Loading...

Knowledge Center


VirusScan Enterprise 8.8 Known Issues
Technical Articles ID:   KB70393
Last Modified:  9/7/2017
Rated:


Environment

McAfee VirusScan Enterprise (VSE) 8.8

For details of VSE 8.x supported environments, see KB51111.

Summary

{GENRN.EN_US}

WARNING: VSE 8.8 Patch 7 and earlier are not compatible with the Microsoft Windows 10 Anniversary Update. Support for the Windows 10 Anniversary Update is included in VSE 8.8 Patch 8 or later. Do not install VSE 8.8 Patch 7 or earlier on systems running the Windows 10 Anniversary Update. Likewise, Do not upgrade systems running VSE 8.8 Patch 7 or earlier to the Windows 10 Anniversary update.
 
Product Version Released to World 
(RTW)
Release
Notes
Comments
VSE 8.8 Patch 8/9 Hotfix 1187884 May 3, 2017 PD27055  
VSE 8.8 Patch 9 March 31, 2017 PD26992  
VSE 8.8 Patch 8 Hotfix 1159675 October 25, 2016 PD26740  
VSE 8.8 Patch 8 August 29, 2016 PD26631 Reposted September 19, 2016. See KB87783.
VSE 8.8 Patch 7 February 12, 2016 PD26382  
VSE 8.8 Patch 5 or 6 Hotfix 1087536 October 18, 2015 PD26238  
VSE 8.8 Patch 6 August 26, 2015 PD26069  
VSE 8.8 Patch 5 May 19, 2015 PD25913  
VSE 8.8 Patch 4 February 18, 2014 PD24834  
VSE 8.8 Patch 3 January 8, 2013 PD24224 Reposted January 14, 2013
VSE 8.8 Patch 2 Hotfix 77810 November 2, 2012 KB76727  
VSE 8.8 Patch 2 September 5, 2012 PD23934  
VSE 8.8 Patch 1 October 26, 2011 PD23408 Reposted November 14, 2011
VSE 8.8 January 20, 2011 PD22972  


{VSE88PATCHES.EN_US}

Recent updates to this article
{GENSUB.EN_US}
Date Update
September 07, 2017 Added new entry covered by KB89771 / Ref 1210003.
August 17, 2017 Updated KB87096 reference to change from Patch 7 to Patches 7-9
July 25, 2017 Added a new entry, McShield.exe and high CPU utilization when running On-Demand scans.
July 18, 2017 Removed link to KB86977, correct link is KB87096.
June 30, 2017 Added a new entry 1194181/KB89550 covering a Windows Server 2008 R2 64-bit
June 08, 2017 Added new entry 1175605/KB79673 covering an Outlook issue.
May 22, 2017 Added VSE 8.8 Patch 8/9 Hotfix 1187884 and KB89030 details.
April 9, 2017 Several new issues added, resolved with VSE 8.8 Patch 9.
February 21, 2017 Updated issue 1132510 that it applies to both Patch 7 and 8.


Known Issues:

CRITICAL:
 
Reference
Number
Related Article Found Version Resolved Version Issue Description
Critical known/resolved issues section
1210003
 
KB89771 VSE 8.8
Patch 9
VSE 8.8
Patch 10
Issue: Random system crash (blue screen) with references to BugCheck 133, DPC_WATCHDOG_VIOLATION and mfefirek.sys
Resolution:  {VSE88P10.EN_US}
1187884 KB89030 VSE 8.8 VSE 8.8
Patch 8/9

HF1187884
Issue: Microsoft Windows supports a method for loading DLLs into running processes that leverages the Image File Execution Options (IFEO) registry key. With VSE 8.8 Patch 1 to 9, it is not possible to use VSE Access Protection rules to block entries for IFEO Image File Execution Options cannot be blocked by Access Protection rules
1188534 KB89057 VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Installations or upgrades of VSE to Patch 1 to 8 fail due to an untrusted DLL.
  • The VSE patch log records the error:
    "Error Install_SysCore_AddAACStickyPolicy returned actual error code 1603".
  • VSE 8.8.0 installation log records the error: 
    "HidlinkGuid._VALIDATION_, GetEntryModuleCertificateName: Re-query for signer of \DEVICE\HARDDISKVOLUME2\WINDOWS\SYSTEM32\
    BCRYPTPRIMITIVES.DLL failed!"
1157106 KB88264 VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Installation of VSE becomes unresponsive when the mcupdate.exe no longer generates a session 0 error dialog box.
Mcupdate.exe generates the following error during installation:
"McAfee AutoUpdate Properties - AutoUpdate"
"Failed to initialize Common Updater subsystem. Make sure the McAfee Framework Service is running. McAfee-Common Framework returned error fffff95b @ 2"
 
1160889 n/a VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Excessive installation times (25 minutes or more).
Resolution: VSE 8.8 Patch 9 removes unnecessary access calls, reducing the amount of time it takes to install VSE.
1194181
1176496
KB89550 VSE 8.8
Patch 7
 
