cancel
Showing results for 
Search instead for 
Did you mean: 
Reliable Contributor brentil
Reliable Contributor
Report Inappropriate Content
Message 121 of 230

Re: VSE 8.8. 6807 DAT problem - urgent!

I wasn't sure what the HIPS action was since it said "A false positive event has been triggered." but you're correct if it's a high alert that would need investigating and possible allowances.

Re: VSE 8.8. 6807 DAT problem - urgent!

Solved my problem - installed the latest SuperDat first, and then installed the Hotfix (same Dat version).

SeaCat
Level 7
Report Inappropriate Content
Message 123 of 230

Re: VSE 8.8. 6807 DAT problem - urgent!

Has anyone tried to deploy the hotfix using SCCM?  We're trying to roll it out using SCCM and are having some difficulties getting it to work.

Reliable Contributor brentil
Reliable Contributor
Report Inappropriate Content
Message 124 of 230

Re: VSE 8.8. 6807 DAT problem - urgent!

SeaCat wrote:

Has anyone tried to deploy the hotfix using SCCM?  We're trying to roll it out using SCCM and are having some difficulties getting it to work.

You might need to pass the /F to the installer to get it to actually install.

Re: VSE 8.8. 6807 DAT problem - urgent!

Here is what I am seeing at my locations.

1. Just because a machine is showing the Engine as version 0.0 in an EPO Orchestrator query doesn't mean that that system is messed up. Machines that have not fully reported since having Mcafee installed will do this. I also have an XP machine that is showing up as 0.0 on the query, but it shows up correctly on the machine itself and it passes the EICAR test.

2. I haven't had any reports of any machines having trouble accessing the web.

3. Tested all our servers and none of them failed the EICAR test.

4. Spot tested a few user machines and did not find any that failed the EICAR test.

What version of EPO Orchestrator, Agent, etc. are running on machines that messed up?

We have the latest everything except for the Agent 4.6 "Reporting and Policy Extension (Patch 2)" which was just released.

Message was edited by: cyclone3d on 8/21/12 2:24:26 PM CDT

Re: VSE 8.8. 6807 DAT problem - urgent!

Were seeing the same - also running latest everything.

Labnuke
Level 7
Report Inappropriate Content
Message 127 of 230

Re: VSE 8.8. 6807 DAT problem - urgent!

Will client computers which have updated to DAT 6811 install this hotfix automatically through EPO? We use the McAfee repository as backup repository for systems updates in case they are outside of the private network at update time.

Re: VSE 8.8. 6807 DAT problem - urgent!

Clients picking up 6811 - any news anywhere - do we still need to HotFix??  If I have to hotfix it is out of band and I will need an emergency change for the non affected 8.8 clients to receive it - an ec was approved today for those with 0.0000 engine to receive the hotfix.  If it is a DAT I can approve without change.

Re: VSE 8.8. 6807 DAT problem - urgent!

Does anyone know how to check for systems that have the On-Access scanner disabled? I cannot find a query to check this.

Cheers,

Mike

Highlighted
SeaCat
Level 7
Report Inappropriate Content
Message 130 of 230

Re: VSE 8.8. 6807 DAT problem - urgent!

I don't believe there is.  The OAS shows enabled even though it really isn't working.  The best way to confirm is to try an eicar test file on the system.  If it doesn't pick it up then you know it's not working.

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator