1 of 1 people found this helpful
I`m in this boat, with 10,000 nodes stuck...
We deployed the hotfix.
Now we want to deploy MA 4.5 P3 (not because we NEED it, but because it addresses the event 514/516 issue)
But we cannot...in fact, we can't upgrade ANY agents once the patch is installed (so machines that have VSE 8.8 w HF, but are behind in the MA version, can't even get the current one)
I opened a ticket w support...was told VSE 8.8 patch 1 would fix it, due 2nd week July....BUT....would require us to DISABLE ACCESS PROTECTION to deploy it....
Now through my AWESOME Sales Engineer, I got some tips on how to get the agent deployed (disable the part of AP that protects the AGENT, but leave AP enabled for the part that protects VSE, so reduced risk/exposure) ....
However, if we need to disable AP to get the VSE patch installed, then Mcafee REALLY REALLY REALLY screwed up....
With 10,000 nodes, we are a decent sized shop, but also know there are bigger shops stuck in this boat....not a fun place to be...
As I told my SE, this is complex software, and I can forgive a bug...but what REALLY bothers me is the lack of a "yes we are working on a proper fix and we expect it in X days"...their recommendations are , quite frankly, poor....
I am in the middle of upgrading my machines from VSE 8.7i P3 to VSE 8.8. I have not deployed HF 660014 to any of my production machines.
So with just having the RTM version of VSE 8.8 should I be able to upgrade agents on my machines? Because in the case I mentioned it had VSE 8.8 RTM and I tried to upgrade the agent from 4.5P1 to 4.5P2 and it would not let me until I disabled Access Protection.
Access Protection will not need to be disabled to deploy Patch 1 for VSE 8.8. It's only the Agent that is hindered by this change introduced by the hotfix 660014. And the workaround of disabling a single AP rule that protects the Agent's file/folders is a cleaner workaround than disabling AP altogether.
Also, Patch 1 for 8.8 is not expected now until September. Mid-July was an old target date and schedule has had to be reevaluated since then.
We do not post release dates of maintenance releases while still in development because those dates are always changing, nevertheless if you've been told mid-July by someone it's only fair I reset that expectation to something more accurate..
wwarren, I sent you a PM with more info to follow you.