McAfee VirusScan Enterprise 8.8 Patch 8 is now available. This release includes new features, fixes, and enhancements including:

• Supports Windows 10 Anniversary Update (1607 Build 14393)
• Supports Office 2016
• Supports Office 365

To download VirusScan Enterprise 8.8 Patch 8, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx   

For a full list of changes, see the Release Notes in PD26631: https://kc.mcafee.com/corporate/index?page=content&id=PD26631

For a list of Known Issues, see KB70393: https://kc.mcafee.com/corporate/index?page=content&id=KB70393

Security Information Event Management 9.6.0 MR4 is now available. This release includes new features, fixes, and enhancements including:

• Ability to tail files from the SIEM Receiver
• CAC Login enhancements
• eStreamer v5 support

To download Security Information Event Management 9.6.0 MR4, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx   

For upgrade instructions and a full list of changes, see the Release Notes in PD26481: https://kc.mcafee.com/corporate/index?page=content&id=PD26481

​

Host IPS 8.0 Patch 8 is now available. This release includes new features, fixes, and enhancements including:

Adds support for:

• Microsoft Office 365
• Microsoft Office 2016
• Microsoft SQL Server 2014
• Windows 10 Anniversary Update

To download Host IPS 8.0 Patch 8, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx   

For a full list of changes, see the Release Notes in PD26623: https://kc.mcafee.com/corporate/index?page=content&id=PD26623

Intel Security announces the End of Life (EOL) for McAfee Threat Intelligence Exchange Server 1.0.x and 1.1.x effective August 15, 2017.

Intel Security recommends upgrading to Threat Intelligence Exchange Server 1.3 or later to benefit from the latest software developments, and to avoid interruption of product support.

See KB87675 for details: https://kc.mcafee.com/corporate/index?page=content&id=KB87675

The EOL product list and policy is available at: http://mcafee.com/us/support/support-eol.aspx

​Two vulnerabilities in Network DLP have been discovered and resolved.

AFFECTED SOFTWARE

• Network DLP 9.3.4.1 and higher

REMEDIATED/PATCHED VERSIONS
The vulnerability is remediated in these versions:

• Network DLP 9.3.4.1.2 + Hotfix 1146411

IMPACT

• CVE-2015-2808 (CVSS: 6.3; Severity: Medium) The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force approach involving LSB values, also known as the "Bar Mitzvah" issue.

• CVE-2008-5161 (CVSS: 2.2; Severity: Low) Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

RECOMMENDATION
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10163, Security Bulletin: Network Data Loss Prevention update fixes CVE-2015-2808 and CVE-2008-5161
 ( https://kc.mcafee.com/corporate/index?page=content&id=SB10163)

SIEM administrators may wish to create a user login to collect WMI logs without giving that account admin privileges. For detailed steps on how to do this, see KB74126 (https://kc.mcafee.com/corporate/index?page=content&id=KB74126).

For more resources, visit the ServicePortal and search for related content. Also, visit the SIEM Community at https://community.mcafee.com/community/business/siem.
ces. 

​A new Database Activity Monitoring vPatch update (77) has been released.

This vPatch Security Update follows a major vendor update and includes the following:

• Improved rule 6448 to monitor and protect Oracle database.

The content update is cumulative and available within the product, either via automatic updates, or by manual action.

Multiple Java vulnerabilities reported in Oracle’s July 2016 Java SE update have been resolved in ePolicy Orchestrator (ePO).

AFFECTED SOFTWARE 

• ePO 5.1.3 and earlier
• ePO 5.3.2 and earlier

REMEDIATED/PATCHED VERSIONS
The vulnerability is remediated in these versions:

• ePO 5.1.3 + EPO5xHF1151890.zip  
• ePO 5.3.1 + EPO5xHF1151890.zip
• ePO 5.3.2 + EPO5xHF1151890.zip  

IMPACT

• CVE-2016-3500 (CVSS: 5.3/4.6; Severity: Medium) Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3508.
• CVE-2016-3508 (CVSS: 5.3/4.6; Severity: Medium) Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.
• CVE-2016-3485 (CVSS: 2.9/2.6; Severity: Low) Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows local users to affect integrity via vectors related to Networking.

RECOMMENDATION
Intel Security recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see Knowledge Base article SB10166, Intel Security - Security Bulletin: ePolicy Orchestrator update fixes multiple Oracle Java vulnerabilities (CVE-2016-3500, CVE-2016-3508, and CVE-2016-3485) ( https://kc.mcafee.com/corporate/index?page=content&id=SB10166)

​A new Database Vulnerability Manager content update v112 has been released.

This update includes:

• Updated checks for MSSQL, PostgreSQL and Sybase to detect latest missing patches
• New parameterized checks for MSSQL to detect server and database role assignments
• New CIS benchmark configuration checks for DB2 and Sybase databases
• New configuration checks for Sap-Hana database
• Improved description of numerous ORADB checks
• New checks for Sap-Hana and PostgreSQL databases to detect recently reported vulnerabilities
• The following CVEs are covered for Sap-Hana: CVE-2016-6144, CVE-2016-6145, CVE-2016-6148, CVE-2016-6149, CVE-2016-6150
• The following CVEs are covered for PostgreSQL: CVE-2016-5423, CVE-2016-5424

The content update is cumulative and available within the product, either via automatic updates, or by manual action.