Release Notes for McAfee VirusScan Enterprise 8.8 - Beta 1

kafan_Seal

• About this document
• Beta product testing
• New features
• Known issues
• Where to find McAfee enterprise product information
• License attributions
  

About this documentThank you for using VirusScan Enterprise software. This document contains important information about this release. We strongly recommend that you read the entire document.
CAUTION: We do not support automatic upgrading of a pre-release version of the software. To upgrade to a production release of the software, you must first uninstall the existing version of the software.
The VirusScan Enterprise 8.8 release uses the following:

• Engine version: 5400.1158
• Detection definition (DAT): This version of VirusScan Enterprise software automatically downloads the latest version of the DAT files when the software is installed. Previously the DAT files were included in the installation executable.
  

Beta product testingThe beta version of this product is available for use until the beta product license expires on December 31, 2010.


New featuresNew and updated features in the VirusScan Enterprise 8.8 software release.
Performance improvementsThe major goal of the VirusScan Enterprise 8.8 software release is performance improvement. These improvements appear as reduced:

• On-access scan time
• On-demand scan time
• System startup time
  

The VirusScan Enterprise 8.8 software release caches previously scanned files in a common location where the software always checks before scanning files. This cache reduces duplicate file scanning and improves performance.

Windows Office 2010 supportThis release provides support for all Windows Office 2010 applications. Specifically adding on-access scanning of Microsoft Outlook 2010 email and attachment files.

ScriptScan exclusion supportScriptScan exclusion allows you to add the URLs of trusted scripts from known safe websites as white lists for VirusScan Enterprise 8.8. These ScriptScan exclusions reduce scanning and improve performance. This user interface feature is available in ePolicy Orchestrator 4.0, and greater, plus the VirusScan Console. Previously these excluded URLs required manual registry editing.



Known issuesKnown issues in this release of the software are described below.

• Installation
• Migrating policies and events in ePolicy Orchestrator
• Supported platforms and products
• Compatibility with other products
• Updating
• Remote console
• Miscellaneous
  

Installation

• Issue The following error appears during the VirusScan Enterprise 8.8 software installation if UNC shares are included in the environment PATH:  McAfee VirusScan Enterprise services will not start if UNC shares are included in the environment PATH.
  For example, the following environment PATH causes the failure because \\filehost\bin (\\hostname\share) is included: PATH=c:\windows\system32;\\filehost\bin;c:\tools\bin
  The following environment PATH works correctly: PATH=c:\windows\system32;c:\windows;c:\tools\bin
  (577342)
• Issue If McAfee Host Intrusion Prevention 8.0 is installed on the system, disable Intrusion Prevention Signature (IPS) 1002 before installing VirusScan Enterprise 8.8. (579612)
• Issue There is a know issue when upgrading from VirusScan Enterprise 8.7i to VirusScan Enterprise 8.8 when Microsoft Outlook is open during the upgrade. McAfee recommends you close Microsoft Outlook before installation of VirusScan Enterprise 8.8. (611045)
  

Migrating policies and events in ePolicy Orchestrator

• Issue The Policy Migration tool (ePOPolicyMigration.exe) upgrades VirusScan Enterprise polices and tasks from an earlier version of VirusScan Enterprise. This tool runs only one time per server. If you have both the VirusScan Enterprise 8.5 extension and the 8.7 extension installed on the same server, you must choose whether to upgrade policies and tasks from VirusScan Enterprise 8.5 or 8.7. You cannot upgrade both.
  Choose only one of these upgrade scenarios:
  
  
  
  • When upgrading VirusScan Enterprise 8.7 policies and tasks in ePolicy Orchestrator, first check in the extension, then execute the Policy Migration tool on the server.
  • When upgrading VirusScan Enterprise 8.5 policies and tasks, use the command-line option with the force switch as follows: ePOPolicyMigration.exe /force85
    
  
  NOTE: You can upgrade more than one version of the VirusScan Enterprise software to a later version in ePolicy Orchestrator, but you can upgrade only one version of VirusScan Enterprise policies and tasks to a later version.
  (403044)
  
