patch4.txt

基于低成本传感器的捷联惯导对准方案研究

    to correctly write the "RepairBackupDirectory"
    registry value.

3.  ISSUE:
    When creating a user-defined detection in the
    Unwanted Program policy, the rule does not take
    affect immediately.  To enable the rule, the
    McShield service must be stopped and restarted.

    RESOLUTION:
    The McShield service has been updated to improve
    the monitoring of registry changes with the
    Unwanted Programs policy.

4.  ISSUE:
    VirusScan抯 ability to scan "floppy during
    shutdown" prevents proper shutdown of a system
    with a clean floppy in its drive.

    RESOLUTION:
    The On-Access Scanner has been updated to better
    handle the shutdown process.

5.  ISSUE:
    A crash was reported by customers and in
    Microsoft抯 Online Crash Analysis (OCA), during
    system start-up.

    RESOLUTION:
    The Link Driver was updated to correct
    synchronization issues during the start of
    processes.

6.  ISSUE:
    VirusScan does not correctly remove Buffer
    Overflow Protection process exclusions that are
    introduced by ePolicy Orchestrator or Protection
    Pilot.

    RESOLUTION:
    The VirusScan plug-in has been updated to
    properly remove old Buffer Overflow Protection
    registry values when ePolicy Orchestrator or
    Protection Pilot policies are enforced.

7.  ISSUE:
    When a detection occurs on an EMC network share
    (CAVA/Celera) and the file has the read-only
    attribute, the delete action fails.

    RESOLUTION:
    The Anti-Virus Filter and Link drivers where
    updated to properly remove the read-only
    attribute when taking action on files on the EMC
    share.

8.  ISSUE:
    Detections on a network share may leave behind
    zero byte files on the share.

    RESOLUTION:
    The Anti-Virus Filter and Link drivers were
    updated to ensure proper cleanup of detections
    on a network share.

9.  ISSUE:
    The On-Access Scanner functions in Console are
    not updating properly when Access Protection is
    disabled.

    RESOLUTION:
    The state of Self Protection is now correctly
    tracked by the On-Access Scanner Console
    plug-in.

10. ISSUE:
    The Self Protection feature of Access Protection
    is disabled after removing a Patch from the
    system.

    RESOLUTION:
    The MSP installer has been updated to fix a
    mismatched name between the custom action and
    installer execution sequence tables in the
    cached MSI file.

11. ISSUE:
    Interacting with Remote Console On-Demand Scan
    and AutoUpdate tasks caused the local tasks with
    the same id to be acted upon, instead of the
    remote task.

    RESOLUTION:
    The Update and On-Demand Scanner binaries were
    updated to properly call the remote task instead
    of the local one.

12. ISSUE:
    When you upgrade from VirusScan Enterprise 7.1
    or 8.0i to version 8.5i and choose to preserve
    settings, previously created console tasks do
    not display in the VirusScan console.

    RESOLUTION:
    The MSP Installer package has been updated to
    initialize the console tasks that were not
    previously initialized, so they display in the
    VirusScan console.

    NOTE:
    This fix is for those who used the originally
    released VirusScan Enterprise 8.5i.  The current
    8.5i repost package includes this fix.

13. ISSUE:
    With the McAfee Installation Designer (MID)
    option to "Allow Users to Uninstall" disabled,
    the UninstallString registry value was removed
    to prevent product removal.  This registry value
    was also used by ePolicy Orchestrator to
    determine that VirusScan was installed.

    RESOLUTION:
    The VirusScan Detection Script has been updated
    to check for the existence of the uninstall key,
    instead of the UninstallString value, to
    determine if the VirusScan Enterprise install
    package needs to be pushed to the client.

14. ISSUE:
    Some threats were not being detected in the
    Quarantine Manager by the rescan functionality.

    RESOLUTION:
    The Common Shell Scanner binaries have been
    updated to resolve this issue.

15. ISSUE:
    If McShield and McTaskManager Services were
    stopped and restarted in a specific order, the
    Access Protection and Buffer Overflow features
    remained disabled after the services started.

    RESOLUTION:
    The On-Access Scan Console plug-in has been
    updated to recognize the last known state of
    Access Protection and Buffer Overflow Protection
    when McShield service is stopped.

16. ISSUE:
    McShield service may crash when a configuration
    change occurs during scanning.

    RESOLUTION:
    The McShield service has been updated to
    properly change states when altering
    configurations.

17. ISSUE:
    Setting a user interface password for Access
    Protection did not prevent the ability for the
    user to right-click and disable that feature.
    The option to disable right-click ability is
    under the "Other" category (Console and
    Miscellaneous).

    RESOLUTION:
    The password functionality has been moved to the
    BehaviorBlocking console plug-in so that the
    right-click option is now included with the
    Access Protection password options.

18. ISSUE:
    The Buffer Overflow Protection displays a
    detection in the On-Access Messages window when
    the "Show the messages when a buffer overflow is
    detected" option is disabled.

    RESOLUTION:
    The On-Access Scan Statistics binary has been
    updated to properly suppress the Buffer Overflow
    detection when configured to do so.

19. ISSUE:
    On-Access Scanner抯 Network Drive Scanning
    causes network copy times to increase, more then
    what is normally expected, when this option is
    enabled.

    RESOLUTION:
    The Common Shell binaries have been updated to
    no longer request a certain level of access to
    the network file(s), which would always be
    denied.


PATCH 1 RESOLVED ISSUES

1.  ISSUE:
    Applications that perform operations with
    temporary files, such as printing, generate a
    "file missing" error.

    RESOLUTION:
    The link driver has been updated to correctly
    handle file operations that use the
    DeleteOnClose flag.