VSE 8.8
Patch 9
Issue: Random system crash (blue screen) Bugcheck 3B on Windows Server 2008 R2 64-bit systems that have VSE 8.8 Patch 7 installed.
1168737 KB88340 VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: In very rare circumstances, a system may experience a system crash (blue screen error) with the following BugCheck code: BugCheck 18 - REFERENCE_BY_POINTER. The BugCheck can occur if the driver mfewfpk.sys references an invalid object used by the kernel.
1146681 KB89066 VSE (RTW) VSE 8.8
Patch 9
Issue: System crash (Blue screen) when accessing exFAT-formatted removable media encrypted with File & Removable Media Protection.
1161216 n/a VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: Random system crash (blue screen) occurs on systems with more than 10 McAfee products installed.
Resolution: Mfehidk.sys reference count now resets to 0 after a product is installed.
1150270 n/a VSE 8.8
Patch 6
VSE 8.8
Patch 9
Issue: Systems become unresponsive due to McShield reporter threads prematurely exiting.
1155750 n/a VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: Changes to Arbitrary Access Control causes Windows System Restore Points to fail to load. After system restart the restore fails showing an Access Denied error code.
1162190   VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: System crash (blue screen) bugcheck 7E that reference the mfehidk.sys driver on Microsoft Clustered Servers running Windows Storage Server.
1174550 n/a VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: System crash (blue screen) occurs when Internet Explorer starts and ScriptScan COM object is enabled.
1178550 n/a VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: VSE events do not get processed, they remain in the folder "C:\Program Files (x86)\McAfee\ePolicy Orchestrator\DB\Events"
Resolution: Events from devices that report merged IP4 and IPv6 addresses now correctly parse and send to the McAfee ePO database.
1180207 KB88785 VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: In rare circumstances a scheduled or manually triggered On-Demand Scan (ODS) may fail to complete with the respective scan process scan64.exe/scan32.exe terminating unexpectedly.
Workaround: Delete all temporary files in user temp directories and system temp directories.
1148779
1148915
KB87551 VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Upgrading to VSE 8.8 Patch 8 might fail if Host Intrusion Prevention 8.0 Patch 8 is already installed.
Workarounds:
  • Upgrade VSE 8.8 to Patch 8 before you install or upgrade to Host IPS 8.0 Patch 8.
  • If Host IPS 8.0 Patch 8 is already installed, restart the system before you install or upgrade to VSE 8.8 Patch 8.
1153218
1155418
KB87705 VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Installing or upgrading VSE 8.8 Patch 8 results in intermediate certificates being incorrectly installed in the Trusted Root Certification Authorities certificate store instead of the Intermediate Certification Authorities certificate store. This could potentially cause problems on some IIS servers, which reject non-self-signed certificates in the Trusted Root Certification Authorities.
Workaround: You can move the certificate from the Trusted Root Certification Authorities certificate store to Intermediate Certification Authorities certificate store locally (manually), or use an Active Directory group policy for wide deployment. See the related article.
1155333 KB87783 VSE 8.8
Patch 8
VSE 8.8 Patch 8
(Repost)
Issue: VSE is not compatible and cannot be deployed with the Installation Designer software using the originally posted VSE 8.8 Patch 8 package (build 8.8.0.1588).
Resolution: This issue is resolved in the September 19, 2016, repost of VSE 8.8 Patch 8 (build 8.8.0.1599).
1153407 KB87658 VSE 8.8
Patch 8
Host-IPS 8.0
Patch 8
Issue: Installation of any product that includes SysCore 15.5 breaks the trust in Host IPS 8.0 Patches 5 - 7. This includes:
  • McAfee Agent 5.0.4
  • Endpoint Security 10.2
  • VSE 8.8 Patch 8
Resolution: See the related article for details.
1108063
1076480
1076975
1091583
KB86279 VSE 8.8 Patch 6 VSE 8.8
Patch 8
Issue: Systems with VSE 8.8 Patch 6/7 can experience random BugChecks with mfehidk always fairly low in the stack. The BugCheck string might vary, depending on which operation failed at the time of the BugCheck.
1149594 KB87677 VSE 8.8 RTW
Patch 1-7
VSE 8.8
Patch 8
Issue: The Windows 10 Anniversary Update is not compatible with VSE 8.8 Patch 7 and earlier. Microsoft did not emplace upgrade prevention protection when VSE 8.8 Patch 7 or prior is installed.
Workaround: Delay upgrading to the Windows 10 Anniversary Update or ensure that VSE 8.8 Patch 8 is installed before upgrading Windows 10 to the Windows 10 Anniversary Update. See the related article for additional details.
1126095 KB87281 VSE 8.8 Patch 7 VSE 8.8
Patch 8
Issue: Systems with multiple McAfee products that use SysCore installed (such as VSE 8.8 Patch 7 and McAfee Agent 5.x or Host IPS 8.x) hang at startup.
Workaround: Disable Prefetch startup options. See the related article.
1127437
1124530
KB87105 VSE 8.8
Patch 7
VSE 8.8
Patch 8
Issue: VSE 8.8 Patch 7 is unable to upgrade stand-alone systems running older versions of the stand-alone McAfee Agent. Affected products include VSE 8.8 Patches 2-5. Issue discovered: March 30, 2016.
Workaround: Uninstall the older version of VSE 8.8 and install from a freshly downloaded copy of VSE 8.8 with the latest patch level, or update the McAfee Agent to a version supported for VSE 8.8 Patch 7 upgrade (see KB51111 for a list of supported environments, including McAfee Agent versions).
1123565 KB86694 VSE 8.8 Patch 7 VSE 8.8
Patch 8
Issue: "Prevent Windows Process spoofing" AP rule blocks legitimate processes after upgrading to SysCore 15.4.0.811.
Resolution: This issue is under investigation.
Workaround: See the related article.
1129321
1126611
KB86909 VSE 8.8 Patch 7 Host-IPS Issue: VSE 8.8 Patch 7 upgrade fails if the Host Intrusion Prevention feature "Startup IPS protection enabled" is enabled. Issue discovered: March 15, 2016.
Resolution: This issue was resolved in the Host IPS Startup Protection rules included with the May 2016 content release.
Workaround: For available workarounds, see the related article.
1122581 n/a VSE 8.8 Patch 7 ENS
10.1
Issue: If you upgrade to the Endpoint Security (ENS) 10.1 RTW release, VSE will be uninstalled but ENS will fail to install.
Workaround: If you are planning an upgrade from VSE 8.8 Patch 7 to ENS 10.1, you must upgrade to ENS 10.1 Patch 1 or later.
1134651 KB87463 VSE 8.8 VSE 8.8
Patch 8
Issue: Windows Server 2008 (64-bit) servers can hang or become unresponsive after installing VSE 8.8 Patch 7 or earlier.
Workaround: Work with Technical Support. See the article for details.
908732 - VSE 8.8 Patch 4  VSE 8.8 Patch 8 Issue: Outlook hangs during or immediately after Patch 4 installation. If Outlook hangs sometime after the Patch 4 installation, this issue is not applicable.
1099913 KB85860 VSE 8.8
Patch 6
 VSE 8.8
Patch 7
Issue: BugCheck failures on startup for systems with NUMA processors. See the related article for additional information.
1082074
1104094
KB86124 VSE 8.8
Patch 6
VSE 8.8
Patch 7
Issue: Non-page pool memory leak in pool tag MFeB occurs when Access Protection is enabled. See the related article for additional information.
1101766 n/a VSE 8.8
Patch 6
VSE 8.8
Patch 7
Issue: Environments that use both Microsoft App-V and ScriptScan encounter patch upgrade failures because of files that are still in use. The Patch 6 upgrade fails initially, but succeeds after a reboot. See the related article for additional information.
Workaround: Disable the ScriptScan feature before you perform the upgrade to Patch 6. The policy change avoids the issue and can be enabled again after the upgrade completes.
1108063
1110708
1100280
KB86341
KB86259
VSE 8.8
Patch 6
VSE 8.8
Patch 7
Issue: BugCheck 7E occurs randomly
n/a n/a VSE 8.8 Patch 6 VSE 8.8
Patch 7
Issue: Data Loss Prevention (DLP) customers: This release upgrades a common component used by DLP, which may cause the system to hang.
Workaround: Customers using DLP 9.4.0 are advised to delay installing VSE 8.8 Patch 6 until further notice. Development is in progress for updating the DLP 9.4 version to work with VSE 8.8 Patch 6. This updated release will be required prior to installing VSE 8.8 Patch 6. This article will be updated as more detail becomes available.
1090227 KB85551 VSE 8.8 Patch 6 VSE 8.8
Patch 7
Issue: VirusScan threat events do not parse to the ePolicy Orchestrator (ePO) database with VSE Reports Extension 1.2.0.263.
Solution: This issue is resolved in the updated Reporting Extension, build 264 (or later), VIRUSCANREPORTS120(264).zip.
NOTE: VSE 8.8 Patch 7 is shipped with the Reporting Extension, build 1.2.0.272.
1082177 KB85293 VSE 8.8 Patch 4/5/6 VSE 8.8
Patch 7
Issue: Blue screen error (BSOD), BugCheck 8E, occurs randomly on Windows Server 2008 32-bit systems.