• Issue The ePolicy Orchestrator Migration tool might fail to migrate the existing policies and tasks from an ePolicy Orchestrator Server that uses Windows NT authentication for ePolicy Orchestrator access. In some cases the ePolicy Orchestrator Migration tool needs to pass the SQL administrator password as a parameter for the ePolicy Orchestrator Migration tool.
  Workaround: When you run the ePOPolicyMigration.exe command from the command line, add the /PASSWORD switch and the SQL administrator password. For example, type: [path]\epopolicymigration.exe /password=sql_admin_password
  See the Migrating the ePolicy Orchestrator policies section of the McAfee VirusScan Enterprise 8.8.0 Installation Guide. It describes how to use the ePolicy Orchestrator /PASSWORD switch in the command line. (611047)
• Issue When you use the ePolicy Orchestrator Migration tool it fails and displays the following incorrect error message:
  "The most recent version of VirusScan Enterprise extension is not checked in. It must be checked in before running the migration tool."
  If the VirusScan Enterprise 8.8 extension is already checked in then this error is actually caused by bad password access to ePolicy Orchestrator. See the Migrating the ePolicy Orchestrator policies section of the McAfee VirusScan Enterprise 8.8.0 Installation Guide. It describes how to use the ePolicy Orchestrator /PASSWORD switch in the command line. (611046)
  

Supported platforms and products

• This version of VirusScan Enterprise supports Lotus Notes version 7.0x, and 8.0x through 8.5.1. See the VirusScan Enterprise 8.8 Installation Guide for information about supported operating systems.
  

Compatibility with other products

• Issue After installing VirusScan Enterprise 8.8 to a system where McAfee NAC 3.0 is installed, an infrequent failure might occur, preventing identification of McAfee services. You might see these symptoms:
  
  
  
  • A specified driver is invalid message is logged if you perform an update task before restarting.
  • A driver failed to load message is logged for one or both products.
  • The local system application event log contains event ID 5004.
    
  
  Workaround: Uninstall the failed product, restart the system, then reinstall the product.
  
• Issue NVIDIA® drivers might cause performance issues or system response failure. VirusScan Enterprise 8.8 might run at 100% CPU or cause the system to fail to respond when running on specified NVIDIA drivers. See KnowledgeBase articles KB614212 and KB65066 for more information about this issue. (388060)
  

Updating

• Issue Failure to access the repository is not logged in the VirusScan Enterprise 8.8 update log, but the failure is logged in the McAfee Agent log. The default location of the McAfee Agent log is: <drive>:\Documents and Settings\All Users\Application Data\McAfee\Common Framework\mcscript.log. (384749)
• Issue Silent update tasks performed from the command line still display the progress dialog box. The installation successfully completes, but the Update in progress dialog box appears when you run setup.exe /q RUNAUTOUPDATESILENTLY=TRUE from the command line. (399265)
• Issue Importing the Sitelist.xml file from the command line might fail. When you run setup.exe CMASOURCEDIR="<drive>:\Documents and Settings\<username>\Desktop\ from the command line to install the product and import the Sitelist.xml file from the Desktop, the installation successfully completes, but fails to import the Sitelist.xml file.
  To resolve this issue, use a Sitelist.xml file that was created by ePolicy Orchestrator agent 4.0. If the McAfee Agent 4.0 installation upgraded a previous installation of ePolicy Orchestrator agent 3.6.1, then it will produce a correct Sitelist.xml that can be imported by VirusScan Enterprise 8.8. (419467)
  

Remote console

• Issue When using the Remote Console feature to connect to Windows Vista systems, or later, you are unable to open Access Protection, Buffer Overflow, and Quarantine Manager dialog boxes for the remote systems and no error appears. This is because the Windows Vista, and later, systems do not automatically start the Remote Registry service and the Remote Console feature uses the Remote Registry service.
  Workaround: Before starting the Remote Console feature, you must manually start the Remote Registry service on the remote system using the following:
  
  
  
  • Click Start | Run and type services.msc. The Services dialog box appears.
  • Right-click Remote Registry in the Services (Local) | Name column and click Start.
    
