2 Replies Latest reply on Mar 28, 2012 5:48 PM by Regis
      • 1. Re: MEG 7 patch 1 is released, and perhaps IS its own critical security issue

        Oh... and -- just hypothetically of course, you might want to take an image of your appliance, or a really good backup before loading this patch.


        I'd say more but ...hypothetically... I've been directed by support to go re-image my former cluster failover box, which patch 1 hardened into a cluster f.... foxtrot.  


        As such, this critical security patch may adversely affect the A of the CIA triad  (availability).



        Update/Edit:     McAfee is RMA'ing the hardware unit.  In what is the strangest way to figure out what seems to be a hardware problem ever (the box would complain of "hardware platform has changed since image was installed"  and even when booting to the original optical media I installed on the box... that media also has an error citing an unrecognized hardware platform),  I think the post SP1 reboot finally caught the hardware in an odd enough setting to fail.  I'm personally suspecting a disk because I can't imagine how libc++.so could disappear in a patch update along with several other key files.   The hardware will boot a standard linux distro CD just fine, albeit that test didn't include any disk mounting or any extensive RAM testing.       There is, however a file component of patch 1 that mentions Intel that makes me a little nervous.  Support however indicates that it's unlikely to explain the strange failure pattern we've observed.


        I'll post another update when I get the RMA box in and attempt patch 1 again.   Hopefully it'll exonerate patch 1 as the root cause of the drama.   


        Message was edited by: Regis on 3/22/12 4:39:43 PM CDT
        • 2. Re: MEG 7 patch 1 is released, and perhaps IS its own critical security issue

          Delighted to report that patch 1 went in very smoothly on both of my devices after the EMG was RMA'd.   I've never had a hardware problem evidence itself on a patch being applied, but mark my words, it happened this week.   Surreal no doubt.


          When you go to "install" the patch, dont forget the goofiness of having to check the patch,  click install, recheckmark the patch, then clicking apply and answering the dialog about when you want to patch it.