n/a

KB84987 VSE 8.8 Patch 5 VSE 8.8
Patch 6
Issue: Hyper-V VMs using pass-through disks will not boot after installing VSE 8.8 Patch 5.
Resolution: See the related article.
1075054 n/a VSE 8.8 Patch 5 VSE 8.8
Patch 6
Issue: BugCheck 22 citing CsvFs!CsvFsExceptionFilter when VSE 8.8 Patch 5 is installed in a Cluster server environment.
1148613 KB87668 VSE 8.8 Patch 5 Host-IPS 8.0
Patch 5
Issue: Access Protection and On-Access Scanner are disabled after installing VSE 8.8 Patch 5 or later on a system with Host IPS 8.0 Patch 4 or earlier.
Resolution: Upgrade Host IPS 8.0 to Patch 5 or later.

954838

KB81529 VSE 8.8 Patch 4 VSE 8.8
Patch 5
Issue: A BugCheck 50 can occur randomly when files are being scanned. So far, this has been reported only on server-class systems.
Workaround: Refer to the related article for details.
n/a n/a VSE 8.8
Patch 5
VSES
1.2.0
WARNING: 
  • VSES 1.0.2, 1.0.3, and 1.1.0 are not compatible with products that install SysCore 15.3 or 15.4. This includes:
    • VSE 8.8 Patch 5 and 6
    • Host Intrusion Prevention (HIP) 8.0 Patch 6
    • McAfee Agent (MA) 5.x
  • VSES 1.0.2, 1.0.3, and 1.1.0 are compatible with products that install SysCore 15.1 or prior. This includes:
    • VSE 8.8 Patch 4
    • HIP 8.0 Patch 4
    • MA 4.x
  • VSES 1.2.0 is compatible with products that install SysCore 15.4.0.811 or later. This includes:
    • VSE 8.8 Patch 7 and later
    • HIP 8.0 Patch 7 and later
    • MA 4.8.x (MA 4.8.x does not drop or consume SysCore and is therefore compatible.)
    • MA 5.0.2.333 and later (Prior versions of MA 5.x are not compatible.)
831805 KB77066 VSE 8.8 Patch 3 VSE 8.8
Patch 4
Issue: All VSE policies are lost when the Patch 3 Management Extension fails to check in.
695931 KB74927 VSE 8.8 Patch 3 VSE 8.8
Patch 4
Issue: VSE 8.8 On-Demand Scan32.exe or Scan64.exe uses very large amounts of memory.
778101
761179
KB75462 VSE 8.8 Patch 3 VSE 8.8
Patch 4
Issue: User Session IDs are not recycled and CSRSS.exe sessions are not closed.
n/a n/a VSE 8.8 Patch 3 VSE 8.8
Patch 4
Issue: BugCheck 24 or 8E errors displayed on shutdown of  VSE 8.8.
n/a KB75858 VSE 8.8 Patch 2 SAE 3.5
Patch 1
Issue: SiteAdvisor Enterprise (SAE) 3.5.0 displays an orange browser balloon (GTI server unavailable) for all sites after installing VSE 8.8 Patch 2.

NOTE: Install SAE 3.5 Patch 1. To obtain the hotfix refer to the article.
695931 KB74927 VSE 8.8 Patch 2 VSE 8.8
Patch 4
Issue: VSE 8.8 On-Demand Scan32.exe or Scan64.exe uses very large amounts of memory.
778101 761179 KB75462 VSE 8.8 Patch 2 VSE 8.8
Patch 4
Issue: User Session IDs are not recycled and CSRSS.exe sessions are not closed after logging out on Windows Server 2008 Patch 1.

Solution: This issue was originally resolved in VSE 8.8 Patch 2 Hotfix 778101, which is no longer available. Install the latest VSE 8.8 patch.
n/a n/a VSE 8.8 Patch 2 VSE 8.8
Patch 4
Issue: BugCheck 24 or 8E errors displayed on shutdown of VSE 8.8.
726019 KB73722 VSE 8.8 Patch 1
Host DLP
9.2 Patch 1

Host DLP
9.1 Patch 2
Issue: Intermittent BugChecks (blue screen errors) might occur when running VSE 8.8 Patch 1 with Host DLP 9.x.
Resolution: This issue is resolved in the following patches:
  • Host DLP 9.2 Patch 1 - this patch was Released To World (RTW) on April 11, 2012.
  • Host DLP 9.1 Patch 2 - this patch was RTW on April 16, 2012.
These patches are available from the Product Downloads site.
657097  KB71206 VSE 8.8 VSE 8.8
Patch 1
(Repost)
Issue: VSE cache persistence can trigger issues with Windows 2000 registry size limitations.
Resolution: This issue was resolved in VSE 8.8 Patch 1 Repost and later. This disables cache persistence by default.
For VSE 8.8 cache persistence best practices, see KB71905.
638935 n/a VSE 8.8 Host IPS Issue: If Host IPS 7 is installed, you must update to the latest Host IPS content before you upgrade from VSE 8.7i to VSE 8.8.
Resolution: Update Host IPS content; for more information see:
  • KB55211 - Manual update of Host IPS 8.0 / 7.0 signatures from the CommonUpdater site.
  • KB66449 - How to check in Host IPS content manually to ePO server repository.
662684  KB71660 VSE 8.8 VSE 8.8
Patch 1
Issue: When ScriptScan is disabled, you see the application error pop-up message: The instruction at "0x1449603e" referenced memory.
684965 KB72202 VSE 8.8 VSE 8.8
Patch 1
Issue: The distribution of VSE 8.8 Hotfix 660014 and Host IPS Hotfix 660568 was initially stopped because of a potential installation failure of McAfee Agent 4.x when it is installed after the hotfix is applied and VSE Access Protection is enabled.
 
Critical - Expected Behavior
Reference Number Related Article Found Version Resolved Version Issue Description
1135366
1133615
KB87162 VSE 8.8 Patch 7 - Issue: VSE 8.8 Patch 7 installation fails with the following error:

Error 1722. There is a problem with this Windows Installer package. (AddAACStickyPolicy)

Issue discovered: May 4, 2016.
Resolution: You must first identify which third-party DLL is injected into the process, then implement one of the several available workarounds, see the related article.
n/a n/a VSE 8.8 Patch 6 - IMPORTANT: Installing VSE by launching the .MSI package directly is no longer supported. The installation must be performed from the SetupVSE.exe bootstrapper to avoid risk of the installation being blocked by self-protection mechanisms (Access Protection or Arbitrary Access Control). Launching SetupVSE.exe also helps to ensure that no incompatible software is present on the device

NOTE: VSE 8.8 Patch 8 and later include constraints to prevent the execution of the .MSI or .MSP packages to install or upgrade VSE. The packages cannot perform actions such as installation prerequisite checks to block installation on incompatible environments. The following is extracted from the VSE 8.8 Patch 8 release notes (PD26631):

"Using .MSI or .MSP to start VirusScan Enterprise is now blocked and produces this error message: "You must use SETUPVSE.EXE or SETUP.EXE to start VirusScan Enterprise installation""

1161468 n/a VSE 8.8
Patch 3
- Issue: Upgrading from VSE 8.8 Patch 3 and earlier is no longer supported to later versions.
n/a n/a VSE 8.8
Patch 2
- Issue: After installing VSE 8.8 Patch 2, you must restart the MOVE-AV service or restart the system.
 
