SNS Digest (June 2017)
Support Notification Service June 2017
SNS Digest - McAfee
  %7B915d455a-b178-4810-94c5-c8f4c6b55ef4%7D_arrow-left-1  Upcoming Webcasts
%7B915d455a-b178-4810-94c5-c8f4c6b55ef4%7D_arrow-left-1  Recent Publications and News
%7B915d455a-b178-4810-94c5-c8f4c6b55ef4%7D_arrow-left-1  Technical Product Updates
  %7B915d455a-b178-4810-94c5-c8f4c6b55ef4%7D_arrow-left-1  Release Roundup
%7B915d455a-b178-4810-94c5-c8f4c6b55ef4%7D_arrow-left-1  Product End of Life (EOL)
%7B915d455a-b178-4810-94c5-c8f4c6b55ef4%7D_arrow-left-1  Resource Links
Upcoming Webcasts
Transform Time into a Cybersecurity Advantage
APAC Wednesday, July 12, 2017 | REGISTER
3:00 PM AEST
EMEA Wednesday, July 12, 2017 | REGISTER
3:00 PM BST
Americas Wednesday, July 12, 2017 | REGISTER
11:00 AM PDT | 1:00 PM CDT | 2:00 PM EDT
Join Derek Brink, VP and Research Fellow, Aberdeen Research and Candace Worley, VP and Chief Technical Strategist, McAfee as they discuss how to transform time from being a white hat’s enemy to a cybersecurity advantage.
Recent Publications and News
The Why, the What and the How of the SDDC
The Software-Defined Data Center (SDDC) is an overarching philosophy for implementing better data centers. The most basic way to think about an SDDC is as a combination of virtualized computing resources, plus software-defined storage and networking. In addition, SDDC often includes overarching security aspects: in other words, SDDC abstracts and automates all the compute, storage and networking aspects that are traditionally physical, and it can put that automation and abstraction to use in enhancing security.

Our research found that the vast majority of servers are already running virtualized today, while roughly one-half of organizations are either planning to transform their data center(s) into SDDCs or they have already done so. Among those planning to transition their data center(s) to SDDC, most are planning to do so within the next two years.

Related Resources:
Read Executive Summary
Read the Full Report
SDCC 101: The Why, the What, and the How
Cybersecurity: For Defenders, It's About Time
In multiple areas of cybersecurity, time works in favor of the attackers—making time the strategic advantage that defenders need to regain. In this report, Aberdeen Group provides four illustrative examples of how recapturing the advantage of time helps you reduce risk in the fundamental categories of data protection, threat detection and incident response, data center and cloud security, and endpoint security.

Related Resources:
Executive Summary
Risk Assessments for Local Governments and SMB
When was your organization’s last risk assessment? Can you put your hands on the report? If you haven’t had a risk assessment recently, it’s a safe bet that your policies are sorely lacking. Defining an organizational policy for risk assessment is an essential component of any comprehensive suite of security policies. Both HIPAA and GLBA require periodic risk assessments, but it's a sound practice for all types and sizes of organizations.
Security Risks Arise From Insecure Implementations of HTML5 postMessage() API
In this post, McAfee experts look at the security risks arising due to insecure implementation of the HTML5 postMessage()API. Before we discuss how this cross-domain messaging API works, we must understand a few important concepts such as the same-origin policy and security risks associated with cross-origin communications.
Avoiding a data disaster: could your business recover from human error?
Think about this: What would you do if one of your trusted database administrators made a mistake that wiped out all of your databases in one keystroke? Could your business recover? Backing up data at an off-site data center has long been a best practice, and that strategy relates more to the disaster recovery (DR) component of business continuity management (BCM). DR and BCM go hand in hand, but there is a difference: BCM is about making sure the enterprise can resume business quickly after a disaster. Disaster recovery (DR) falls within the continuity plan and specifically addresses protecting IT infrastructure – including systems and databases – that organizations need to operate.
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up TOP

