Blog Posts

All ePO Packages prior to 5.3.3 and 5.9.1 will be reposted on November 30th, 2017

6/12/2017

McAfee is changing vendors for Java from Oracle to Azul. On November 30, 2017, all ePO install packages prior to ePO 5.3.3 and 5.9.1 will be reposted without Java. Starting with versions 5.3.3 and 5.9.1, ePO will ship with Azul Java.
McAfee strongly urges all our customers to download any install package of ePO that you may need before November 30, 2017. After that date, you may still download older versions of ePO, but additional steps will have to be taken to complete the ePO installation.
For more information please see KB89799: https://kc.mcafee.com/corporate/index?page=content&id=KB89799

McAfee Endpoint Upgrade Assistant 1.5.0 is available for download

6/12/2017

Endpoint Upgrade Assistant is an ePO extension tool that is designed to help with analyzing and planning the upgrades of any McAfee product. Endpoint Upgrade Automation is an ePO package that removes VSE and legacy products from managed endpoints, validates that they have been successfully removed and if necessary cleans up any remaining files. It downloads MA and ENS from the ePO server so it can upgrade MA and install ENS. It also migrates any local VSE and HIPS product policies so ENS can utilize them after it has been installed.
This Tool makes your migration from VSE, HIPS and SAE to ENS much better experience, more successful.
For details, see the following documents:
The latest EUA 1.5.0 video:
https://www.youtube.com/watch?v=rsLiFBIbDUc&t=85s
Endpoint Upgrade Assistant 1.5.0 Release Notes (PD27302)
https://kc.mcafee.com/corporate/index?page=content&id=PD27302
Introduction to Endpoint Upgrade Assistant (KB88141):
https://kc.mcafee.com/corporate/index?page=content&id=KB88141
Endpoint Upgrade Assistant 1.x Known Issues (KB88996):
https://kc.mcafee.com/corporate/index?page=content&id=KB88996

Threat Advisory for W97M/Macroless - Dynamic Data Exchange (DDE Attack Exploit)

6/12/2017

McAfee Labs has released a new Threat Advisory for W97M/Macroless - Dynamic Data Exchange (DDE Attack Exploit).
Overview
This threat advisory contains information about the exploit currently being used in the wild for the MS Office DDE feature. DDE stands for Dynamic Data Exchange and is a feature that allow Office applications to talk to each other and exchange data. Malicious actors are using this feature to execute external applications without use of a macro. This exploit is currently being used in the wild to execute Powershell in order to download more malware.
For details, see Knowledge Base document PD27325 at https://kc.mcafee.com/corporate/index?page=content&id=PD27325

Host IPS 8.0 for Linux Patch 11 Now Available

6/12/2017

Host IPS 8.0 for Linux Patch 11 is available for download.
The current release of the product adds support for Red Hat Enterprise Linux (RHEL) 7.4, Amazon Linux 2017.03, and CentOS 7.4.
The current release resolves several reported client and extension issues. For a list of issues fixes please see the release notes.
For details, see the following documents:

Host IPS 8.0 for Linux Patch 11 Release Notes (PD27329): https://kc.mcafee.com/corporate/index?page=content&id=PD27329
Host Intrusion Prevention 8.0 Patch 11 for Linux verified 64-bit kernel versions (KB89951): https://kc.mcafee.com/corporate/index?page=content&id=KB89951

Supported platforms, environments, and operating systems for Host Intrusion Prevention 8.0 (KB70778): https://kc.mcafee.com/corporate/index?page=content&id=KB70778

Threat Advisory for Ransom-BadRabbit

6/12/2017

McAfee Labs has released an updated Threat Advisory for Ransom-Petya/Ransom-BadRabbit.
Overview
Ransom-BadRabbit is an updated version of the old Petya ransomware. The updated Threat Advisory contains information about the new variant and how to configure the products to prevent the malware from running, as well as coverage information for known samples.
For details, see Knowledge Base document PD26470 at: https://kc.mcafee.com/corporate/index?page=content&id=PD26470

