Feb 21, 2008

McAfee VirusScan Enterprise 8.5i

McAfee® VirusScan® Enterprise protects your desktop and file servers from a wide range of threats, including viruses, worms, Trojan horses, and potentially unwanted code and programs. McAfee® VirusScan® 8 takes anti-virus protection to the next level, integrating elements of intrusion prevention and firewall technology into a single solution for PCs and file servers. This powerful combination delivers truly proactive protection from the newest of today’s threats-including buffer - overflow exploits and blended attacks - and features advanced outbreak management responses to reduce the damage and costs of outbreaks. Everything is managed by McAfee ePolicy Orchestrator® or ProtectionPilot™ for scalable security policy compliance and graphical reporting.

*** Key Benefits :

- Integrated firewall and IPS technology - Addition of firewall and intrusion prevention technology delivers maximum proactive protection in a single, integrated package

- Enhanced coverage for emerging threats - VirusScan provides protection from the newest potentially unwanted program security threats (e.g., spyware), application-specific buffer overflow attacks, and blended attacks

- Lowered TCO during outbreak response – Advanced outbreak functionality closes the window of vulnerability before DAT files are available, limiting damage by blocking the entrance and spread of the outbreak

- McAfee scanning technology – Award-winning McAfee scan engine performs in-memory scanning to block threats such as Netsky and CodeRed, which don’t write their code to disk

- Centralized management and reporting – Integration with McAfee ePolicy Orchestrator and ProtectionPilot provides a complete security management solution, including detailed graphical reporting, from a single console

*** Product Features:
- Comprehensive McAfee anti-virus protection
- Potentially unwanted program security
- Buffer overflow prevention (IPS feature)
- Complete outbreak response
- Port blocking/lockdown (firewall feature)
- Application monitoring: email engines (firewall feature)
- File blocking, directory lockdown, folder/share blocking (IPS feature)
- Infection trace and block
- Powerful memory scanning
- Centralized management and reporting
- Enhanced email scanning
- Protection from threats that use scripts
- Optimized for mobile users

McAfee VirusScan Enterprise 8.5i Patch 4 resolved folowing issues:

1. ISSUE: A crash can occur on some systems when the On-Demand Scan Task includes the "Memory for rootkits" scan item.

RESOLUTION: The root kit detection driver has been updated to better handle different processor architectures.
2. ISSUE: When a Quarantine Restore Task is run from ePolicy Orchestrator without specifying a restore item, the Scan32.exe process runs a full scan and does not exit properly, leaving the process orphaned.

RESOLUTION: The VirusScan plug-in has been updated to check if a restore item is specified. If not, the restore task does not run.

3. ISSUE: The VirusScan On-Demand Scanner has no option to disable cookie detection alerts in the user interface or registry.

RESOLUTION: Alerts for On-Demand Scan cookie detections can now be disabled by setting the DWORD "bCookieAlerts" registry entry to 0. HKLM\SOFTWARE\McAfee\VSCore\Alert Client\VSE

4. ISSUE: When a user is browsing the Internet, the On-Access Scanner sometimes logs entries "Not scanned (The file is encrypted)" on temporary files that are locked for use by the browser.

RESOLUTION: The reporting for these types of detections can now be disabled by setting the registry DWORD value "DoNotReportSkippedFiles" to 1. HKLM\SOFTWARE\McAfee\VSCore\On Access Scanner\McShield\Configuration

NOTE: If you previously installed VSE85HF328421, the registry entry "DoNotReportSkippedFiles" is already set to 1.

5. ISSUE: In environments where the Lotus Notes data folder is in a non-standard location, the VirusScan Scanner for Lotus Notes installer might crash during installation of VirusScan.

RESOLUTION: The VirusScan Scanner for Lotus Notes installation files have been updated so that the search behavior for notes.ini is more resilient to custom Lotus Notes client locations.
6. ISSUE: A crash can occur, where the VirusScan Scanner for Lotus Notes failed to initialize properly if the first scanned attachment of a session was stored in a non-standard attachment format.

RESOLUTION: The VirusScan Scanner for Lotus Notes library was changed so that the initialization code occurs before the attachment prefixed file name handling occurs.

7. ISSUE: With Self Protection enabled, the ability to unblock a connection from a remote computer is grayed out, even though the logged-on user has administrator privileges.

RESOLUTION: VirusScan Statistics has been updated to check the credentials of the logged-on user, rather then the access level of our services, to determine if the "Unblock All Connections Now" button should be available.

8. ISSUE: bInstallation of this Patch enables the option "Enable on-access scanning at system startup" if it was previously disabled.

RESOLUTION: The Patch installer has been corrected to properly preserve the setting.
9. ISSUE: The Patch installer returns a success code, even if the Patch failed to install.

RESOLUTION: The Patch installer has been corrected so that it only returns a success code if it is actually successful.

10. ISSUE: Installing the Patch on a system that had only one Unwanted Programs exclusion causes that exclusion to fail.

RESOLUTION: The installer now corrects a problem where the DetectionExclusions registry value was being changed from REG_MULTI_SZ to REG_SZ if only one value existed.

11. ISSUE: On Windows Vista, the administrator cannot disable the On-Access Scanner via the VirusScan system tray icon.

RESOLUTION: VirusScan Statistics has been updated to check the user's logged on credentials, rather then the service handle that was used to determine access to the McShield service in older operating systems.

12. ISSUE: A failed reinstallation of VirusScan or a failed Patch installation can delete the license, resulting in an inoperable product.

RESOLUTION: The Patch installer has been updated to no longer cause this state in the event of a failed installation.

13. ISSUE: An incorrect rule file was packaged with the VirusScan NAP file included with Patch 3. This caused some of the Access Protection rule categories to not appear.

RESOLUTION: A new VirusScan NAP file was created with a corrected rule file.

14. ISSUE: When Host IPS is installed with VirusScan Enterprise, and IPS is disabled, the interface for VirusScan Buffer Overflow Protection remains grayed out, even though it is active.

RESOLUTION: The Buffer Overflow console plug-in was updated to check for the registry flag that is set by Host IPS, to tell VirusScan Enterprise that IPS is disabled.

15. ISSUE: When Self Protection is enabled on a remote machine and a user attempts open a remote console connection to that machine, the user receives an access denied message, and the remote console is not opened.

RESOLUTION: The VirusScan Console was updated to make the connection to the remote console more robust.


New Software Delivery on your Mail!

Enter your email address:

Delivered by FeedBurner