SNS Digest (April 2017)
Support Notification Service April 2017
SNS Digest - McAfee
    Upcoming Webcasts
  Recent Publications and News
  Technical Product Updates
    Release Roundup
  Product End of Life (EOL)
  Resource Links
Upcoming Webcasts
Mastering Endpoint Security
APAC Wednesday, May 10, 2017 | REGISTER
3:00 PM AEST
EMEA Wednesday, May 10, 2017 | REGISTER
3:00 PM GMT | 4:00 PM CET
Americas Wednesday, May 10, 2017 | REGISTER
11:00 AM PDT | 1:00 PM CDT | 2:00 PM EDT
In the face of constantly evolving threat vectors, IT security decision makers desire integrated solutions that increase their efficiency, visibility, and overall protection across their endpoint technologies. Join guest Forrester Research analyst Chris Sherman and Joakim Lialias from McAfee, as they discuss endpoint security along with insights from a recent Forrester security leaders survey, commissioned by McAfee.
Recent Publications and News
McAfee Labs Threats Report: April 2017
In this report, McAfee experts review two key topics: The background and drivers of threat intelligence sharing and the Mirai botnet, which is notable because it detects and infects poorly secured IoT devices, transforming them into bots to attack its targets. Review the full report and check out the resources below.
Related Resources:
Main Report Page
Solution Brief: Operationalizing Threat Intelligence
Solution Brief: Secure IoT Devices to Protect Against Attacks
Related Blogs
A Data Breach Can Put the Reputation of Enterprises at Stake
Worldwide, organizations are concerned about cybercrime – but not necessarily for the reasons most would think. While many organizations worry about the technical issues that are posed by a cybercrime attack, such as ransomware locking up entire swaths of servers and bringing business operations to its knees, most are even more concerned about their public perception and loss of clientele.
How to Gain a Competitive Advantage with an Integrated Approach to Security
Simply adding an advanced threat analysis technology to your security stack can expand detection and solve some immediate security issues. But thinking beyond standalone detection to an integrated ecosystem can not only improve detection and protection throughout your organization, it can also enhance your business by optimizing security operations response time, giving you a competitive edge.
Leveraging UEBA Capabilities in Your Existing SIEM
User and entity behavior analytics (UEBA) uses advanced analytics to track and flag suspicious behaviors of both users and assets, such as networked assets, sensors, databases, devices, and hosts.
Technical Product Updates
Expert tips and documentation for leading McAfee products published in the last 30 days. Visit the McAfee Knowledge Center for additional products.
Product Links
  > (ePO) ePolicy Orchestrator
> (VSE) VirusScan Enterprise
> (ENS) Endpoint Security
> (DXL) Data Exchange Layer
> (MOVE) Management for Optimized Virtual Environments
> (SIEM) Security Info & Event Mgmt
> (EP) Encryption Products
> (MWG) Web Gateway
> (IPS) Host Intrusion Prevention
> (DLP) Data Loss Prevention
> (TIE) Threat Intelligence Exchange
> (ATD) Advanced Threat Defense
(ePO) ePolicy Orchestrator
New ProTips
Migration from SHA-1 to SHA-2 certificates is required after upgrading to ePO 5.9
See more ePO ProTips here
New KB Articles
KB88887 — Active Directory Sync populates machines to unexpected locations in the ePO System Tree
KB88985 — Client Task Scheduler page fails to display when attempting to schedule a MOVE Targeted On Demand Scan through ePolicy Orchestrator
KB88882 — An ePO Global Administrator user cannot be unassigned from policy objects that it owns
 back to product links
(VSE) VirusScan Enterprise
New KB Articles
KB88834 — VirusScan Enterprise command line switch REMOVE = EmailScan is ignored on Windows 7 (32-bit) systems
KB88937 — Threat Intelligence Exchange Module Content contributes to a negative performance impact
KB88972 — Access Protection events are generated for McAfee Agent executable (masvc.exe) with VSE 8.8 Patch 4 and earlier
KB88930 —How to resolve issues of false redirection when using the McAfee Client Proxy
 back to product links
(ENS) Endpoint Security
New ProTips
Recommended pre-deployment tasks
See more Endpoint Security ProTips here
New KB Articles
KB88863 — BugCheck 7f - UNEXPECTED_KERNEL_MODE_TRAP (occurs on Windows x86 with Endpoint Security 10.5.0 and Adaptive Threat Protection)
KB88866 — Creating a large number of On-Access Scan exclusions in ePolicy Orchestrator results in an unenforced Endpoint Security Threat Prevention policy
