Scenario: A corporate server VSE upgrade project.
The project is being driven by the 5600 Engine EOL and 5700 release (which for VSE 8.7 Patch 5 now requires a hotfix and a reboot for the 5700 engine, as of the Aug 27 2014 SNS announcement) and then by the ePO 4 EOL at the end of 2015 (ePO 5 does not support VSE 8.7).
McAfee has released VSE 8.8 Patch 4 which is compatible with all Windows OSes. The question though is whether it is stable enough for a corporate environment of many (1000+) servers.
The Known Issues document for Patch 4 includes 2 issues that appear to be quite risky for corporate server environments:
|954838||KB81529||Issue: A bugcheck 50 can occur randomly when files are being scanned. So far, this has been reported only on server-class systems.|
Workaround: Refer to the related article for details.
Issue: The W3WP.exe process on web servers may exhibit high CPU, and Dropbox exhibits performance symptoms after installing VSE 8.8 Patch 4.
The first issue is the most troublesome.
I was told by McAfee that they would not create a hotfix for the first issue but would address it in VSE 8.8 Patch 5. Patch 5 will not likely be ready/proven stable in time for the upgrade project.
Has this issue been a problem for any of you? If so what have you done about it?
The second issue was a workaround of essentially reducing the security level through making some IIS components/processes Low-Risk (i.e. don't scan them or the files they touch). Not happy about that but it seems to be the only choice to keep IIS-based web servers stable.
Trying to get a consensus of the stability/risk involved with using VSE 8.8 Patch 4 in a corporate server environment. Please comment with your experiences/ideas. I am sure it would be beneficial to all.
How about VSE 8.8 Patch 2 with all published hotfixes? Would that be a better choice for a corporate server environment?