6 Replies Latest reply on May 21, 2010 12:07 PM by Richard-TASC

    Upgrading JRE version on ePO 4.5-753

      I need to try and update the jre in ePolicy because of security scans. ePolicy is at 4.5.753 and the jre is 6.0.13. Is it possible to do this without jumping through hoops?

       

      If I install epo 4.5 patch 1, does anyone know what version the jre will raise to?

       

      Thanks,

        • 1. Re: Upgrading JRE version on ePO 4.5-753
          Sailendra Pamidi

          Hi Richard,

          Can you share which is the vulnerability you refer to - updating the JRE outside of ePO patches is not supported. Meanwhile, I am checking on the JRE build bundled with Patch 1...

           

          Regards

          Sailendra

          • 2. Re: Upgrading JRE version on ePO 4.5-753

            We are required to run security scan software, Retina & Gold Disk to be exact. In order to mitigate vulnerabilities, java must be updated to the latest, 6.0.200.2.  The system install of java has been updated but I just happened to be looking through the ePolicy directory and found version 6.0.130.3 installed there. Although this wasn't detected by the scan last time around, I just want to be ready in case it is detected in the future and reported as a vulnerability. It's not a show stopper right now but it could cause problems in the future.

             

            It's just one of those things we gotta do to meet security requirements. And while I understand that updating the jre outside of ePO isn't supported by McAfee, is there a way to do it that doesn't require getting a shaman involved?

             

            Thanks,

             

            Richard

            • 3. Re: Upgrading JRE version on ePO 4.5-753
              Sailendra Pamidi

              Hi Richard,

              I have checked the JRE bundled with Patch 1 and it is the same as RTW - 6.0.130.3. They probably have a good enough reason to be on the current build of JRE. I will check and see if there is an updated JRE for Patch 2.

               

              Regards

              Sailendra

              • 4. Re: Upgrading JRE version on ePO 4.5-753
                Sailendra Pamidi

                The JRE is planned for updating in ePO 4.5 patch 3 - the currently bundled JRE with Patch 2 is the same as the previous ones.  So, I am afraid we need to wait for Patch 3 to become available - currently I do not have a timeline on its expected release.

                1 of 1 people found this helpful
                • 5. Re: Upgrading JRE version on ePO 4.5-753
                  PhilR

                  Two thoughts spring to mind:

                   

                  1: Is there a vector by which ePO's "embedded Java Runtime" can be used by malware?

                   

                  If the answer is other than definitely not, totally impossible then one has to ask...

                   

                  2: Why does McAfee call itself a security company when it doesn't update vulnerable components bundled with its software in a timely manner?

                   

                  Phil

                   

                   

                  Message was edited by: PhilR on 21/05/10 07:51:05 CDT
                  • 6. Re: Upgrading JRE version on ePO 4.5-753

                    Thanks for the info and for checking. Like I said, it's not a problem yet, but if you have dealt with Retina/Gold Disk, you know it may only be a matter of time before it's updated to start looking in non-standard locations for files.

                     

                    Richard