SB10034: McAfee SNS Notice: Hotfixes Resolve VSE and Host IPS Vulnerability
I read through the security bulletin SB10034 and the accompanying KB77192 article but was unclear if the Hot Fix VSE88HF805660 applied to machines running VSE 8.8 with no patch (184.108.40.2067).
in the affected software table it does not speak of VSE 8.8 with no patch and only mentions VSE 8.8 Patch 2 begin affected if yu upgraded from VSE 8.7 P5 or VSE 8.8 P1. I have neither case so if I upgrade my machines from VSE 8.8 no patch (220.127.116.117) to VSE 8.8 P2 do I still need to apply this Hot FIx after I upgrade to VSE 8.8 P2? I have included the affected software section of the security bulletin below. Thanks in advance.
VirusScan Enterprise (VSE) 8.8 Patch 1
VSE 8.8 Patch 2 (when updating from VSE 8.7 Patch 5 OR VSE 8.8 Patch 1)
VSE 8.7 Patch 5
Host Intrusion Prevention (Host IPS) 8.0 Patch 1 and Patch 2 (when updating from Patch 1)
Re: SB10034: McAfee SNS Notice: Hotfixes Resolve VSE and Host IPS Vulnerability
I spoke to McAfee tech support on this and they said that the base install of VSE 8.8 (18.104.22.1687) is not affected. I then asked if I were to upgrade my machines from VSE 22.214.171.1247 to VSE 8.8 Patch 2 would I need to apply the Hot Fix. They responded that I would NOT need to apply the Hot Fix if I upgrade my machines from VSE 126.96.36.1997 directly to VSE 8.8 P2.