Summary This article contains the text of the Readme file for Patch 8 for McAfee VirusScan Enterprise 8.5i. Solution
The first 4 weeks following the patch release are carefully monitored by McAfee Tier 3 Support, referred to as the Managed Release program. During this time the patch is delivered to customers who meet criteria for participating in the managed release, and at McAfee Tier 3 Support's discretion. Following the 4 week managed release the patch is made generally available. To participate in the Managed Release program contact your Support Account Manager.
Customers with Platinum Support wishing to obtain the updated Reporting capabilities in Patch 8 with respect to Artemis Technology should also contact their Support Account Manager.
Target date for Patch 8 General Availability: 2/24/2009
NOTE: The above text is not part of the original Release Notes for McAfee(R) VirusScan(R) Enterprise Version 8.5i Patch 8.
Release Notes for McAfee(R) VirusScan(R) Enterprise Version 8.5i Patch 8 Copyright (C) 2009 McAfee, Inc. All Rights Reserved
1. VirusScan Enterprise with the AntiSpyware Module can now be set so that it no longer places cookie detections in the quarantine folder. They instead are deleted permanently as part of the clean action.
NOTE: By setting the DWORD "DisableCookieBackups" registry entry to 1, cookie detection quarantines no longer occur.
2. The on-demand scanner has been updated to better use the System Utilization setting throughout the entire scanning process.
Refer to McAfee Support KnowledgeBase article 9197288 for further information.
3. This Patch contains a new Buffer Overflow and Access Protection DAT (version 378), which adds an Access Protection category for Virtual Machine Protection. These rules provide access protection functionality for virtual machines.
NOTE: To manage the new Virtual Machine Protection category with ePolicy Orchestrator 3.x or ProtectionPilot, you must use the latest NAP file, which is included in this Patch package, or VirusScan 8.5i Repost Patch 5.
For ePolicy Orchestrator 4.x users, the Extension update also contains the updated rule file. The updated Extension package is available on the web product download area under the Patches category.
The resolved issues are divided into subsections per patch, showing when each fix was added to the compilation.
PATCH 8 RESOLVED ISSUES
1. ISSUE: In Patch 7, the McShield resource files were missing some string tables that were responsible for On-Access Scan and On-Demand Scan status.
RESOLUTION: McShield.dll has been corrected to include all the proper strings for displaying information on non-English installations.
2. ISSUE: A timing issue could occur during the import of the McAfee Installation Designer (MID) configuration. During the installation of VirusScan Enterprise, the temporary registry information sometimes was not available before the registry editor attempted to apply the settings. The process generated an application event, ID 1006, while the registry editor attempted to reapply the settings until it was successful.
RESOLUTION: The McAfee Installation Designer configuration applicator was revised to no longer report the error, because it does not represent a true failure in the process.
NOTE: To prevent the generation of this error, use the repost package that includes this Patch release.
3. ISSUE: On multi-processor systems that receive files from remote clients, some instructions were being executed frequently and unnecessarily, acquiring an exclusive lock on all processors. This created a bottleneck in the file I/O being written to disk.
RESOLUTION: The link driver has been revised to eliminate the described bottleneck.
4. ISSUE: Access Protection block rules that were created for USB devices sometimes did not handle removing and reinserting the device multiple times.
RESOLUTION: The Access Protection, Anti-Virus Filter, and Link drivers have been updated to better handle re-hooking the device.
5. ISSUE: The On-Access Scanner was not properly utilizing the "Scan files opened for Backup" option.
RESOLUTION: The Anti-Virus Filter driver has been rectified to properly interpret the flag being sent from the On-Access Scanner.
6. ISSUE: Certain detections with multiple infections or clean actions were logging the action two times. One entry was made during the middle of the process, and the other during the final resolution.
RESOLUTION: The Common Shell scanner has been updated to report only the final resolution of the detection.
7. ISSUE: The repair option for McAfee AntiSpyware Enterprise Module would execute during the patch process. This caused the cookie and registry scan targets to be re-added to On-Demand Scan tasks that were removed by the user.
RESOLUTION: The patch installer has been updated to preserve the On-Demand Scan anti-spyware scan targets.