Critical - Known/Unresolved issues section
Reference Number Related Article Found Version Resolved Version Issue Description
1175605 KB79673 VSE 8.8
Patch 9
n/a Issue: Outlook 2010/2016 temporarily becomes unresponsive when receiving emails with large attachments when the VSE 8.8 Patch 9 On Delivery Email Scanner is installed.
Workaround: To improve the amount of time the initial pause occurs, turn on Cached Exchange Mode. To turn this option on and to review other performance improvement tips for VSE 8.8, see the Related Article. 

NOTES: Expected behavior of the VSE Outlook Email Scanner:

  • Outlook is intentionally paused while both the message attachments and body are downloaded locally and scanned to prevent access to the email.
  • After scanning, the Outlook client will download the message attachments and body again for the user.
1173721 KB88532 VSE 8.8 Patch 8 n/a Issue: After installing MA 5.x and then VSE, the McAfee Validation Trust Protection service is not running and the On-Access Scanner is disabled.
Workaround: There is an applet available to correct the problem. See the related article.
1132510 KB87669 VSE 8.8
Patch 7-8
n/a Issue: In rare cases a BugCheck 19 error (blue screen error) is possible for mfefirek.sys.
 
1130166
1127459
KB87096 VSE 8.8 Patches 7-9 n/a Issue: VSE 8.8 Patches 7-9 installation fails because of a certificate chain failure. Issue discovered: March 18, 2016.
Workaround: For available workarounds, see the related articles.
1123044 KB85374 VSE 8.8
Patch 7-8
n/a Issue: VSE 8.8 Patch 7 installs SysCore 15.4.0.811. All McAfee products that install SysCore 15.4.x.x have vital service dependencies on Cryptographic Services (the Microsoft Cryptographic Service) and Power (the Microsoft User Mode Power Service). Issue discovered: February 23, 2016.

NOTE: This issue was discovered in Patch 7, and persists in Patch 8.
Workaround: If you install a McAfee product that upgrades to SysCore 15.4.x.x, these services must both be present, and you must permanently set these two services to Automatic, or the product will not install. If the services are changed after installation, the product or entire system functionality will fail or be greatly impacted.

NOTES:
  • The service start must be set to Automatic without delay. Setting this service to Automatic (Delayed Start) in the Service Control Manager drop-down list will not resolve issues. If either service is not present, contact Microsoft for assistance.
  • Windows XP Embedded 2009, Windows Server 2008, and Windows Vista do not have the Power service. SysCore 15.4.x.x, when installed on these nodes, retains the dependency on the Cryptographic Services service but does not have a dependency on the non-existent Power service.
 
Critical - Third-Party Known/Resolved Issues
Reference Number Related Article Found Version Resolved Version Issue Description
n/a KB85870 VSE 8.8 Patch 7 Microsoft Issue 1: ePO or MA installation fails with the following error:

Error 1911.Could not register type library for file C:\Program Files (x86)\McAfee\Common Framework\ComponentUserInterface.dll

Issue 2: VSE 8.8 Patch 7 installation fails with the following error in the MSI installation log:

Error 1722.There is a problem with this Windows Installer package. A program run as part of the setup did NOT finish as expected. Contact your support personnel or package vendor. Action Install_SysCore_AddAACStickyPolicy, location: C:\windows\Installer\MSIE635.tmp, command: AddAACStickyPolicy

Issue discovered: May 4, 2016.

Workaround: For available Microsoft workarounds, see the related article.
 
 

Non-critical:

Non-critical known/resolved issues section
Reference
Number
Related Article Found Version Resolved Version Issue Description
1161471 KB87857 VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Access Protection creates false reports against a rule that is disabled for reporting.
1165693   VSE 8.8
Patch 8
VSE 8.8
Patch 9
Issue: Self Protection blocks the Windows Sysprep tool. During a system startup the sysprep tool fails to complete the configuration. The following error is shown: 'Windows could not finish configuring the system".
1173168 KB88318 VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: The VirusScan Enterprise tray icon and McAfee Agent tray icon are both shown running in the Windows system tray. Only the McAfee Agent icon should be shown.
1161386 - VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue:  VSE incorrectly installs two intermediate certificates under "Trusted Root Certification Authorities".
Resolution: COMODO RSA Code Signing CA and VeriSign Class 3 Code Signing 2010 CA certificates now correctly install in the Intermediate Certification Authorities location.
1153943 - VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: From the Help on the client, selecting Submit a Sample Page fails to opens the correct page. The Following error is shown:
"The Host is not resolvable.URL: www.webimmune.net/?id=0000. For assistance, please contact the Security Operations Center".
1173314 - VSE 8.8
Patch 7
VSE 8.8
Patch 9
Issue: On-Access Scanner (OAS) randomly closes on a small number of systems. OAS disabled events are sent to ePO at system startup.
Resolution: MFEANN.exe now automatically restarts if it unexpectedly closed.
1124029 KB88440 VSE 8.8
Patch 6
VSE 8.8
Patch 9
Issue: VirusScan Enterprise Outlook plug-in prevents new emails from being sent or received when custom scripts are running in Outlook 2010.
941388 - VSE 8.8
Patch 2
VSE 8.8
Patch 9
Issue: Once the default AutoUpdate task is enabled, it cannot be disabled, based on the policy that was sent from McAfee ePO.
1127379 KB87172 VSE 8.8
RTW
VSE 8.8
Patch 9
Issue: Lightweight Directory Access Protocol (LDAP) communications increase when scanning Information Rights Management (IRM) protected files after updating to the 5800 Scan Engine.
1144892 - VSE 8.8
RTW
VSE 8.8
Patch 9
Issue:  Access Protection rules now correctly protect targets in Program Files and Program files (x86), and no longer protect unintended paths.
1159675 PD26740 VSE 8.8
Patch 8
VSE 8.8
Patch 8
HF1159675
Issue: Hotfix 1159675 uninstalls Microsoft Windows Defender from Windows Server 2016. 
This is required when running VSE on Windows Server 2016 because of possible performance-related issues when running more than one default security application.
966892 KB84913 VSE 8.8
Patch 6
VSE 8.8
Patch 7
Issue: Access Protection rules are not visible in the ePO console after checking in the Patch 5 or Patch 6 management extension.
1073810 n/a VSE 8.8
Patch 6
VSE 8.8
Patch 7
Issue: Detection count is inconsistent with detections displayed in the On-Demand Scan (ODS) progress window.
1077854 n/a VSE 8.8
Patch 6
DLP
9.4 Patch 1
Issue: Outlook closes unexpectedly (crashes) when sending mail after installing VSE 8.8 Patch 6 on systems with DLP 9.4.0 (RTW).
Resolution: Upgrade to DLP 9.4 Patch 1 or later.
1090908 KB85293 VSE 8.8
Patch 5
VSE 8.8
Patch 7
Issue: BugCheck 8E with VSE 8.8 Patch 5.
1089232
1088707
n/a VSE 8.8
Patch 5 or 6
HF1087536
MA 5.0.2
HF1091027
Issue: Host DLP and Policy Auditor event generation fail with McAfee Agent 5.0.x when VSE 8.8 Patch 5 or 6 HF 1087536 is installed.
Resolution: This issue is fixed with McAfee Agent 5.0.2 HF 1091027.
940611 n/a VSE 8.8
Patch 5
VSE 8.8
Patch 6
Issue: Upgrading to Patch 5 from Patch 1 does not update the strings.bin file, causing the Help menu option for Known Issues to display as IDS_MENU_KNOWNISSUES.
1046952 n/a VSE 8.8
Patch 5
VSE 8.8
Patch 6
Issue: Access Protection fails to block a registry action when the protected key contains extended characters.
934907 n/a VSE 8.8
Patch 4
VSE 8.8
 Patch 5
Issue: Registry entries are still present after uninstalling the VSE 8.8 product using Add/Remove Programs. The registry remnants do not affect reinstallation of the product.
908985 n/a  VSE 8.8
Patch 4
 VSE 8.8
Patch 5
 Issue: There is no option to uninstall the VSE 8.8 Patch 4 in the Add/Remove Programs applet.
900042 n/a VSE 8.8
Patch 4
VSE 8.8
Patch 5
Issue: VSE Patch 4 does not install on 64-bit systems running VSE Patch 1.
1031673 KB83808