  (581439)
• Issue When using the remote console feature to open Access Protection properties on a system with Windows Server 2008, it might take several minute to open the connection. (392825)
  

Miscellaneous

• Issue The Windows Security Center does not display the VirusScan Enterprise 8.8 status correctly. For example, from the Control Panel if you open the Windows Action Center display the following might appear as turned off:
  
  
  
  • McAfee VirusScan Enterprise
  • McAfee VirusScan Enterprise Antispyware Module
    
  
  Workaround: Modify the registry values using the following process:
  
  
  
  • In the Windows Run window, type regedit to display the Registry Editor.
  • Depending on your system, navigate to the following registry and change the REG_DWORD value to 1:
    
    
    
    • 32-bit systems — Change registry: HKLM\SOFTWARE\McAfee\DesktopProtection, value to the following:
      Name: bUseWscAVExe, Type: REG_DWORD, Data: 1
    • 64-bit systems — Change registry: HKLM\SOFTWARE\Wow6432Node\McAfee\DesktopProtection, value to the following:
      Name: bUseWscAVExe, Type: REG_DWORD, Data: 1
      
  • Click OK and close the Registry Editor.
    
  
  (592672)
• Issue When you configure a drive to exclude from on-access scanning, use a UNC path, not a mapped network drive. For example, if you type Z:, for the mapped network drive in the Set Exclusions dialog box, the files in the mapped drive are not excluded from on-access scanning. (546966)
• Issue Using extended character set characters when adding Default + additional file types to scan works differently than you expect when configuring either On-Delivery Email Scan Properties or Outlook On-Demand Scan. For example, if you add the file type &Atilde;b&Atilde; to the User-specified additional file types to scan, you expect the "xxxxx.&Atilde;b&Atilde;" to be scanned. But, both of the following files are scanned:
  
  
  
  • xxxxx.&Atilde;b&Atilde;
  • yyyyy.&Atilde;bc
    
  
  This is expected behavior when using the extended character set characters. NOTE: This only occurs on some Windows 64-bit systems using Windows Outlook 2010 x64 Professional Edition.
  
  To scan only the file type &Atilde;b&Atilde;, configure an exclusion using the wildcard characters ? or *. For example, configure an exclusion using &Atilde;b? or &Atilde;*.
  (586207)
• Issue Windows Action Center shows VirusScan Enterprise and the AntiSpyware Enterprise Module are turned off even when they are actually turned on. This will be addressed prior to release of VirusScan Enterprise 8.8. (592672)
• Issue The VirusScan Console crashes when you add a UNC file share requiring credentials and using Tools | Import AutoUpdate Repository List to add to the site list.
  This should be fixed in the next release of the McAfee Agent 4.5. (591137)
• Issue If you select Tools | Edit AutoUpdate Repository List, from the VirusScan Console, it triggers an invalid access error. This error causes the console process to crash.
  This should be fixed in the next release of McAfee Agent 4.5. (559521)
• Issue The McAfee email scanner for Lotus Notes does not use the Quarantine Manager to quarantine detected threats. Consequently, if you configured the email scanner first action to Clean attachments or Delete attachments, the original version of the detected threat is no longer available for recovery, or restoration after the clean or delete action is taken on the detection. If you want the original version of the detected threat to be available after the action is taken on the detection, McAfee recommends you set the first action to Move attachments to a folder and specify a quarantine folder. When this move action is enabled, the original detected threat is moved to the specified quarantine folder with the .MCM extension appended to the detection. NOTE: If you enable the Move attachments to a folder option on client systems you should always have the on-access scanner enabled so those files may not inadvertently be accessed by a user.
  (430862)
• Issue When running VirusScan Enterprise 8.8 on a system with Microsoft Windows Server 2008, the on-access scanner might fail to delete a detected file from a network shared folder. The on-access scanner’s ability to delete a detected file is not guaranteed on network file systems. In this case, if the detected file is not deleted, the file content is removed and the remaining file size is zero. (431158)
  

http://download.nai.com/downloadproductroot/evaluation/virusscan/version_8.8/readme_pl.html


现在还是内部测试，网上找了下，没找到下载。。。。

猫大叔

8.8竟然出来了。

orck4

果然有了。。。不过p4好像问题还没解决，这个8怎么样呢

liangmoge

太震撼了……

liangmoge

要是这样的话估计到2012世界末日也看不到9.0版本……

zhousf

好消息.等待RTW.

72380656

不错啊

ok81893

现在的MCAFEE越来越卡CPU，老机器跑不动了哦

qpwallis

仅仅是性能提升。缩短扫描时间。

大猫熊

Great！