KB88867 — Endpoint Security modules installed on a system are not reported as installed in ePolicy Orchestrator
KB88937 — Threat Intelligence Exchange Module Content contributes to a negative performance impact
KB88973 — How to install Endpoint Security with support for CAVA
KB88975 — Endpoint Security events are not displaying in the Threat Event Log, but events for other products are displaying properly
KB88983 — How to install Endpoint Security for Linux Threat Prevention 10.2.1
KB88994 — Endpoint Security Common platform module fails to install
KB89034 — Introduction to the 'addrepository' command option in Endpoint Security for Linux Threat Prevention
KB89042 — An Endpoint Security deployment task through ePO Cloud completes, but the ENS modules fail to deploy
 back to product links
(DXL) Data Exchange Layer
New ProTips
How to use the DxlBrokerMgmt.getTopicAuthGroupCommand remote command
See more DXL ProTips here
New KB Articles
KB88937 — Threat Intelligence Exchange Module Content contributes to a negative performance impact
KB88931 — Data Exchange Layer upgrade from 1.x to 3.1.0 fails
 back to product links
(MOVE) Management For Optimized Virtual Environments
New ProTips
How to use wildcards when creating exclusions in MOVE AntiVirus Agentless
See more MOVE ProTips here
New KB Articles
KB88855 — How to deploy MOVE Antivirus Agentless without installing the vShield drivers on endpoints
KB88861 — How to upgrade or remove the MOVE Antivirus Help extension
KB88843 — How to force policy reflection on MOVE Antivirus Agentless NSX Manager
KB88853 — How to reconfigure MOVE Agentless NSX after ePolicy Orchestrator has been migrated or re-installed
KB88864 — On Access Scan Exclusion details not returned from MOVE AntiVirus Multi-Platform
KB88907 — Changing the IP address of NSX Manager causes the connection with ePolicy Orchestrator to be lost
KB88985 — Client Task Scheduler page fails to display when attempting to schedule a MOVE Targeted On Demand Scan through ePolicy Orchestrator
KB88997 — Client load limitations for MOVE Security Virtual Appliance and MOVE Security Virtual Machine
 back to product links
(SIEM) Security Info & Event Mgmt
New ProTips
How to submit GTI false positive reports
See more SIEM ProTips here
New KB Articles
KB88881 — Triggering Events tab of the Triggered Alarms table displays no data
KB89041 — TCP connection error occurs on the Event Receiver
KB89039 — Errors appear in logs indicating Solid State Drive failure for Enterprise Security Manager
 back to product links
(EP) Encryption Products
New KB Articles
KB88987 — Removable Media Policy 'Allow Unprotected Access (Report)' does not apply to 4.x clients
KB89027 — Secondary local internal drives are unexpectedly encrypted after you enable the Removable Media policy
 back to product links
(MWG) Web Gateway
New ProTips
New information is available in the Web Gateway Cloud Service Expert Center
See more MWG ProTips here
New KB Articles
KB88905 — Data loss in reporting due to rsyslog rate limit feature added in Web Gateway
 back to product links
(IPS) Host Intrusion Prevention
New KB Articles
KB89032 — How to protect Image File Execution Options with a Host Intrusion Prevention 8.0 Custom Signature
 back to product links
(DLP) Data Loss Prevention
New KB Articles
KB88967 — Screen capture protection rule does not work when opening multiple browser tabs
 back to product links
(TIE) Threat Intelligence Exchange
New ProTips
ProTip for TIE Server: How to regenerate TIE Server Certificates and Certificate Authority
See more TIE ProTips here
New KB Articles
KB88937 — Threat Intelligence Exchange Module Content contributes to a negative performance impact
KB89031 — TIE Server response to CVE-2017-6874 (not vulnerable)
 back to product links
(ATD) Advanced Threat Defense
New KB Articles
KB88967 — The specified file could not be uploaded. The file is 180387840 exceeding the maximum file size of 180 MB (manual updates for Advanced Threat Defense fail)
 back to product links
News & Announcements
Welcome to the New McAfee
On April 3, McAfee announced its launch as a new standalone company, one of the world's largest pure-play cybersecurity firms. See more information on McAfee:
Read Chris Young's Welcome Letter
Enterprise Customer Transition Portal for Business
Webinars On Demand
Unable to attend a live McAfee webinar? Check out our on demand webcast libraries. Each one is broken down by region, but many of the events apply globally.