VSE 8.8
Patch 4 HF929019

VSE 8.8
Patch 5

Issue: Access Protection rules are disabled (not being enforced) because of an invalid character in the rule policy.
Solution: This issue was resolved in VSE 8.8 Patch 5 and later.
1020874 n/a VSE 8.8
Patch 4
VSE 8.8
Patch 5
Issue: System stops responding during boot when applying Microsoft updates.
Cause: A TrustedInstaller.exe thread locks a resource found at nt!CmpRegistryLock, with mfehidk and mfeavfk in the stack.
940611 n/a VSE 8.8
Patch 4
VSE 8.8
Patch 5
Issue: Upgrading to Patch 4 from Patch 1 does not update the strings.bin file, causing the Help menu option for Known Issues to display as IDS_MENU_KNOWNISSUES.
929420 n/a VSE 8.8
Patch 4
VSE 8.8
Patch 5
Issue: When launching the VSE console on x64 systems the following notification dialog is seen: "Failed to connect to computer '.'."
Workaround: Restart the McTaskManager service. This symptom has multiple causes. Some are resolved with Patch 5 and later; however, there may yet be other causes to identify.
928622
958626
KB81595 VSE 8.8
Patch 4
VSE 8.8
Patch 5
Issue: The W3WP.exe process on web servers may exhibit high CPU, and Dropbox exhibits performance symptoms after installing VSE 8.8 Patch 4.
802430  n/a VSE 8.8
Patch 3
VSE 8.8
Patch 4
Issue: Access Protection rules except "User Defined" are not displayed when accessed via a Remote Console.
820636 823110 KB77043 VSE 8.8
Patch 2, 3
VSE 8.8
Patch 4
Issue: Client system properties in ePO report that the On-Access Scanner is running even when certain conditions on client systems prevent scanning. See the related article for details.
NOTE: Previously resolved with VSE 8.8 Patch 1, 2 and 3 Hotfix 820636.
851415  n/a VSE 8.8
Patch 2
VSE 8.8
Patch 4
Issue: McShield service fails indicating Event ID 5019, a process crash. This occurs randomly and only in the presence of an Extra.DAT file.
n/a KB75462 VSE 8.8
Patch 2
VSE 8.8
Patch 4
Issue: After you apply Windows Server 2008 R2 Service Pack 1, CSRSS.exe sessions have open session objects even after the active user session is closed.
739627 n/a VSE 8.8
Patch 2
VSE 8.8
Patch 4
Issue: After running the query 'VirusScan version', the query correctly reports all the VSE versions installed in the environment and provides a list of managed machines distinguishing between Workstations and Servers. However, selecting to then view the table under Servers for one VSE specific version (for example 8.8.0.849), results in the drill-down table unexpectedly reporting the details for 8.8.0.849, for both Servers and Workstations.
NOTE: This issue applies to all previous releases.
802430 n/a VSE 8.8
Patch 2
VSE 8.8
Patch 4
Issue: Access Protection rules (except User Defined) are not displayed when accessed via a remote console.
820636 823110 KB77043 VSE 8.8
Patch 1
VSE 8.8
Patch 4
 