Application Control and Change Control 8.0 HF3 Now Available

6/12/2017

Solidcore Versions avalable for download:
- Solidcore Client for Windows 8.0.0.855
- ePO Management Extension 8.0.0.220
Release 8.0.0 (Update 3) supports these four products:
o McAfee Windows Embedded Security
o McAfee Integrity Control
o McAfee Application Control
o McAfee Change Control
The current release of the product includes these enhancements for Wildcard feature. The wildcard feature has been added to skip list rules to bypass solidification. With this feature, you can skip folders and directories that you do not want to include in the solidification process such as temporary folders.
The current release resolves several reported client and extension issues. For a list of issues fixes please see the release notes.
For details, see the following documents:
•Application Control and Change Control 8.0 HF3 Release Notes PD27320:
https://kc.mcafee.com/corporate/index?page=content&id=PD27320
•Supported platforms, environments, and operating systems for Application and Change KB87944:
https://kc.mcafee.com/corporate/index?page=content&id=KB87944

McAfee Active Response (MAR) 1.1.0.282 Hotfix Now Available

6/12/2017

McAfee Active Response Bundle Hotfix 1.1.0.282 is now available.
This hotfix includes the following fixes:
• McAfee Active Response queries using the “contains” filter with the WinRegistry collector may cause high CPU usage. The keypath field is now mandatory for the WinRegistry collector, and it can only be used with the “StartWith” and “Equals” filter.”

You can download McAfee Active Response Hotfix 1.1.0.282 using the ePO Software Manager, or from the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx
For more information, see the Release Notes in PD27296:
https://kc.mcafee.com/corporate/index?page=content&id=PD27296

EOL Announcement for McAfee Drive Encryption 7.1.x

6/12/2017

McAfee announces the End of Life (EOL) for McAfee Drive Encryption 7.1.x effective June 30, 2019.
McAfee recommends upgrading to Drive Encryption 7.2.x to benefit from the latest software developments, and to avoid interruption of product support.
See KB89833 for details (https://kc.mcafee.com/corporate/index?page=content&id=KB89833)
The EOL product list and policy is available at: http://mcafee.com/us/support/support-eol.aspx

Data Loss Prevention 10 Patch 3 Now Available

6/12/2017

Data Loss Prevention 10 Patch 3 is now available. This release includes new features, fixes, and enhancements including:
* 1128959 - McAfee DLP Endpoint discovery incidents can now be rolled up.
* 1143705 - Removable storage protection rules now support a timeout parameter that can be configured in the Windows client configuration. The DLP Administrator can set the default action if the timeout is exceeded.
* 1175169 - Importing dictionaries with UTF8 (double byte) characters now has the same limit as ASCII dictionaries (20,000 entries).
* 1160275 - Web application pages now load correctly. The issue was resolved by a change in the McAfee DLP Endpoint Internet Explorer URL monitor.
* 1174397 - Shutting down a VDI client running on XenDesktop 7.8 does not cause a blue screen. The issue was resolved by changing the order in which McAfee DLP Endpoint checks problem codes to see if it is disabling devices.
* 1184209 - Plug and Play device rules and removable storage device rules can now successfully block Apple devices using the Apple vendor ID 05ac when there are no iTunes or official Apple drivers.
* 1195368 - Tags are now preserved when tagged files are compressed (zipped), even when compressed a second time.
* 1198717 - Internet Explorer 11 now prints from all websites. The issue of an internal error preventing printing was resolved. The root cause was the wrong file handle being used when the handle was duplicated.
* 1202290 - Google Chrome V60 now responds normally when McAfee DLP clipboard protection is enabled. The issue was resolved by changing the hooking mechanism.
To download Data Loss Prevention 10 Patch 3, go to the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx
For a full list of changes, see the Release Notes in PD27308: https://kc.mcafee.com/corporate/index?page=content&id=PD27308

End of Life for Data Exchange Layer 2.x and 3.0

6/12/2017

McAfee announces the End of Life (EOL) for McAfee Data Exchange Layer (DXL) 2.x and 3.0 effective October 16, 2018.
McAfee recommends upgrading to DXL 3.1 or later to benefit from the latest software developments, and to avoid interruption of product support.
See KB89882 for details: https://kc.mcafee.com/corporate/index?page=content&id=KB89882.

The McAfee EOL product list and policy is available at: http://mcafee.com/us/support/support-eol.aspx

weebly
analytics