I just had few calls from users.
McAfee gives message about buffer overload while opening .pdf files generated by scanner
log enteries in polish:
2014-02-20 10:54:54 Zablokowane przez ochronę przed przepełnieniem buforu xxx\xxxxxxxxx C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe:NTDLL.KiUserExceptionDispatcher::81000 Przepełnienie buforu: pamięć
in my breaken translation it would be
2014-02-20 10:54:54 Blocked by Buffer Overload Protection xxx\xxxxxxxxx C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe:NTDLL.KiUserExceptionDispatcher::81000 Overloaded module: Memory
is it sth I should care of? or is it just unwanted warning ?
I think there could well be an issue with Patch 4!
I pushed it to a client yesterday and the phones lit up. Many applications reporting Buffer Overflow including Excel, Outlook, Adobe etc!
ePO has gone nuts with all the events coming back!
I have removed Patch 4 from the repository and turned off Buffer overflow protection until a new patch 4 is released. I wouldnt normally mind but every McAfee product or update that comes out at the moment seems to cause more problems than it resolves!
Im having the same issue with WInXP sp3 workstations running MS Word 2000, Microsoft Access 2000 and Access 97
C:\Program Files\Microsoft Office97\Office\MSACCESS.EXE:NTDLL.KiUserExceptionDispatcher::1adbe8
Looking into it now.
I have a case open with McAfee now. I sent them my MER and ETL trace log. As soon as I get more info I will post the update.
In testing, Ive updated Winxp, office2k and Office97 (yes we use access97 DBs) with all patches and the problem persist. I can launch the access.exe but I can not open the majority of our Access databases. I turned off BOP for all devices until this problem gets resolved.
What we're really looking for here is a VM that reproduces the issue.
We've seen other ETLTrace data already, and it's not as helpful as we need. It has been quite the challenge too getting a VM from someone who's able to reproduce the symptom, but we'll keep trying.
Yes, there is definitely an issue. Our phone lines blew up after our test group received Patch 4. I did what was suggested here and stopped Patch 4 from going out and also disabled BO protection for the time being. I know I could've just turned off the warning the users see or put it in warn mode, but didnt want to flood the logs.
I'm aware of one very large corporation who now has broken every machine they have worldwide with this patch.
I would expect there to be one clear desk at McAfee this morning along with an empty space in the car park.
We deployed patch 4 on our enviroment, with all the errors and buffer overflow messages. My question: How to disable/uninstall patch 4, or how to enforce to disable the bufferoverlow?
NickMessage was edited by: nicklut on 2/21/14 7:32:03 AM CST