Issue: Client system properties in ePO report that the On-Access Scanner is running even when certain conditions on client systems prevent scanning.
Resolution: VSE 8.8 Patch 4.
NOTE: Previously resolved with VSE 8.8 Patch 1, 2 and 3 Hotfix 820636.
 n/a  n/a VSE 8.8 VSE 8.8
Patch 4
Issue: If upgrading from VSE 8.7i to VSE 8.8 it is highly recommended to be at Patch 4 prior to upgrading to 8.8, to ensure a clean migration.
757986 KB76768 VSE 8.8
Patch 2
VSE 8.8
Patch 3
Issue: A BugCheck (C2 or 19) occurs when file paths of a certain length are matched against Access Protection rules.
Resolution: VSE 8.8 Patch 3 and later.
NOTE: Previously resolved in VSE 8.8 Patch 2 Hotfix 778101.
784349 n/a VSE 8.8
Patch 2
VSE 8.8
Patch 3
Issue: When a file could not be deleted as part of a repair option, the file was incorrectly added to a pending file rename operations list, causing some errors during the repair.
800778 n/a VSE 8.8
Patch 2
VSE 8.8
Patch 3
Issue: Servers with multiple network adapters and Receive Side Scaling enabled experienced high memory usage or depletion.
791945 n/a VSE 8.8
Patch 2
VSE 8.8
Patch 3
Issue: A new Category (G_BehavioralScan) and Rule (BS01) is seen after checking in the VSE 8.8 Patch 2 Extension, opening the VSE Policy for Access Protection, and switching between Workstation and Server.
NOTE: After enforcing Tasks and Policies to a supported server operating system, the new Category and Rule on the client Access Protection User Interface do not show.
n/a n/a VSE 8.8
Patch 2
VSE 8.8
Patch 3
Issue: You might experience a sporadic blue screen error on shutdown on systems with Host IPS Patch 1. This patch upgrade resolves this issue after a restart, but the risk to encounter the crash on shutdown exists until that restart is satisfied.
NOTE: If this happens on shutdown, the restart requirement has still not been satisfied.
Resolution: After applying the latest VSE 8.8 Patch 3 or later and rebooting, the system will not experience this issue.
761202 KB75536 VSE 8.8
Patch 1
VSE 8.8
Patch 3
Issue: The Last Access Time is changed after you run a VSE 8.8 On-Demand Scan on a folder.
625756 KB71083 VSE 8.8
Patch 3
MA 4.5
Patch 3
Issue: Event 516 still occurs despite updating to Patch 1.
Resolution: The number of 516 events is significantly reduced by installing McAfee Agent 4.5 Patch 3. Refer to the Event 516 troubleshooting article to resolve this type of issue.
708485 KB73134 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: Lotus Notes stops responding when opening email.
735512 KB75019 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: When the Hotfix 625756 is installed on a machine with Host IPS, Host IPS blocks a McAfee process (mfehidin.exe) from setting Access Control List (ACL) on a McAfee driver (mfevtps).
682177 KB72512 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: A STOP error (BugCheck 7f) could occur with the filter driver because of lost content header information when transmitting through a raw socket on Windows 7. This issue was seen with some third-party VPN clients.
742092 KB74926 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: On-Demand Scan stops responding after you install VSE 8.8 Patch 1.
719680 KB75374 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: Processes that write data to disk frequently and/or write a lot of data in a short amount of time can experience poor performance from the scanning.
n/a KB75051 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: During a DAT update, VSE unnecessarily downloads the full ZIP file instead of downloading incremental files.
737991 KB76135 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: Cluster failover fails on a Windows 2003 SQL cluster because it is unable to mount the Quorum drive.
625756 KB71083 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: Event 516 still occurs despite updating to Patch 1.
 n/a KB71083 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: The Windows System Event log reports multiple entries for Event ID 516 with an event description Warning, Process **\VSTSKMGR.EXE pid (XXXX) contains signed but untrusted code.
Resolution: This error has multiple causes. The issues need troubleshooting to identify the cause and resolution. Refer to the troubleshooting article KB71083 in the left column for details.

The individual known issues articles for this problem are:
  • McAfee Agent DLL, see KB74177.
  • Third-party application (hook), see KB74176.
  • Microsoft Certificate Stores need updating, see KB74174.
NOTE: Installing the latest VSE 8.8 patch can help reduce the number of events recorded in the Windows System event log.
724985 KB73682 VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: Blue screen error with Bug Check 27 - RDR_FILE_SYSTEM on mfehidk.sys.
625756   VSE 8.8
Patch 1
VSE 8.8
Patch 2
Issue: Multiple entries for Event ID 514, 516, and 519 are recorded in the Windows System Event log. Third-party products that inject DLLs into processes could cause the VSE service (VsTskMgr.exe) to periodically poll data and frequently log event entries.
726019 KB73722 VSE 8.8
Patch 1

Host DLP
9.1 and 9.2
Host DLP
9.2 Patch 1
9.1 Patch 2
Issue: Intermittent BugChecks (blue screen errors) might occur when running VSE 8.8 Patch 1, or Host IPS 8.0 Patch 1 with Host DLP 9.x.
Resolution: This issue is resolved in the following patches, which are available from the Product Downloads site:
  • Host DLP 9.2 Patch 1 - This patch was Released To World (RTW) on April 11, 2012.
  • Host DLP 9.1 Patch 2 - This patch was RTW on April 16, 2012.
651887 KB71140 VSE 8.8 VSE 8.8
Patch 1
Issue: Custom UI Runtime Error in E-mail Scan Add-in error (when opening an existing or new email).

Resolution: This issue was resolved with VSE 8.8 Patch 1 and later.
642481 KB71886 VSE 8.8 VSE 8.8
Patch 1
Issue: Unable to add exclusions to the Access Protection rule: Anti-Spyware Standard Protection - Protect Internet Explorer Favorites and Settings.
Resolution: This issue was resolved in VSE 8.8 Patch 2 and later.
661424 KB71535 VSE 8.8 VSE 8.8
Patch 1
Issue: Access Protection rules involving the block of System: Remote fail to enforce. This also applies to preventing remote access to shares.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
660014 KB72028 VSE 8.8 VSE 8.8
Patch 1
 
Issue: Files on network locations may trigger an unhandled exception leading to a system crash if the network experiences a failure or the object is unreadable. One report of this occurred when opening Outlook 2010 with PST files configured to reside on remote storage.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
641015 KB72029 VSE 8.8 VSE 8.8
Patch 1
Issue: A BugCheck 5 can occur in terminal server environments during logout of a client using a multi-byte character language pack. VSE exposes a race condition with the Microsoft win32k.sys driver, causing an unhandled exception.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
664539, 665345 KB72031 VSE 8.8 VSE 8.8
Patch 1
Issue: When filtering network input/output, a timing issue could occur leading to a kernel thread stack exhaustion. This issue could result in a system crash.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
643440 KB72032 VSE 8.8 VSE 8.8
Patch 1
Issue: Malicious software may change NTFS folder permissions on McAfee folders in order to disable the software.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
638858 KB72033 VSE 8.8 VSE 8.8
Patch 1
Issue: Installation fails with ERROR 1920, The McShield Service failed to start. This can occur when Microsoft Windows is installed to a sub-folder rather than the root.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
673462 KB72035 VSE 8.8 VSE 8.8
Patch 1
Issue: A memory leak could occur with the process validation service and Microsoft .NET runtime support library, mscoree.dll.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
661424 KB72030 VSE 8.8 VSE 8.8
Patch 1
Issue: Access Protection blocking rules involving remote access to shares are not enforced.
Resolution: This issue was resolved in VSE 8.8 Patch 1 and later.
Non-critical - Third-Party Known/Resolved Issues
Reference Number Related Article Found Version Resolved Version Issue Description
719823 KB73596 VSE 8.8
Patch 1
Microsoft Issue: Cluster Shared Volumes (CSV) status becomes Online (Redirected access)
Resolution: Microsoft has confirmed that a Cluster (Windows 2008 R2) will put a Cluster Server Volume (CSV) in redirected mode if a filter's Altitude is not an integer.
The following Microsoft Knowledge Base article hotfix resolves the issue where Redirected Mode is enabled unexpectedly in a Cluster Shared Volume when you are running a third-party application in a Windows Server 2008 R2-based cluster.

To obtain the hotfix and instructions to address this issue, see the Microsoft article 2674551: http://support.microsoft.com/default.aspx?scid=kb;EN-US;2674551.
Non-critical - Unresolved issues section
Reference Number Related Article Found Version Resolved Version Issue Description
1191544 KB89123 VSE 8.8
Patch 9
n/a Issue: After upgrading to VSE 8.8 Patch 9, users observe on the client that the VirusScan (VShield) system tray icon is no longer visible after the ePO administrator disables the McAfee Agent (McTray) icon.

