- #MCAFEE VIRUSSCAN ENTERPRISE 8.8 REGISTRY EDIT UPDATE#
- #MCAFEE VIRUSSCAN ENTERPRISE 8.8 REGISTRY EDIT PATCH#
#MCAFEE VIRUSSCAN ENTERPRISE 8.8 REGISTRY EDIT UPDATE#
Although McAfee has thoroughly tested this release, we strongly recommend that you verify this update in test and pilot groups prior to mass deployment.
#MCAFEE VIRUSSCAN ENTERPRISE 8.8 REGISTRY EDIT PATCH#
I would appreciate any insights or experiences from those of you that have attempted applying VSE 8.8 patch 7. This release of McAfee VirusScan Enterprise 8.8.0 contains a variety of improvements and fixes. Possible reasons include: A failed upgrade leaves. Naturally I have asked support for reference to any official McAfee literature where it states it a best practice recommendation to have this rule disabled. McAfee® Installation Designer 8. Environment McAfee Agent (MA) 4.8 McAfee Agent 4.6, 4.5, 4.0 (End of Life) Problem Under certain conditions, you might have to remove the McAfee Agent manually.
I was referred to Knowledge Base article KB52624 and it suggested I consider disabling this rule as it is disabled by default. I raised a case to McAfee as I wanted to confirm if this was expected product behaviour in patch 7 as we had not encountered the issue before on either VSE 8.7 P4 or VSE 8.8 P2/3/4 and unfortunately the response was underwhelming. Ultimately it was due to this article that we investigated this thread as a potential issue (we only had the rule in Block so the issue wasn't initially obvious, why we don't Report detected behaviour is another issue). The Knowledge Base article KB86694 shared common symptoms with that we experience, however the recommended process exclusions had already been added to the Access Protection " Anti-virus Standard Protection: Prevent Windows Process spoofing" rule. The McAfee VirusScan Console (mcconsol.exe) in McAfee VirusScan Enterprise 8.8.0 before Hotfix 1123565 (8.) on Windows allows local administrators to bypass intended self-protection rules and unlock the console window by closing registry handles. In my preparation for patch 7 deployment I undertook due diligence and reviewed all the known issues and other articles called out by McAfee. Our investigations identified an issue where the Access Protection " Anti-virus Standard Protection: Prevent Windows Process spoofing" rule was blocking certain behaviour exhibited by of the Microsoft Session Manager process (smss.exe) which ultimately impacted RDP sessions (see AccessProtectionLog.txt output below).Īnti-virus Standard Protection:Prevent Windows Process spoofing We encountered an issue where after upgrade / installation we were unable to RDP to our Windows 2008 R2 servers, access to the virtual desktop via the V-Centre console was unaffected. Just after feedback from the community on any issues experienced with deploying VirusScan Enterprise 8.8 / patch 7.