cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 41 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

To the best of my knowledge FIPS installs are not vulnerable, which is why the HF does not install.

Regards -

Joe

Highlighted

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Can someone point me in the direction of the hot fix download? I've checked the McAfee downloads site and cannot locate the hotfix.  Path i went was My Downloads -> MFE Complete Protection Enterprise Suite -> ePolicy Orchestrator v4.6.0 -> then all I see is the hot fix from Feb 24 2014 - EPO467HF940148.zip -  I can't find anything newer.

Highlighted
Level 7
Report Inappropriate Content
Message 43 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Found it under ePolicy Orchestrator v4.6.0 - Ver 4.6

Highlighted
Level 7
Report Inappropriate Content
Message 44 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

I had to call gold support to find where the hotfix download was hidden.

Installed hotfix on epo server and agent handlers, all works fine.  

Highlighted
Level 7
Report Inappropriate Content
Message 45 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

I am running ePO 4.6.6.  I did receive the SNS notifications for HF960279.  When accessing  http://www.mcafee.com/us/downloads/downloads.aspx and searching for the Hot Fix nor does going to My Products and selecting security patches helps to locate the HF in the SNS, it is not listed.  I am going around in circles trying to find it.  My ePO server has no internet access and does not use Software Manager, so I will need to manually download and apply.  Can someone post a direct link to the zip package? 

Second question, If I am upgrading ePO from 4.6.6 to 5.1 in the next 30-45 days and my ePO environment is not internet facing would it best to just wait until this time and hope McAfee has the newer version of OpenSSL already in the upgrade package?


Message was edited by: dwatt on 4/14/14 10:02:19 AM CDT
Highlighted
Level 7
Report Inappropriate Content
Message 46 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

I used my Grant # and found it under ePO in my product list.

Highlighted

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Which version of EPO? I'm running 4.6 and I don't see it.  Also what time did you download the file - just wondering if they may have removed it for some reason.  Here's all that i'm seeing.4-14-2014 10-35-26 AM.png

Highlighted

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

wow - nevermind - had to scroll down on the page - its almost to the bottom.

Highlighted
Level 7
Report Inappropriate Content
Message 49 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Found it!  I expected it to be in the OBVIOUS places like all other downloads and security alerts.  Silly me.

Highlighted
Level 7
Report Inappropriate Content
Message 50 of 66

Re: ePO - OpenSSL versions (CVE-2014-0160)

Jump to solution

Has anyone just tried these steps on ePO 4.6.7 as outlined in the HF960279 Release Notes?

Install the software on McAfee ePO and remote Agent Handlers

Follow these steps to install this hotfix.

Task

1. Extract the contents of the ePOHF960279.zip

2. Run

ePOHF960279.exe and follow the on-screen instructions.

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community