1152104

KB87172 VSE 8.8
Patch 8
n/a Issue: LDAP queries increase when scanning Information Rights Management-protected files after updating to the 5800 Scan Engine.
Workaround: See the related article for workaround details.
1148863 KB87667 VSE 8.8
Patch 8
n/a Issue: The On-Demand Scan task 'Repeat Task | Until' time stamp does not display properly in the VSE console with McAfee Agent 5.0 installed.
Resolution: This issue is cosmetic only, and is under investigation for a future product update.
1148444 KB87552 VSE 8.8
Patch 8
n/a Issue: McAfee Agent does not load the VirusScan Enterprise 8.8 ePO plug-in.
Resolution: This issue is expected to be resolved in VSE 8.8 Patch 9.
1157765 KB87532 VSE 8.8
Patch 8
n/a Issue: Windows System restore fails.

1149326

KB87666 VSE 8.8
Patch 8
n/a Issue: If previous VSE extensions are not already checked in to ePO, and you use automation to check in the VSE 8.8 Patch 8 extensions, the Reporting extension might be checked in before the Management extension.
Resolution: When the ePO extensions for VSE 8.8 Patch 8 are the first VSE extensions to be checked in to ePO, ensure that the Management extension is checked in before the Reporting extension. See the related article for details.

1153446

KB87659 VSE 8.8
Patch 8
n/a Issue: The HP Insight Foundation Agents process (cqmghost.exe) could generate Access Protection violations in VSE 8.8 Patch 8 against various registry keys.
Resolution: Access protection is working as-designed. See the related article for details.
Patch 7 - Non-critical
Reference Number Related Article Found Version Resolved Version Issue Description
1155496 KB88020 VSE 8.8
Patch 7
(and later)
n/a Issue: When creating a Microsoft Windows installation image with VSE installed into the image, if you run sysprep.exe /generalize /oobe against the image, the computer fails to boot properly with the following message:
 
Windows could not finish configuring the system. To attempt to resume configuration, restart the computer.

Resolution: Install VSE after the computer has been deployed and brought online.
1152658 KB87660 VSE 8.8
Patch 7
(and later)
n/a Issue: The default query VSE: Version 8.8 Compliance produces incorrect results.
Resolution: Edit the query. See the related article for details.
n/a KB87462 VSE 8.8
Patch 7
(and later)
n/a Issue: McAfee Agent can lose communication with the ePO server and fail to enforce policies because of Access Protection blocking new McAfee Agent processes.
Resolution: See the related article.

1127886

KB87177 VSE 8.8
Patch 7
n/a Issue: Creation or deletion of files succeeds in the folder where the user-defined Access Protection rule was designed to prevent them. No blocking or reporting of events is generated anymore, and the Access Protection Log is not updated. Issue Discovered: May 19, 2016.
Resolution: See the related article for details.
Patch 6/5 - Non-critical
Reference Number Related Article Found Version Resolved Version Issue Description
1109341 n/a VSE 8.8
Patch 5 or 6
HF1087536
n/a Issue: McAfee Profiler tool (VSE Profiler) no longer functions when VSE 8.8 Patch 5 or 6 HF 1087536 is installed.
Resolution: This issue will be fixed in a future release of the McAfee Profiler tool.
n/a KB84087 VSE 8.8
Patch 5
n/a Issue: McAfee Agent can lose communication with the ePO server and fail to enforce policies because of Access Protection blocking new McAfee Agent processes.
Resolution: See the related article.
Patch 6 - Non-critical
Reference Number Related Article Found Version Resolved Version Issue Description
1074199 n/a VSE 8.8
Patch 6
n/a Issue: Environments using Lotus Notes mail, with the Lotus Notes mail scanner feature enabled, encounter Access Protection violations after installing Patch 6.
Resolution: Add the Lotus Notes process (NLNOTES.EXE) to the Processes to Exclude list for the Access Protection rule that is being violated (for example, Common Standard Protection:Prevent modification of McAfee files and settings).
1065335 KB84084 VSE 8.8
Patch 6
n/a Issue: Modification to the Artemis FQDN field for the Network Heuristic Check feature requires a reboot on the client before the change takes effect.
Resolution: Restart the McShield service or reboot the system.
Patch 5 - Non-critical
Reference Number Related Article Found Version Resolved Version Issue Description
n/a KB87462 VSE 8.8
Patch 5
n/a Issue: McAfee Agent can lose communication with the ePO server and fail to enforce policies because of Access Protection blocking new McAfee Agent processes.
Resolution: See the related article.
966892 KB84913 VSE 8.8
Patch 5
n/a Issue: Access Protection rules are not visible in the ePO console after checking in the Patch 5 management extension.
Resolution: See the related article.
1077093 KB70432 VSE 8.8
Patch 5
n/a Issue: Windows Action Center indicates VSE is disabled, but inspection of the status of the scanner shows it is healthy and working.
Resolution: See the related article.
n/a KB84900 VSE 8.8
Patch 5
n/a Issue: Access Protection rules designed to block the EXECUTE action continue to block processes that have been added to the Processes to Exclude list.
Resolution: See the related article.
n/a KB84087 VSE 8.8
Patch 5
n/a Issue: McAfee Agent can lose communication with the ePO server and fail to enforce policies because of Access Protection blocking new McAfee Agent processes.
Resolution: See the related article.
n/a n/a VSE 8.8
Patch 5
n/a Issue: VSE uses .MSP files for product patches. Windows handles these files as a new product installation while adding the changes from the Patch to the original installation. VSE 8.8 Patch 5 (.msp) file does not support patch rollback or removal. Although the VSE product can be removed, the patch on its own cannot.
Resolution: To restore to an earlier VSE patch, you must first uninstall the current VSE product/patch, then reinstall the VSE product with the required earlier patch.
1046993
1053515
n/a VSE 8.8
Patch 5
n/a Issue: Incorrect action is recorded in Access Protection log file. Expected action was Delete but recorded action shows Write. Similarly, entries where Execute was expected will show Read.
Resolution: This functionality is as-designed. Changes to this functionality are under consideration for a future update.
832150 n/a VSE 8.8
Patch 5
n/a Issue: Modified ePO tasks are not applied to the client.
Workaround: Edit the task and click Save. The task can be applied to the clients using the option Force complete policy and task update.
901979 n/a VSE 8.8
Patch 5
n/a Issue: Access Protection alerts occur after installing Patch 5 on systems with SiteAdvisor installed.
Workaround: Reboot the client to establish Trust with McAfee components.
888146 KB78645 VSE 8.8
Patch 5
n/a Issue: Access Protection violations triggered when uninstalling or upgrading from VSE 8.7i.
Workaround: See the related article.
903631 n/a VSE 8.8
Patch 5
n/a Issue: In ePO queries, filtering on BufferOverflow is not possible. Product\BufferOverflow\ALL\ Query\BufferOverflow is missing from the drop-down list in a new query.
903224 n/a VSE 8.8
Patch 5
n/a Issue: Double-byte languages do not properly display text for Query Criteria Properties in ePO.
Patch 4 - Non-critical
Reference
Number
Related Article Found Version

Resolved Version

Issue Description
1014007 KB83123

VSE 8.8
Patch 4
 HF929019

n/a

Issue: System deadlock on startup because of untrusted third-party "hooking" applications when SysCore 15.3 is installed.

