As previously announced, there are two modifications scheduled for deployment for both V2 and V3 DATs. We have extended the evaluation periods to allow customers more time for testing.

The first change includes updated digital certificate information for McAfee products with DAT releases:

• This change went live on our commonupdater2 locations on October 25, 2016.
• **CHANGE** The go-live date for our commonupdater locations has been moved to one week later than previously announced. It is now scheduled for November 8, 2016.

The second change involves the dual-signing of DAT components using two digital certificates:

• **CHANGE** The start date of the opt-in customer evaluation period via commonupdater3 has been moved to later than previously announced. It will not start on November 15. It is now scheduled for late November.
• The go-live dates for our commonupdater2, commonupdater, and http://downloadcenter.mcafee.com/products/mcafee-avert/dats locations are still planned for early Q1 2017.

For more information about these changes and any updates to the release schedule, review Knowledge Base article KB87709: https://kc.mcafee.com/corporate/index?page=content&id=KB87709

McAfee ePO Performance Optimizer runs as an ePO extension and collects metrics about the performance of the ePO database, application server, and ePO configuration. The performance metrics can be used to notify administrators using either text message or email. The product is available at no charge to ePO customers.

Features and enhancements in 2.1.0:

• 7 new assessments
• 17 new dashboard queries
• 8 new report PDFs
• 8 new sample automatic responses
• 8 new event types for the automatic responses
• 3 minor bug fixes

See the release notes and product guide for details on all areas.

To download McAfee ePO Performance Optimizer 2.1.0, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx    

For a full list of changes, see the Release Notes in PD26741: https://kc.mcafee.com/corporate/index?page=content&id=PD26741

For a list of Known Issues, see KB84617: https://kc.mcafee.com/corporate/index?page=content&id=KB84617

IMPORTANT: Only customers using CommonUpdater2 will be affected by this issue.

NOTE: If your environment has already been updated with DAT 8329 or greater, no further action is required.

If using CommonUpdater2, a full DAT update (100 MB) will occur on all clients when updating from DAT 8328 to any subsequent DAT. To minimize potential network impact, update tasks may need to be modified.

NOTE: Changing to the CommonUpdater or CommonUpdater3 sites will not resolve the issue. Refer to KB article KB87983 - https://kc.mcafee.com/corporate/index?page=content&id=KB87983 for further information and FAQ.

If you require any further assistance with this please contact your Support representative.

McAfee VirusScan Enterprise Patch 8 Hotfix 1159675 is now available. This release includes new features, fixes, and enhancements.

This Hotfix uninstalls Microsoft Windows Defender from Windows Server 2016.  This is required when running McAfee VirusScan Enterprise on Windows Server 2016 due to possible performance-related issues when running more than one default security application.

To download McAfee VirusScan Enterprise Patch 8 Hotfix 1159675, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx.  

For a full list of changes, see the Release Notes in PD26740:
https://kc.mcafee.com/corporate/index?page=content&id=PD26740.

For a list of Known Issues, see KB70393:
https://kc.mcafee.com/corporate/index?page=content&id=KB70393

MOVE AV Multiplatform 3.6.1  Hotfix 1155571  is now available.

Hotfix 1155571 resolves the MOVE mvagtsvc service error that shows it has been terminated unexpectedly.

To download MOVE AV Multiplatform 3.6.1  Hotfix 1155571, go to the Downloads tab on the ServicePortal (https://support.mcafee.com) and search for 1155571.

For a full list of changes, see the Release Notes in PD26739: https://kc.mcafee.com/corporate/index?page=content&id=PD26739.

​A new Database Activity Monitoring vPatch update (80) has been released.

This update includes the following:

• New rule 6452 to monitor and protect Oracle database against exploitation of CVE-2016-5516 vulnerability.
• Improved rule 3896 to monitor and protect MySQL database against exploitation of CVE-2016-6662 vulnerability.

The content update is cumulative and available within the product, either via automatic updates, or by manual action

McAfee Active Response (MAR) Content Update 1.1.0.240 is now available.

This update includes:
InteractiveSessions, LocalGroups, and UserProfiles collector — Avoid requesting non-local user data from Active Directory to prevent service congestion.

You can download McAfee Active Response Content Update 1.1.0.240 using the ePO Master Repository.   

For more information, see the Release Notes in PD26738:
https://kc.mcafee.com/corporate/index?page=content&id=PD26738

5900 Anti-Malware Engine Beta Refresh & VirusScan Command Line 6.1.0 Beta packages are now available (October 19, 2016).

The McAfee Anti-Malware Engine is the core component of the McAfee Endpoint and Gateway products. Using patented technology, the Engine analyzes potentially malicious code to detect and block Trojans, viruses, worms, adware, spyware, and other threats.

New Features in the 5900 Anti-Malware Engine

The 5900 Anti-Malware Engine is a yearly Engine release that will succeed the current 5800 Engine and includes the following improvements:

• Detection and Performance Enhancements:
• Enhanced support of JavaScript to detect more threats.
• Improved support for Microsoft Office (OLE) file format.
• Improved unpacking of Dotfuscator and MPRESS packed files.
• Enhancements to DAT content to improve predictability of content processing.

Platform Enhancements:

• New Platform Support
• Windows 10 Anniversary Update
• Windows Server 2016

For complete information about the 5900 Anti-Malware Engine, see KB66741 - Important information about the 5.x.00 Anti-Virus Scanning Engine (https://kc.mcafee.com/corporate/index?page=content&id=KB66741 ​

McAfee Application and Change Control 7.0.1-275 is now available. This release includes new features, enhancements, and fixes for the following issues:

Solidcore client

• On a protected Windows 8 or later system where monitoring is enabled, appropriate event is not generated when the local user logs off (ID 4647).
• When Application Control is deployed, although a PS1 script is assigned updater privileges, it isn’t working as expected.
• After you upgrade existing products, such as McAfee Agent, Data Loss Prevention, VirusScan Enterprise, and Application Control on a system, the system crashes.
• On a system where Change Control is deployed, the File Modified event is generated for a tracked file without any modification to the file.
• On a protected 64-bit system running Windows 8 or later, 32-bit interpreters crash when the script-as-updater feature is enabled.
• Updater privileges are erroneously not revoked from a script file when it is executed by an interpreter.
• When enabling Application Control using reboot-free activation, the scsrvc service crashes.
• On a protected system running the 7.0.0-666 build, high CPU usage and performance degradation is observed.

To download 7.0.1-275 build, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx   

For a full list of changes, see the Release Notes in PD26737: https://kc.mcafee.com/corporate/index?page=content&id=PD26737

For Known Issues, see KB87447 and KB87446:
https://kc.mcafee.com/corporate/index?page=content&id=KB87447
https://kc.mcafee.com/corporate/index?page=content&id=KB87446
​

​Important information for customers using Microsoft Internet Information Services (IIS) and/or Skype for Business (Lync), when using recent releases of McAfee products (affected products are listed below):
Issues:

• IIS: https://support.microsoft.com/en-us/kb/2802568
• Lync: http://social.technet.microsoft.com/wiki/contents/articles/29374.lync-2013-frontend-event-id-32042.aspx

Workaround and additional information:
https://kc.mcafee.com/corporate/index?page=content&id=KB87705

Affected products include:

• Data Loss Prevention 10.100, 9.4.230, 9.3.630
• Endpoint Security 10.2, 10.1.2
• Host Intrusion Prevention 8.0 Patch 8
• VirusScan Enterprise 8.8 Patch 8
• McAfee Agent 5.0.4.283
• McAfee Client Proxy 2.2

(Any products incorporating SYSCore 15.5)