6 Replies Latest reply on Jul 25, 2017 2:37 AM by bretzeli

    Warning: ENS 10.5.1 Hotfixes 1 & 2

    wyrm

      Hi everyone, I wanted to issue a warning to anyone thinking of deploying ENS 10.5.1 hotfix 1 or 2.

       

      Hotfix 1: Cannot exist in the same branch as ENS 10.5 patch 1 --If these exist in the same branch, for computers running 10.5.1, the McAfee Agent will generate errors when checking for ENS patches/hotfixes:

      “Error occurred while downloading C:\ProgramData\McAfee\Agent\\Current\ENDP_GS_1050\Patch\0000\PkgCatalog.z” as well as “required patch not installed” for each of the ENS components.  As a result of computers not being able to download PkgCatalog.z, they will cycle through all available repositories looking for that file and then will look for it via update.nai.com (where is obviously does not reside).  If you run an epo query looking at repository activity, you'll notice a huge spike in traffic going to the external fallback server (if enabled for clients).  Support is aware of the issue but it has not been documented in a KB yet.  Although this doesn't have much business impact, it'll completely screw up your reporting on repository usage.  The workaround is to keep hotfix 1 in a separate branch from patch 1-- you can use tagging and policy assignment rules to update the computers to hotfix 1 after patch 1 is installed.

       

      Hotfix 2: Released yesterday, which I'm code naming: cluster $#@#.  A similar issue exists as hotfix 1, but OMG, way worse.  If hotfix 2 resides in the same branch as patch 1, computers running 10.5.1 will try to re-download and re-install ENS platform patch 1 on every update check.  Clients will download setupcc.exe, frampkg_upd.exe and McAfee_Common_x64.msp or McAfee_Common_x86.msp, even though it's already installed.  This will generate a 33MB download on every patch/hotfix update check.  For companies running satellite offices/retail locations with many computers and low bandwidth connections, this can potentially cripple the network when amplified by many client computers.  This issue is 100% reproducible after removing/adding ENS packages from the repositories.  The workaround is to keep hotfix 2 in a separate branch from patch 1.  I'm creating a support ticket for this today.

       

      I don't know how the heck the issue in hotfix 2 got past QA, considering the issue with hotfix 1 is known to support.  Ridiculous.  This serves as your warning...

        • 1. Re: Warning: ENS 10.5.1 Hotfixes 1 & 2
          yaz

          McAfee Endpoint Security 10.5.1 Hotfix 2 has been removed from our download sites. Please remove this hotfix from your deployment repositories. McAfee will repost this release as soon as possible.

          • 2. Re: Warning: ENS 10.5.1 Hotfixes 1 & 2
            Dhankins

            McAfee forums are open to positives, negatives, warts and all. We do appreciate the reporter’s candid feedback and more so we apologize for any inconvenience caused. Noted with the previous response based on this feedback we pulled the Hotfix. We agreed with the assessment. This KB89509 outlines why the Hotfix was removed, what to do next and we will put the Hotfix back on the download site in the near future. We are reviewing our QA processes as well as additional lessons learned.

             

            We appreciate all reporters feedback which we always use to improve McAfee product quality and processes.

            • 3. Re: Warning: ENS 10.5.1 Hotfixes 1 & 2
              bretzeli

              @Dhankins,

               

              It's not the right time to to criticise any such posts these days. By the way the post above is just normal talk in IT. You want to hear what enterprise customers on the street say about such things?

               

              We have customers with over 10'000+ Clients effected by this BUGGY mcafee release and those payed several Million per year to Mcafee. Want a MER.exe for that before you move 1 inch?

               

              They GUY is DAMM right and calling who and what whatever he can imagine. As long as someone from MCAFEE got payed you please take that. Like all IT Service provider who sell your stuff and have to stand straight for the things you release these days.

              We promise the customer a working solution, he pays and we stand straight for that.

               

              TODAY:

               

              2 (TWO) TIER 2 Support person JUST explained me today on PHONE that:

               

              * You can easy detect if you have Original HF2 Post OR if you have Re-Post HF2

              * I told them that this is not possible by EPO or GUI of client. We need more INFO regarding DLL/FILE/Registry to identify the HF2 malformed which where DEPLOYED. With a LINK to Forum entry where two partner mentioned that

              * MCAFEE gave a recommandation to FULLY deinstall ENS 10.5.X with the HF2 MSP and then ROLL out the correct version in a 24/7 operation goverment just a few days away from next impact of ransomware...

               

              10 Minutes later we get an E-Mail that it's not possible to IDENTIFY the malformed or correct RE-post.

              The guy who opend the ticket DI not even read it. Asking questions which where 1:1 in the ticket.

               

              Wie soeben besprochen, ist das weitere Vorgehen wie gefolgt:

               

              Entfernen Sie die komplette ENS Suite entweder via Client Task oder via Removal Tool und installieren Sie nach erfolgreicher Deinstallation die ENS 10.5.1 inkl. neue HF 2.

               

              Ich habe erneut beim SEO nachgefragt und offenbar gibt es doch keinen Unterschied zwischen den Build-Nummern von den Hotfix Versionen
              (leider). Hier ist zu mindest die Liste der aktuellen Build-Nummern:

               

              https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/ 27000/PD27121/en_US/Endpoint_Security_10_5_1_Hotfix_2_Release_Notes.pdf

               

              Es wäre ev. trotzdem ein Versuch Wert eine Abfrage mit der Versionen zu erstellen, um zu sehen, ob es Unterschiede gibt. Ich habe
              meine Version hiervon angehängt, vielleicht hilft es ja.

               

              Sollten Sie Unterstützung brauchen oder Fragen haben, zögern Sie bitte nicht, mich zu kontaktieren.

               

              Freundliche Grüsse

               

              Endpoint Product Specialist

              EMEA Business Support

              Mcafee

              • 4. Re: Warning: ENS 10.5.1 Hotfixes 1 & 2
                bretzeli

                Hello,

                 

                We have "heard" that there is an early BETA from ENS PATCH 10.5.2 which will address this issue regarding performance. It's unclear to date when that version will come out RTM.

                 

                Greeting from Switzerland

                1 of 1 people found this helpful
                • 5. Re: Warning: ENS 10.5.1 Hotfixes 1 & 2
                  Troja

                  Hello,

                  from my point of information ENS patch 2 should be available in august 2017. Also waiting for the Patch! :-)

                  Cheers

                  • 6. Re: Warning: ENS 10.5.1 Hotfixes 1 & 2
                    bretzeli
                    10.5.2July 19, 2017

                     

                    ENS 10.5.2 is currently not generally available, but is Released to Support.
                    To obtain the RTS build, contact Technical Support and quote this article number.
                    For contact details, see the Related Information section.
                    See KB51560 for detailed information on release cycles.
                    N/ALocated in the Attachment section
                    1 of 1 people found this helpful