release notes for mcafee(r) virusscan(r) enterprise version 8.0i patch 10 copyright (c) 2005 mcafee, inc. all rights reserved ========================================================== patch release:
14 january 2005
this release was developed and tested with: - virusscan enterprise:8.0i - dat version: 4416, december 22 2004 - engine version: 4.3.20 make sure you have installed these versions before using this release. ========================================================== thank you for using virusscan(r) enterprise software. this file contains important information regarding this release. we strongly recommend that you read the entire document. the attached files are provided as is, and with no warranty either expressed or implied as to their suitability for any particular use or purpose. mcafee, inc. assumes no liability for damages incurred either directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of data or systems, loss of business or revenue, or incidental damages arising from their use. patch files should be applied only on the advice of mcafee technical support, and only when you are actually experiencing the issue being addressed by the patch. patch files should not be proactively applied in order to prevent potential product issues. you are responsible for reading and following all instructions for preparation, configuration, and installation of patch files. patch files are not a substitute or replacement for product service packs which may be released by mcafee, inc. it is a violation of your software license agreement to distribute or share these files with any other person or entity without written permission from mcafee, inc. further, posting of mcafee patch files to publicly available internet sites is prohibited. mcafee, inc. reserves the right to refuse distribution of patch files to any company or person guilty of unlawful distribution of mcafee software products. questions or issues with mcafee patch files should be directed to mcafee technical support.
__________________________________________________________ what's in this file -
about this release purpose resolved issues known issues files included with this release installation installation requirements installation steps installation steps via epolicy orchestrator installation steps via mcafee installation designer contact information copyright & trademark attributions license information -
-
-
__________________________________________________________ about this release purpose this release combines previous patches and updated binaries into a single microsoft patch installer to address all items listed in "resolved issues" below. resolved issues 1.
issue: a memory leak occurred in non-page pool memory when accessing files via the network redirector. the tdi driver did not release memory that had been allocated for identifying source ip information. resolution: memory is properly released by the tdi driver.
2.
issue: if the tdi driver received an i/o request packet (irp) that did not have enough stack locations to be passed down the stack, a new irp was created and the original irp was left uncompleted. this resulted in a small memory leak. resolution: the original irp is now completed.
3.
issue:
a driver conflict between the mcafee tdi driver and a driver from aventail vpn client software could result in netbios network connectivity being lost. resolution: netbios network connectivity functions as expected when these applications are installed. 4.
issue: when a system was under considerable file i/o stress, and the path information of a file was not examined correctly by the exclusion library, an excluded file or a file inside an excluded folder could be scanned. resolution: the exclusion library has been updated to ensure that file path information is examined correctly under any stress condition.
5.
issue: malformed jpeg files taking advantage of the ms04-028 exploit could be rendered by a browser -� without first having to cache files locally -- to induce an attack on the system. details of the security bulletin can be found at: http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx resolution: the processes monitored by the buffer overflow protection feature are protected against malicious code attempting to execute after exploiting the ms04-028 vulnerability. important: when a buffer overflow has occurred, the affected process may become unstable and may need to be restarted. this patch release is not a substitute for any security patch(es) provided by microsoft to resolve the ms04-028 vulnerability.
6.
issue: toolbar icons in some applications, including ibm websphere studio, display as black boxes. resolution: toolbar icons now display as expected.
7.
issue: web inspector from zixcorp would encounter an error upon initializing, usually seen at logon. resolution: web inspector loads without issue.
8.
issue: windows media player 10 could stop responding after you select the option to listen to a "radio" stream, then select the "music" tab. resolution: windows media player 10 operates correctly without interruption when you change from the "radio" tab to "music" tab, and vice versa. note: once the patch is applied, a reboot may be required to resolve this issue.
9.
issue: list boxes and message boxes in .net applications do not display any content. resolution: list boxes and message boxes now display content as expected.