Technical Product Updates
Expert tips and documentation for leading McAfee products published in the last 30 days. Visit the McAfee Knowledge Center for additional products.
Product Links
  > (ePO) ePolicy Orchestrator
> (VSE) VirusScan Enterprise
> (ENS) Endpoint Security
> (DXL) Data Exchange Layer
> (MOVE) Management for Optimized Virtual Environments
> (SIEM) Security Info & Event Mgmt
> (EP) Encryption Products
> (MWG) Web Gateway
> (IPS) Host Intrusion Prevention
> (DLP) Data Loss Prevention
> (TIE) Threat Intelligence Exchange
> (ATD) Advanced Threat Defense
(ePO) ePolicy Orchestrator
New ProTips
Receiving notification whenever a Knowledge Base article is updated
See more ePO ProTips here
New KB Articles
KB89298 — Unable to authenticate with the LDAP server. Verify that the user name and password are correct (when registering an LDAP server)
KB89317 — ePolicy Orchestrator cannot communicate with a SQL server if TLS 1.0 is disabled
KB89306 — Unable to check in V3 DATs (AMCore), manually or automatically
KB89218 — User 'XXXXXX' does not have permission to run DBCC freeproccache (ePolicy Orchestrator 5.3.2 upgrade to 5.9 fails)
KB89341 — Error -2147023143: There are no more endpoints available from the endpoint mapper
KB89343 — Policy objects displayed in the Assigned Policies view do not display in the Policy Catalog
KB89378 — ePolicy Orchestrator Sustaining Statement (SSC1705181) - April 2017 reported Apache advisories
KB89357 — An Active Directory Sync configured to move or delete a large number of systems temporarily prevents Agent communication
KB89387 — The Product Deployment wizard displays after logging in to the ePolicy Orchestrator Console when a Custom Permission set is assigned to new users
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(VSE) VirusScan Enterprise
New ProTips
Known Issues articles for VirusScan Enterprise
See more VirusScan ProTips here
New KB Articles
KB89349 — Product is already installed (when installing a VirusScan Enterprise 8.8 full package that includes a patch)
KB89354 — How to troubleshoot high CPU usage by the McAfee real-time anti-malware scanner for Endpoint Security, MOVE, or VirusScan Enterprise
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(ENS) Endpoint Security
New ProTips
Searching Knowledge Base content by Product Group
See more Endpoint Security ProTips here
New KB Articles
KB89207 — AVLogEvent 5005 Content is missing. Error Code:a7f42014 (Endpoint Security AMCore content fails to update)
KB89293 — Endpoint Security Web Control requires the Internet Explorer setting "Enable third-party browser extensions" to be enabled
KB89318 — Scenarios where Endpoint Security upgrades McAfee Agent
KB89380 — Threat events raised by Endpoint Security and reported to ePolicy Orchestrator contain an incorrect build number for "Detecting Product Version"
KB89354 — How to troubleshoot high CPU usage by the McAfee real-time anti-malware scanner for Endpoint Security, MOVE, or VirusScan Enterprise
KB89402 — Windows fails to apply updates with Endpoint Security installed
KB89407 — Windows 7 system hangs with Endpoint Security Threat Prevention 10.5.x Exploit Prevention enabled
KB88994 — Endpoint Security Common platform module fails to install
KB89417 — How to run an ePolicy Orchestrator query for DAT compliance on Endpoint Security for Mac Threat Prevention systems
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(DXL) Data Exchange Layer
New KB Articles
KB89300 — Threat Intelligence Exchange and Active Response servers are tagged as a DXLBROKER after disabling the DXL Broker service
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(MOVE) Management For Optimized Virtual Environments
New ProTips
Searching Knowledge Base content by Product Group
See more MOVE ProTips here
New KB Articles
KB89205 — EICAR test file is not removed from the client and appears to go undetected
KB89319 — Agent Wakeup port is not translated from ServerSiteList.xml to the /etc/init.d/sva-firewall config file
KB89342 — Security tags are not applied to virtual machines during MOVE Antivirus Agentless 4.5 NSX deployment
KB89316 — MOVE AntiVirus Multi-Platform pop-up notifications are not received
KB89358 — How to troubleshoot a failure to detect the EICAR malware test file in MOVE Antivirus Agentless
KB89354 — How to troubleshoot high CPU usage by the McAfee real-time anti-malware scanner for Endpoint Security, MOVE, or VirusScan Enterprise
KB89398 — The policy collector task fails when deploying MOVE Antivirus Agentless in a vCNS environment