Workarounds: See the article for details.
n/a n/a VSE 8.8
Patch 4
n/a Issue: VSE uses .MSP files for product patches. Windows handles these files as a new product installation while adding the changes from the Patch to the original installation. The VSE 8.8 Patch 4 (.MSP) file does not support patch rollback or removal. Although the VSE product can be removed, the patch on its own cannot.
Resolution: To restore to an earlier VSE patch, you must first uninstall the current VSE product/patch, then reinstall the VSE product with the required earlier patch.
951411 KB79622 VSE 8.8
Patch 4
n/a Issue: A compatibility issue exists with Microsoft DirectAccess software on Server 2012 and later, where the connections drop after installing VSE 8.8 Patch 3 or 4.
Resolution: See the article for details.
954190 KB81532 VSE 8.8
Patch 4
n/a Issue: Random Outlook application crash on Windows 7 systems with VSE 8.8 Patch 4.
Workaround: Refer to the related article for details.
832150 n/a VSE 8.8
Patch 4
n/a Issue: Modified ePO tasks are not applied to the client.
Workaround: Edit the task and click Save. The task can be applied to the clients using the option Force complete policy and task update.
901979 n/a VSE 8.8
Patch 4
n/a Issue: Where SiteAdvisor is installed, after installing Patch 4, some Access Protection alerts may be encountered.
Workaround: A reboot is required for SiteAdvisor to again establish awareness of which components are Trusted.
888146 KB78645 VSE 8.8
Patch 4
n/a Issue: Access Protection violations triggered when uninstalling or upgrading from VSE 8.7i.
NOTE: VSE 8.7i has reached end of life and is no longer supported. 
Workaround: Refer to the related article for details.
903631 n/a VSE 8.8
Patch 4
n/a Issue: In ePO queries, filtering on BufferOverflow is not possible. For example, Product\BufferOverflow\ALL\ Query\BufferOverflow is missing from the drop-down list in a new query.
Resolution: Under investigation.
903224 n/a VSE 8.8
Patch 4
n/a Issue: Double-byte languages do not properly display text for Query Criteria Properties in ePO.
Resolution: Under investigation.
 n/a n/a VSE 8.8
Patch 4
n/a Issue: VSE 8.8 Hotfix 925610 is reported as installed after installing VSE 8.8 Patch 4.
Resolution: The reporting of this hotfix number is expected. It allows us to distinguish between the current release and that of an earlier Patch 4 release.
NOTE: The hotfix is not a separate installation; it is part of the current Patch 4 installation package.

Patch 3 - Non-critical

Reference Number Related Article Found Version Resolved Version Issue Description
1151154 KB87664 VSE 8.8
Patch 3
(and later)
Expected
behavior
Issue: Windows Defender could remain enabled after VSE 8.8 Patch 3 (or later) installation
Resolution: This is expected behavior with VSE 8.8 Patch 3 and later with Microsoft. Alter the group policy to disable Windows Defender, if this is required. See the related article for details.
891616 KB78680 VSE 8.8
Patch 3
Expected
behavior
Issue: Windows Defender is disabled after installing VSE 8.8 Patch 3 or later on Windows 8 and Server 2012.
Resolution: This is expected behavior with VSE 8.8 Patch 3 and later for Microsoft Windows 8 or Server 2012 and later. Microsoft now disables Windows Defender when an anti-malware product is installed. 
NOTE:  To review which versions of VSE can work with the various versions of Windows Defender, see KB71578.
657079 KB73288

VSE 8.8
Patch 3

n/a Issue: Using a UNC path in the system %PATH% environment variable causes vstskmgr.exe and mcshield.exe failure during VSE 8.8 installations.
Resolution: Use the command line property BYPASSUNCCHECK=1. Refer to the article for instructions.
837702 KB77489

VSE 8.8
Patch 3
or later

 

n/a Issue: A VSE 8.8 On-Demand Scan task set to Run Once might re-trigger after checking in the VSE 8.8 Patch 4 extension.
Resolution: To prevent the ODS from triggering, disable the McAfee Agent option to Run Missed Task before you check in the VSE 8.8 Patch 4 extension.
832150 n/a VSE 8.8
Patch 3
n/a Issue: Modified ePO tasks are not applied to the client.
Workaround: Edit the task and click Save. The task can be applied to the clients using the option Force complete policy and task update.

Patch 2 - Non-critical

657079

KB73288 VSE 8.8
Patch 2
n/a Issue: Using a UNC path in the system %PATH% environment variable causes vstskmgr.exe and mcshield.exe failure during VSE 8.8 installations.
Resolution: Use the command line property BYPASSUNCCHECK=1. Refer to the article for instructions.
n/a n/a VSE 8.8
Patch 2
n/a Issue: The reposted VSE 8.8 version property information still shows the RTW version 8.8.0.849.
Resolution: This is intentional. VSE only increments the version with each patch update.

Patch 1 - Non-critical

657079 KB73288 VSE 8.8
Patch 1
n/a Issue: How to bypass the UNC path restriction for new installations.
Resolution: Use the command line property BYPASSUNCCHECK=1
Example: SetupVSE.exe BYPASSUNCCHECK=1 /q
n/a KB51111 VSE 8.8
Patch 1
n/a Issue: The reposted version property information shows 8.8.0.849.
Resolution: This is intentional. VSE only increments the version with each patch update.
741012 753715 KB73521 VSE 8.8
Patch 1
n/a Issue: Bad image: The application or DLL is not a valid Windows image (when launching an On-Demand Scan).
Resolution: Multiple solutions to resolve this issue. See article for details.

RTW - Non-critical

- KB55145
KB85299
KB74059
VSE 8.8 n/a Issue: McShield.exe and high CPU utilization when running On-Demand scans..

Key articles listed on the left that cover this topic and offer both explanations and advice to improve performance.
  • KB55145 - Understanding the VSE On-Demand Scan system resource utilization.
  • KB85299 - FAQs about McShield.exe and high CPU utilization when running On-Demand scans
  • KB74059 - Best Practice for On-Demand Scans in VSE 8.8.
707098 KB73018 VSE 8.8 n/a Issue: MFEVTPS.exe uses an increasing amount of memory. This issue occurs despite having installed VSE 8.8 Hotfix 660014, which was released to address a specific high memory usage issue with MFEVTPS.exe. The same symptoms still occur because of a Microsoft update to CRYPT32.DLL.
Resolution: Microsoft has a solution available for this issue. Refer to the article in the left column for details.

Previous Document ID

KB84854 KB74569 KB73193 KB86129 KB83215 KB75007, KB86977

Rate this document

Did this article resolve your issue?

Please provide any comments below

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.