I think it odd to see comments still being added to the Patch 4 post (VSE 8.8 Patch 4 - coming soon...) but it's time to start one for Patch 5 .
In the same spirit of giving everyone a Heads Up on what to expect with Patch 5, to preempt some questions where possible and help you prepare for what is to come...
Dates are firm but fluid; if they change it'll be in the interest of quality -
Limited availability*: Jan 29
General availability: Feb 26
* Select customers only; the managed release or RTS period, during which the SEO team are closely monitoring the patch's performance/acceptance, thus not open to all customers.
Some points from the prior posting about Patch 4 remain true for Patch 5, those are:
Environments that install VirusScan and then Patch VirusScan, and/or add Hotfixes to VirusScan, and who DO NOT REBOOT afterwards, are at a growing risk of encountering a BSOD from Stack Exhaustion. It's not our fault, not exactly - we simply didn't expect environments would make 3 or 5 upgrades to our kernel components and NEVER reboot. We allow for it to happen, so that's our fault. And it's technically feasible to do it - a feat not many vendors can claim, that we can update kernel level code without having to force an immediate reboot. However, the OS can only handle doing this so many times before a code execution path exhausts the the Stack of a thread. Therefore I implore you, after patching or hotfixing our kernel drivers, please plan a maintenance window to reboot the box. A reboot is not required, but if you do not, and you install 'x' number of Patch/Hotfix releases and STILL NO REBOOT, then you will eventually be FORCED to reboot because the system will crash! Then of course, you don't have to reboot, the BSOD satisfies any need for reboot - you might appreciate it better if it was planned.
Similar but different from Patch 4:
- MD5 hashes for detections made by the On Access scanner and On Demand scanner will be logged locally to their respective log files. The MD5 hash info is not provided to ePO at this time (it's a larger effort to update the alerting infrastructure to support this addition).
- Adds support for Threat Intelligence Exchange, a new technology (purchased separately). Patch 5 allows VSE to participate in that technology (replacing HF929019)
- Solutions to issues that were introduced with Patch 4 ("Thanks Patch 4"), which include -
- A compatibility issue with Microsoft DirectAccess, and other IPSec dependent features of MS Windows
- Random hangs on startup but only after applying a Microsoft update
- Outlook crashing if EmailScan is enabled and you have large calendar data stores
- BSOD, bugcheck 50 occurring randomly but only on very busy systems
- Compatibility issue with 3rd party applications that monitor file changes, which caused them to use high CPU
- On Demand Scan performance tanked hard after installing Patch 4
- SYSCore 15.3.x build of core driver binaries. "Well now, 15.3, that's impressive... isn't it?" Yes, but it also means more work for you, probably. Read my blog post:Patching VSE - risk level, then see how excited you are .
Item iii. identifies key reasons why I would recommend Patch 5 for all environments (plus the carrying forward of improvements over older patches).
Item iv. touches on why I feel the patch should be tested thoroughly before wide distribution in any environment.
And as with any patch release, keep an eye out for updates being posted to our Known Issues article specific to the release. It's not posted yet but Patch 5's Known Issues article will be KB81381.
NOTE: Windows 10 is not supported with Patch 5 (that will be a goal of Patch 6).