2.  ISSUE:
    When McAfee Policy Enforcer is pushed out to a
    system with VirusScan Enterprise 8.5i, McAfee
    trusted processes might trigger Access
    Protection rules. A reboot is required to
    correct the problem.

    RESOLUTION:
    The link driver has been revised to ensure
    trusted policies are propagated between
    instances of loaded drivers.

3.  ISSUE:
    Some files remain locked indefinitely.
    Third-party tools indicate that McShield.exe was
    leaking handles, thereby locking the file.

    RESOLUTION:
    The link driver has been updated to detect and
    handle the oplock break-in-progress status code
    and ensure file locks are released.

4.  ISSUE:
    Under certain conditions, VirusScan Enterprise
    scanner for Lotus Notes can mistakenly deny
    access to the Lotus Notes internal processes, if
    another Note is being accessed by the user. The
    message "You are not authorized to perform that
    operation" is displayed for the user.

    RESOLUTION:
    The Lotus Notes scanner binaries have been
    updated to resolve the issue.

5.  ISSUE:
    For non-English platforms, a control ID is
    displayed in the Status field of the On-Access
    Messages window, rather than the localized
    strings.

    RESOLUTION:
    The resource binary for the On-Access Scanner
    service has been updated to resolve this issue.

6.  ISSUE:
    When VirusScan Enterprise 8.5i is installed to
    Windows Vista 32-bit platforms, the Buffer
    Overflow Protection feature is not available.

    RESOLUTION:
    This Patch enables Buffer Overflow Protection
    for Windows Vista 32-bit environments.

7.  ISSUE:
    When a scheduled On-Demand Scan task fails to
    authenticate to a specified location, the user
    receives an erroneous error asking that
    VirusScan Enterprise be reinstalled.

    RESOLUTION:
    The localized binaries file has been updated to
    handle the specific event.

8.  ISSUE:
    ePolicy Orchestrator could fail to replicate
    distributed repositories when VirusScan
    Enterprise 8.5i is installed.

    RESOLUTION:
    The Common Shell binary has been updated to
    allow sharing of files with other processes.

9.  ISSUE:
    Users without local administrative rights are
    not able to use the Help file unless it was
    previously downloaded by an administrator.

    RESOLUTION:
    Non-administrative users can now download and
    use the current Help file.

10. ISSUE:
    Not all VirusScan Enterprise events can be
    filtered in ePolicy Orchestrator reporting.

    RESOLUTION:
    The extended reports NAP file has been updated
    to allow filtering of all VirusScan Enterprise
    events.

11. ISSUE:
    In certain circumstances, when a state change
    occurs with Access Protection, the On-Access
    Scanner cannot be disabled/enabled, and some
    Access Protection rules fail to log messages.

    RESOLUTION:
    The McTaskManager Service and Access Protection
    binaries have been updated to resolve this
    issue.

12. ISSUE:
    When resuming from the hibernate state, the
    system tray icon might be in the disabled state,
    reflecting the status of the On-Access Scanner.
    However, the scanner service is functioning
    normally.

    RESOLUTION:
    The system tray icon should always reflect the
    correct state of the On-Access Scanner when
    resuming from hibernation.


KNOWN ISSUES

1.  Some customers have reported seeing VirusScan
    Statistics (VShield) crashing/disappearing from
    the system tray. Refer to McAfee Support
    KnowledgeBase article 613892 for more
    information on this issue.

2.  If Host Intrusion Prevention 6.x or later is
    installed and disabled prior to VirusScan
    Enterprise, it is necessary to re-enable IPS and
    disable it again in order for VirusScan Buffer
    Overflow Protection to be properly enabled.

3.  Sporadic crashes of the McShield Service have
    been seen during the patch install, on systems
    running McAfee AntiSpyware Enterprise Module.
    The service recovers correctly at the end of the
    patch process.

4.  If you install this release interactively and
    cancel the installation on a system where a
    previous Patch was installed, after the rollback
    completes, the previous Patch no longer reports
    to ePolicy Orchestrator or appears in the "About
    VirusScan Enterprise" window.

5.  Installing the Patch and specifying a log file
    path using the Microsoft Installer (MSI) switch
    "/L" does not log to the specified path. A log
    file capturing full data is logged to the folder
    "McAfeeLogs" under the Temp folder.

6.  If the Lotus Notes client is open when this
    release is installed, the installation completes
    successfully, but a reboot is required to
    replace the McAfee Lotus scanner files. The new
    files are not used until after a reboot.

7.  Uninstalling VirusScan Enterprise Patches is now
    possible for computers running Windows Installer
    v3.x or later.  This technology is not fully
    integrated for Windows 2000 operating systems,
    so there is no option to remove the Patch in
    Add/Remove programs.  Please see instructions
    under "Removing the Patch" for removal via
    command-line options.

8.  Uninstalling VirusScan Patches is not available
    for Windows NT platforms, because Windows
    Installer v3.x is not supported on this
    platform. The Patch still installs to all
    platforms supported by VirusScan Enterprise
    8.5i.

9.  Patches for VirusScan Enterprise 8.5i can only
    be uninstalled via Add/Remove programs, not via
    ePolicy Orchestrator or Protection Pilot.


FILES INCLUDED WITH THIS RELEASE

This release consists of a package called
VSE85P4.ZIP, which contains the following files:

    PKGCATALOG.Z =
       Package catalog file
    PATCH4.TXT =
       This text file
    VSE850DET.MCS =
       VirusScan Enterprise detection script
    SETUP.EXE =
       Installer for this release
    SETUP.INI =
       Initialization file for SETUP.EXE
    PATCH4.MSP =