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(SIEM) Security Info & Event Mgmt
New ProTips
Searching Knowledge Base content by Product Group
See more SIEM ProTips here
New KB Articles
KB89344 — SIEM response to CVE-2017-5689
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(EP) Encryption Products
New ProTips
SNS ProTip for Encryption Products:
See more Encryption Products ProTips here
New KB Articles
KB89314 — Smart card reader not present or Unsuitable card (reported at preboot on Dell systems that are fitted with a Broadcom internal reader)
KB89339 — Pin length changed from 4 to 6 after upgrading to Management of Native Encryption 4.1.1
KB89389 — Fatal Error [0xEE0D0001] Failed to read Registry File (HP Spectre Pro x360 G2 fails to boot after activation)
KB89412 — BitLocker fails to activate (logs show: Sent event with id 35259)
KB89413 — How to prevent the ePO Remote Provisioning Tool window from being displayed when deploying Management of Native Encryption via a third-party tool
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(MWG) Web Gateway
New KB Articles
KB89212 — How to perform a factory reset for the McAfee Web Gateway appliance Remote Management Module (RMM)
KB89292 — The Central Management Currently uses the default CA (How to replace the default Web Gateway cluster CA)
KB89213 — How to generate and analyze connection traces in McAfee Web Gateway
KB89211 — Browsers detect the Web Gateway certificate as unsafe
KB89350 — Authentication in context of disabled SMB v1 (McAfee Web Gateway NTLM authentication fails after you disable SMBv1)
KB89366 — Supported versions and combinations for Hyper-V for Web Gateway
KB89382 — McAfee deletes 2013 applications from AppRisk signature version (running on Web Gateway 7.7.1)
KB89373 — How to install the NTLM Agent and configure Web Gateway to use it for Proxy Authentication
KB89395 — Reverse path forwarding in Web Gateway with the strict mode reverse path forwarding filter
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(IPS) Host Intrusion Prevention
New KB Articles
KB89204 — System reboots continuously after installing Host Intrusion Prevention for Linux 8.0.0 Patch 10 on Red Hat Enterprise Linux server
KB89241 — Host Intrusion Prevention Service continuously crashes with ts.dll as the faulting module
KB89221 The Host Intrusion Prevention binary SecCtrFw.exe is not trusted by Windows 10 after a system reboot
KB89322 Firewall for Linux service does not start automatically after a system reboot
KB89353 Windows Defender Security Center does not report the Host Intrusion Prevention Firewall protection status on Windows 10 Creators Update
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(DLP) Data Loss Prevention
New ProTips
Receiving notification whenever a Knowledge Base article is updated
See more DLP ProTips here
New KB Articles
KB89240 — Unexpected error occurred (when accessing the Definitions tab in Data Loss Prevention Policy Manager)
KB89279 — Google Chrome fails to launch or crashes while Data Loss Prevention Endpoint is in Device Control
KB89330 — Internet Explorer hangs with Data Loss Prevention Endpoint 10.0.250
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(TIE) Threat Intelligence Exchange
New ProTips
How to configure the TIE server infrastructure in a multiple-ePO environment
See more TIE ProTips here
New KB Articles
KB89300 — Threat Intelligence Exchange and Active Response servers are tagged as a DXLBROKER after disabling the DXL Broker service
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
(ATD) Advanced Threat Defense
New KB Articles
KB89214 — DXL status is shown as DOWN in the Advanced Threat Defense manager
KB89310 — Advanced Threat Defense sandbox does not open URL samples when you enable Logic Path
KB89334 — Advanced Threat Defense incorrectly sends the DNS query for a URL sample to the Preferred/Alternate DNS Server via the Malware Internet Port
KB89197 — End of Life for Advanced Threat Defense ATD-3000 and ATD-6000 appliance hardware
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up back to product links
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up TOP
News & Announcements
Ready to Upgrade to McAfee Endpoint Security 10.5?
McAfee is offering complimentary upgrade training for Endpoint Security version 10.5. To register, click on one of the links below and create an account. At check out, use the promo code ENSTRAIN17 to take your course for no charge.