Europe Events on Demand
North America Events on Demand
Asia Pacific Events on Demand
Patch Tuesday
April's Patch Tuesday release included a new format change. McAfee product protection details can be viewed on the Community website.
Release Roundup
Week of Mar 27
Virtual Network Security Platform Software for Amazon Web Services
File and Removable Media Protection version 5.0.2 Repost
McAfee Agent 5.0.4 Hotfix 1181846
Week of Mar 20
ePolicy Orchestrator (ePO) 5.3.2 HF 1185471
Network Security Platform 8.3
ePolicy Orchestrator 5.9 and Pre-Installation Auditor 2.0
Week of Mar 13
McAfee Web Gateway
McAfee Web Gateway (Main Branch)
McAfee SiteAdvisor 3.5 patch 5 repost 2
Virtual Advanced Threat Defense 3.10.2
Week of Mar 6
Host IPS 8.0 for Linux Patch 10
Database Activity Monitoring vPatch update 84
5900 Anti-Malware Engine and VirusScan Command Line Scanner 6.1.0
NOTE: To see release details, go to the McAfee ServicePortal and search the KnowledgeBase for the product and version.
Product End of Life (EOL)
Apr 16
Network Threat Response Software for Security 6.0
Apr 17
Threat Response Software 4.5
Threat Response CADS and add Connector 4.5
Apr 29
Management of Native Encryption 2.1.x
May 1
Endpoint Encryption for PCs 7.0.x
NOTE: EOL dates can change — see all software and appliance EOL announcements
Resource Links
> SNS Digest Archive
> Community Forums
> Labs Security Advisories
> ServicePortal
> Product Download Site
> Product End of Life (EOL)
> DAT Release Notes
> Submit a Virus Sample
> Stinger Virus Removal Tool
> Free Support Tools
Follow us:
LinkedIn   Twitter   YouTube   Facebook  

The McAfee Support Notification Service (SNS) delivers valuable product news to
help increase the functionality and protection capabilities of your McAfee products.

Securely manage your SNS email preferences.   |   Unsubscribe from all SNS communications.   |   For SNS questions, email
For support issues access Technical Support, ServicePortal, and the Knowledge Center. Enterprise (formerly Platinum) customers should contact their SAM for high severity issues. Visit the McAfee Community for product user groups and discussions.
The information in this document is provided only for educational purposes and for the convenience of McAfee customers, is subject to change without notice, and is provided "AS IS" without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. McAfee and the McAfee logo are trademarks or registered trademarks of McAfee LLC or its subsidiaries in the U.S. and/or other countries. Other names and brands may be claimed as the property of others.

Copyright © McAfee. All rights reserved. McAfee | 2821 Mission College Blvd. | Santa Clara | CA 95052-8119 | USA