10. issue: in some notes configurations where user mail databases were located in varying locations, the lotus notes scanner would not find a mailbox to scan. resolution: user mailboxes are correctly located, and the lotus notes scanner protects the database. 11. issue: the user interface option that allows you to password protect the "on-access scanner: detection" page mistakenly protects both the on-access scan "detection" and on-access scan "set exclusions" property pages. a user could not add exclusions. resolution: choosing to protect the "on-access scanner: detection" page from the "user interface options" now protects only the on-access scan "detection" page. 12. issue: a "cannot find the file specified" error message could occur when starting lotus notes via a shortcut, or when starting lotus notes from a shell. the same error message could occur when third-party applications that inject an add-in into lotus notes attempt to invoke the mcafee lotus notes scanner extensions and fail to find ncdaemon.exe.
resolution: ncdaemon.exe now loads successfully. 13. issue: a delay in responsiveness of the script engine would occur when executing scripts sequentially. resolution: scripts terminate correctly, allowing the script engine to respond to subsequent script commands. 14. issue: an "access denied" error appeared in an application that used the "delete-on-close" flag when working with temporary files. the file system filter driver would lose track of the "delete-on-close" flag. resolution: the updated file system filter driver resolves this issue, allowing temporary files to be utilized as expected. known issues 1.
when installing locally, you may not be prompted to reboot after the installation. however, a reboot is necessary to unload the previous mcafee tdi filter driver and load the new driver.
2.
performing a repair of the product via the control panel "add/remove programs" applet and omitting to rewrite registry values, reinstalls both product and patch but will not report the patch is installed. for example, the "about" screen will not show patch 10. reinstall the product, or when doing the repair ensure the option to rewrite registry values is selected.
3.
installing the patch and specifying a log file path using the msi switch "/l" will not log to the specified path. a log capturing full data is logged to the folder "nailogs" under the temp folder.
4.
if you install patch 10 after you have already installed the anti-spyware enterprise module, the module is removed. when installing patch 10, be certain to install it before you install the anti-spyware enterprise module. if you have already installed the module, then install patch
10, you must re-install the module. files included with this release this release consists of a package called vse80p10.zip, which contains the following files: pkgcatalog.z = package catalog file patch10.txt = this text file vs800det.mcs = virusscan enterprise detection script packing.lst = packing list patch10.msp = microsoft installer patch file setup.exe = installer for this release setup.ini = initialization file for setup.exe __________________________________________________________ installation installation requirements to use this release, you must have virusscan enterprise 8.0i software installed on the computer you intend to update with this release. note: this release does not work with earlier versions of virusscan software. patch 10 or later is required before installing the anti-spyware enterprise module. installation steps 1.
extract the patch files from vse80p10.zip to a temporary folder on your hard drive.
2.
double-click the file setup.exe inside the temporary folder created in step 1.
3.
follow the instructions of the installation wizard.
installation steps for epolicy orchestrator 1.
on the computer where the epolicy orchestrator 3.x console resides, extract the patch files from vse80p10.zip to a temporary folder on your
hard drive. 2.
open the epolicy orchestrator 3.x console and add the package from the temporary folder created in step 1 to your repository. consult "checking in package" on epolicy orchestrator 3.0 product instructions on adding a package repository. the package type for "products or updates."
page 206 of the guide for to the this patch is
the next time an agent update task runs, the virusscan enterprise client automatically downloads and installs the patch. installation steps via mcafee installation designer 1.
extract the files from vse80p10.zip to a temporary folder on your hard drive.
2.
start mcafee installation designer 8.0, select "create a new installation package," and select a source and destination folder for your installation package; then click "next."
3.
go to the "patch files" section and click "add." browse to the temporary folder you created in step 1, and select the file patch10.msp.
4.
click "finish" and "save" in the mcafee installation designer and a new installation package will be saved to the destination folder you specified in step 2.
