Noticed in the Release Notes issued with the McAfee Agent 4.6.0 Patch 2 Reposted for
McAfee Agent 18.104.22.16835
under Resolved Issues:
Important – If you have already uninstalled Patch 2, first run the MA 4.6.2 Uninstaller Fix program provided before restarting the computer. The fix program will restore the missing signatures. Second, upgrade to MA 4.6 Patch 2 Repost.
I am so far unable to locate the MA 4.6.2 Uninstaller Fix program.
Looks like this is related to the windows catalog store corruption..
Should it be run on a machine that did not blue screen ?
Should it be run when an older agent was force installed ?
Wondering what to do with the repository server to which MA 22.214.171.12418 was applied to, and then 126.96.36.1992 was force installed to so that the mcafee repository would work again. The machine has not been rebooted.
Would prefer not to have a blue screen when we reboot it.
opened up a case with McAfee Gold Support.
They gave me the tool MA46p2fix.zip via ftp download.
They said they would update KB#:KB75956 and add this tool to it.
This tool indeed copies stuff around in the catroot area to fix missing signatures.
If you have already uninstalled Patch 2, first run the MA 4.6.2 Uninstaller Fix program provided before restarting the computer. The fix program will restore the missing signatures. Second, upgrade to MA 4.6 Patch 2 Repost.
I can confirm that the KB article referenced (KB75956) has indeed had the hotfix posted to it. I downloaded it last night as part of triaging my estate. If anyone is concerned, I spoke to support who categorically stated that the hotfix can be run on any system, irrespective of whether you've uninstalled v 2918 and installed WIndows Updates - if you have, it fixes the problem before a reboot, if you haven't, it does nothing. This helped me out a lot, as I had a number of systems that, for whatever reason, wouldn't take patch 2 of the agent so I forced an install of the vanilla 4.6 agent from the command-line over the half-borked original install - but I did this manually, so had njo record (or recollection) of which systems I'd done it to. In the end I just deployed the hotfix to all of 'em and (so far, fingers crossed) none of them have BSODed on reboot.
For shame McAfee. Hot on the heels of the 8.8i DAT fiasco earlier this week comes this? WTF happened to your QA testing - do you even do it any more?
Completely agree with you zebulebu its utterly ridiculous for one of these to have made it out into the wild but two just makes me lose any faith in McAfee. I know when our subscription runs out next year if I have the time to, I will review other vendors as this has caused me no end of problems and its been really unclear how to resolve them.
Does the MA46p2fix.exe file need to be run manually on all the machines rolled back from the 2918 agent? I ask as I cant check the zip or exe files into the epo server and it doesnt clarify on the KB..... again poor poor McAfee!!!!!!
How is this poor company in business? In the day of virtualized test beds, does McAfee have a testing environment? If yes, how do you test your software? I would love to hear a full disclosure of how McAfee performs testing on patches before release. This issue is absolute bottom of the barrel quality. A VM test environment could be built in fewer than 8 hours and rebooted to find this issue. I originally thought no matter what virus scan software was used you were going to have fall out due to the deep level of interaction with the OS, but these issues are simple failures in software test.
The software bugs in newly released ePO agent & VSE patches are the reason why it can take months before I deploy to our 2,000 endpoints. Have been burned several times before with McAfee products which has made be more cautious. This forum is a great resource for me to find out other peoples experience with recently released updates.