Two-day instructor-led class | REGISTER

Find a class near you, or take the class as a remote student where available. (NOTE: One seat available per customer, on a first-come, first-served basis.)

eLearning Course | REGISTER

Anytime access to classroom content and demos on an unlimited basis (see the course description here).

Webinars On Demand
Unable to attend a live McAfee webinar? Check out our on demand webcast libraries. Each one is broken down by region, but many events apply globally.
Europe Events on Demand
North America Events on Demand
Asia Pacific Events on Demand
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up TOP
Release Roundup
Week of May 30
Data Loss Prevention Endpoint 10 Patch 2 hotfix 50 Repost
Endpoint Upgrade Assistant 1.3.1
Week of May 23
Endpoint Security 10.5.1 Hotfix 1189565
McAfee Agent (MA) 5.0.5 Hotfix 1188538 Now Available
Database Activity Monitoring vPatch update 86
Week of May 16
VirusScan Enterprise for Storage (VSES) extension
Web Gateway
Web Gateway (Main Branch)
Week of May 9
Host IPS 8.0 for Windows - Hotfix 1188590
Endpoint Upgrade Assistant 1.3
Database Vulnerability Manager content update v132
Data Loss Prevention 10 Patch 2 Hotfix 50 (10.0.250)
VirusScan Enterprise 8.8 Hotfix 1187884
Week of May 2
Database Activity Monitoring vPatch update 85
Web Gateway Now Available
Web Gateway (Main Branch) Now Available
Network Security Platform 8.1
NOTE: To see release details, go to the McAfee ServicePortal and search the KnowledgeBase for the product and version.
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up TOP
Product End of Life (EOL)
Jun 30
Endpoint Encryption for Files and Folders 4.2.x
Risk Advisor 2.7.2
MOVE 3.6
Aug 5
Database Security - Standalone Server 4.4.x
Database Security - ePO-integrated 5.1.x
Aug 8
MOVE Scheduler, All
NOTE: EOL dates can change — see all software and appliance EOL announcements
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up TOP
Resource Links
> SNS Digest Archive
> Community Forums
> Labs Security Advisories
> ServicePortal
> Product Download Site
> Product End of Life (EOL)
> DAT Release Notes
> Submit a Virus Sample
> Stinger Virus Removal Tool
> Free Support Tools
%7Bd90239ea-95e9-40fc-bb84-73f2b3d2d609%7D_triangle-up TOP
Follow us:
LinkedIn   Twitter   YouTube   Facebook  

The McAfee Support Notification Service (SNS) delivers valuable product news to help increase the functionality and protection capabilities of your McAfee products.

Securely manage your SNS email preferences.   |   Unsubscribe from all SNS communications.   |   For SNS questions, email
For support issues access Technical Support, ServicePortal, and the Knowledge Center. Enterprise (formerly Platinum) customers should contact their SAM for high severity issues. Visit the McAfee Community for product user groups and discussions.
The information in this document is provided only for educational purposes and for the convenience of McAfee customers, is subject to change without notice, and is provided "AS IS" without guarantee or warranty as to the accuracy or applicability of the information to any specific situation or circumstance. Intel and the McAfee logos are registered trademarks or trademarks of Intel Corporation or McAfee, Inc. in the US and/or other countries. Other names and brands may be claimed as the property of others.

Copyright ©2017 McAfee LLC. All rights reserved. Intel Corporation | 2200 Mission College Blvd. | Santa Clara | CA 95052-8119 | USA