__________________________________________________________ participating in the mcafee beta program to download new beta software or to read about the latest beta information, visit the mcafee beta web site located at: http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm to submit beta feedback on any mcafee product, send e-mail to:
[email protected] mcafee is devoted to providing solutions based on your input. __________________________________________________________ contact information technical support
home page http://www.mcafeesecurity.com/us/support/ knowledgebase search https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx primesupport service portal https://mysupport.mcafeesecurity.com login credentials required. mcafee beta program beta web site http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm security headquarters: avert (anti-virus & vulnerability emergency response team) home page http://www.mcafeesecurity.com/us/security/home.asp virus information library http://vil.mcafeesecurity.com/ avert webimmune & submit a virus sample https://www.webimmune.net/default.asp avert dat notification service http://vil.mcafeesecurity.com/vil/join-dat-list.asp download site home page http://www.mcafeesecurity.com/us/downloads/ dat file and engine updates http://www.mcafeesecurity.com/us/downloads/updates/ ftp://ftp.mcafeesecurity.com/pub/antivirus/datfiles/4.x product upgrades https://secure.nai.com/us/forms/downloads/upgrades/login.asp valid grant number required. contact customer service training on-site training http://www.mcafeesecurity.com/us/services/security/home.htm mcafee university http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm customer service us, canada, and latin america toll-free:
phone:
+1-888-virus no or +1-888-847-8766 monday-friday, 8am-8pm, central time
e-mail:
https://secure.mcafeesecurity.com/us/forms/support/request_form.asp
web:
http://www.mcafee.com/us/default.asp http://www.mcafeesecurity.com/us/support/default.asp
for additional contact information (including addresses and toll-free numbers for worldwide offices), see the contact file that accompanied your original product release. _____________________________________________________ copyright and trademark attributions copyright (c) 2005 mcafee, inc. all rights reserved. no part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or�by�any means without the written permission of mcafee, inc., or its suppliers or affiliate companies. to obtain this permission, write to the attention of the mcafee legal department at: 5000 headquarters drive, plano, texas 75024, or call +1-972-963-8000. trademarks active firewall, active security, activesecurity (and in katakana), activeshield, antivirus anyware and design, clean-up, design (stylized e), design (stylized n), entercept, enterprise securecast, enterprise securecast (and in katakana), epolicy orchestrator, first aid, forcefield, gmt, groupshield, groupshield (and in katakana), guard dog, homeguard, hunter, intrushield, intrusion prevention through innovation, m and design, mcafee, mcafee (and in katakana), mcafee and design, mcafee.com, mcafee virusscan, na network associates, net tools, net tools (and in katakana), netcrypto, netoctopus, netscan, netshield, network associates, network associates coliseum, netxray, notesguard, nuts & bolts, oil change, pc medic, pcnotary, primesupport, ringfence, router pm, securecast, secureselect, spamkiller, stalker, threatscan, tis, tmeg, total virus defense, trusted mail, uninstaller, virex, virus forum, viruscan, virusscan, virusscan (and in katakana), webscan, webshield, webshield (and in katakana), webstalker, webwall, what�s the state of your ids?, who�s watching your network, your e-business defender, your network. our business. are registered trademarks or trademarks of mcafee, inc. and/or its affiliates in the us and/or other countries. red in connection with security is distinctive of mcafee(r)
brand products. all other registered and unregistered trademarks herein are the sole property of their respective owners.
_____________________________________________________ license information license agreement notice to all users: carefully read the appropriate legal agreement corresponding to the license you purchased, which sets forth the general terms and conditions for the use of the licensed software. if you do not know which type of license you have acquired, please consult the sales and other related license grant or purchase order documents that accompanies your software packaging or that you have received separately as part of the purchase (as a booklet, a file on the product cd, or a file available on the web site from which you downloaded the software package). if you do not agree to all of the terms set forth in the agreement, do not install the software. if applicable, you may return the product to mcafee or the place of purchase for a full refund. license attributions this product includes or may include: *�software developed by the openssl project for