed by the operating system change.

A 7E bugcheck (blue screen) might occur if an application shut down immediately after sending
data over the network.

The link driver has been revised to better handle data that is transmitted by applications after the
driver has stopped.

When the VirusScan NAP is checked in, it runs a script that enables anti-spyware settings in
policies and tasks, if the AntiSpyware 8.5 module NAP is in the ePolicy Orchestrator repository. The
intended purpose of the script is similar to the local AntiSpyware module installer, which enables
its settings when installed on a local system.

The VirusScan NAP has been updated so that the script is disabled during check-in of the VirusScan
NAP package. This prevents the anti-spyware settings from being enabled when updating the
VirusScan NAP.

The McAfee AntiSpyware 8.5 module NAP has the same script in it. This means that if the McAfee
AntiSpyware 8.5 module NAP is installed after the VirusScan NAP, the anti-spyware settings are still

10. ISSUE:
Servers that deal with many file writes were becoming unresponsive.

The anti-virus filter driver was revised to correctly filter and dispatch scans on write.
4 Replies
Level 7
Report Inappropriate Content
Message 2 of 5

RE: Release Notes for McAfee VirusScan 8.5i Patch 7

Level 7
Report Inappropriate Content
Message 3 of 5

RE: Release Notes for McAfee VirusScan 8.5i Patch 7

I only see Patch 6.1 available. Has 7 been released to the public?
Level 13
Report Inappropriate Content
Message 4 of 5

RE: Release Notes for McAfee VirusScan 8.5i Patch 7

Yes, Patch 7 has been released. I was able to download it this morning from site listed below:

Patch 7 installation problem

Can someone help how to install patch 7 through command prompt.As thr GUI while installing it throws on last page directly and saying there it is interuppted by last enterprise insallation.