cancel
Showing results for 
Search instead for 
Did you mean: 

McAfee Meltdown patch KB90180

Jump to solution

I see McAfee have published an article explaining how we are to approach getting Windows Updates regarding the Meltdown issue: McAfee Corporate KB - How to deploy the required registry key via automated executable KB90180

This is a little disappointing that this simple Reg Key can not be deployed with a McAfee DAT file except if we are Endpoint Security customers (and use EPO). As VSE customers I am being told that this patch needs to be deployed to computers via an EPO task.

My question is: I can deploy this patch but I would like to be able to report on what machines have this installed. Could anyone explain how I can create a report in EPO to show take-up of this specific patch please?

1 Solution

Accepted Solutions
Highlighted
McAfee Employee cookand
McAfee Employee
Report Inappropriate Content
Message 3 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

Alex,

Be advised of the following:

Automation for V3 was set for 3221

Automation for V2 is set for 8772

13 Replies
McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 2 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

There is nothing that I know of, except you could create an Access Protection warn mode only (event id 1095) user defined rule to monitor the create/write/whatever against the known registry entry, or even against the EEDK file doing it, and later query on the 1095 and keywords for that rule.  You would need to do this before you start pushing it out.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Highlighted
McAfee Employee cookand
McAfee Employee
Report Inappropriate Content
Message 3 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

Alex,

Be advised of the following:

Automation for V3 was set for 3221

Automation for V2 is set for 8772

xenon1
Level 7
Report Inappropriate Content
Message 4 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

do get it clear: It's not the anything from McAfee that cause's teh BSOD. It's the MS January Patch for several OS.

AMD Athlon X2 xxxx+

AMD Opteron 285
AMD Opteron 2218
AMD Opteron 2220
AMD Semprom 3400+

AMD Turion X

Quelle: https://answers.microsoft.com/en-us/windows/forum/windows_7-update/stop-0x000000c4-after-installing-...

Reliable Contributor Pmaquoi
Reliable Contributor
Report Inappropriate Content
Message 5 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

key is created by DAT if and only if Safety pulse is activated in dat reputation Policy i think

Re: McAfee Meltdown patch KB90180

Jump to solution

Thanks. I have just read the updated article that says VSE does get this Reg Key deployed in DAT from 12th Jan.

At least now I can use this as definitive uptake on the Reg Key in a report.

Thanks for all your suggestions.

xenon1
Level 7
Report Inappropriate Content
Message 7 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

Ok, since VSE 8.8 DAT 8772 now the RegKey(QualityCompat) is set by McAfee VSE.

We don't need the EEDK Package KB_901671000.zip anymore.

Reliable Contributor bretzeli
Reliable Contributor
Report Inappropriate Content
Message 8 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

As i understood you can see which machines have the key. All machines WHO have DAT/AMCORE 3221 OR LATER will have the

KEY automatic because MCAFEE Set it. This if you have ENS 10.5.2 / 10.5.3 on the machine. I am not sure if this will by set also

with VSE 8.X.

This explains your question in "another way" but you have the info...

McAfee Employee cdinet
McAfee Employee
Report Inappropriate Content
Message 9 of 14

Re: McAfee Meltdown patch KB90180

Jump to solution

The dat fix is only if you have ENS - if you have VSE you will need to deploy the eedk package.

Was my reply helpful?
If this information was helpful in any way or answered your question, will you please select Accept as Solution in my reply and together we can help other members?

Re: McAfee Meltdown patch KB90180

Jump to solution

Unfortunately, I am already deploying the patch/KB and this is for VSE and not Endpoint Protection. I have read about using a Custom field but this needs to be deployed as part of an Agent package, which I dont think I will be doing.

Its a shame McAfee are not deploying this in a managed way for VSE.

Thanks for your input anyway.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community