use in the openssl toolkit (http://www.openssl.org/). *�cryptographic software written by eric a. young and software written by tim j. hudson. *�some software programs that are licensed (or sublicensed) to the user under the gnu general public license (gpl) or other similar free software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. the gpl requires that for any software covered under the gpl which is distributed to someone in an executable binary format, that the source code also be made available to those users. for any such software covered under the gpl, the source code is made available on this cd. if any free software licenses require that network associates provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. *�software originally written by henry spencer, copyright 1992, 1993, 1994, 1997 henry spencer. *�software originally written by robert nordier, copyright (c)�1996-7 robert nordier. *�software written by douglas w. sauder. *�software developed by the
apache software foundation (http://www.apache.org/). a copy of the license agreement for this software can be found at www.apache.org/licenses/license-2.0.txt. *�international components for unicode ("icu") copyright (c)�1995-2002 international business machines corporation and others. *�software developed by crystalclear software, inc., copyright (c)�2000 crystalclear software, inc. *�fead(r) optimizer(r) technology, copyright netopsystems ag, berlin, germany. *�outside in(r) viewer technology (c)�1992-2001 stellent chicago, inc. and/or outside in(r) html export, (c)�2001 stellent chicago, inc. *�software copyrighted by thai open source software center ltd. and clark cooper, (c)�1998, 1999, 2000. *�software copyrighted by expat maintainers. *�software copyrighted by the regents of the university of california, (c)�1989. *�software copyrighted by gunnar ritter. *�software copyrighted by sun microsystems(r), inc. (c)�2003. *�software copyrighted by gisle aas. (c)�1995-2003. *�software copyrighted by michael a. chase, (c)�1999-2000. *�software copyrighted by neil winton, (c)�1995-1996. *�software copyrighted by rsa data security, inc., (c)�1990-1992. *�software copyrighted by sean m. burke, (c)�1999, 2000. *�software copyrighted by martijn koster, (c)�1995. *�software copyrighted by brad appleton, (c)�1996-1999. *�software copyrighted by michael g. schwern, (c)�2001. *�software copyrighted by graham barr, (c)�1998. *�software copyrighted by larry wall and clark cooper, (c)�1998-2000. *�software copyrighted by frodo looijaard, (c)�1997. *�software copyrighted by the python software foundation, copyright (c)�2001, 2002, 2003. a copy of the license agreement for this software can be found at www.python.org. *�software copyrighted by beman dawes, (c)�1994-1999, 2002. *�software written by andrew lumsdaine, lie-quan lee, jeremy g. siek (c)�1997-2000 university of notre dame. *�software copyrighted by simone bordet & marco cravero, (c)�2002. *�software copyrighted by stephen purcell, (c)�2001. *�software developed by the indiana university extreme! lab http://www.extreme.indiana.edu/). *�software copyrighted by international business machines corporation and others, (c)�1995-2003. *�software developed by the university of california, berkeley and its contributors. *�software developed by ralf s. engelschall
for use in the mod_ssl project (http://www.modssl.org/). *�software copyrighted by kevlin henney, (c)�2000-2002. *�software copyrighted by peter dimov and multi media ltd. (c)�2001, 2002. *�software copyrighted by david abrahams, (c)�2001, 2002. see http://www.boost.org/libs/bind/ bind.html for documentation. *�software copyrighted by steve cleary, beman dawes, howard hinnant & john maddock,
(c)�2000. *�software copyrighted by boost.org, (c)�1999-2002. *�software copyrighted by nicolai m. josuttis, (c)�1999. *�software copyrighted by jeremy siek, (c)�1999-2001. *�software copyrighted by daryle walker, (c)�2001. *�software copyrighted by chuck allison and jeremy siek, (c)�2001, 2002. *�software copyrighted by samuel krempp, (c)�2001. see http://www.boost.org for updates, documentation, and revision history. *�software copyrighted by doug gregor ([email protected]), (c)�2001, 2002. *�software copyrighted by cadenza new zealand ltd., (c)�2000. *�software copyrighted by jens maurer, (c)�2000, 2001. *�software copyrighted by jaakko j�rvi ([email protected]), (c)�1999, 2000. *�software copyrighted by ronald garcia, (c)�2002. *�software copyrighted by david abrahams, jeremy siek, and daryle walker, (c)�1999-2001. *�software copyrighted by stephen cleary ([email protected]), (c)�2000. *�software copyrighted by housemarque oy ,�(c)�2001. *�software copyrighted by paul moore, (c)�1999. *�software copyrighted by dr. john maddock, (c)�1998-2002. *�software copyrighted by greg colvin and beman dawes, (c)�1998, 1999. *�software copyrighted by peter dimov, (c)�2001, 2002. *�software copyrighted by jeremy siek and john r. bandela, (c)�2001. *�software copyrighted by joerg walter and mathias koch, (c)�2000-2002.