High memory use with MFEVTPS.EXE

Technische Artikel ID: KB73018
Zuletzt geändert am: 8/20/2020

Umgebung

McAfee Host Intrusion Prevention (Host IPS) 8.0
McAfee VirusScan Enterprise (VSE) 8.8

Microsoft Windows XP

Problem

MFEVTPS.exe uses an increasing amount of memory. This issue occurs even after you install Hotfix 660014, which was released to address a specific high memory use issue with MFEVTPS.exe. The same symptoms still occur because of a Microsoft update to CRYPT32.DLL.

Systemänderung

Applied a recent Microsoft update to CRYPT32.DLL.

Ursache

The root cause is an issue with CRYPT32.DLL that is exposed by the McAfee use of cryptographic APIs after you update the CRYPT32.DLL version.

NOTE: McAfee has observed this symptom only on Windows XP systems.

Lösung

A solution is available from Microsoft, but Windows XP is no longer supported by Microsoft.

Microsoft ended extended support for Windows XP SP3 on April 8, 2014. For best results and optimal security, upgrade to a supported operating system. See the following KB article for more information: KB78434 - McAfee product support for Windows XP SP3 after the end of the Microsoft Extended Support date in April 2014.

McAfee strongly advises you to install VSE 8.8 Patch 1 or later.

McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at: https://www.mcafee.com/enterprise/en-us/downloads/my-products.html.

NOTE: You need a valid Grant Number for access. See KB56057 - How to download Enterprise product updates and documentation for more information about the Product Downloads site, and alternate locations for some products.

Behelfslösung

Restart the affected computers.

NOTE: The MFEVTP service, mfevtps.exe, is not a service that can readily be stopped and started to reset memory use to original levels. So, a computer restart is needed.

Themenbezogene Informationen

To investigate the issue, McAfee built a test harness tool to invoke cryptographic APIs, and observed the same memory increase in the test tool. This issue occurred without the presence of any McAfee code. So, McAfee engaged Microsoft to investigate this issue. Microsoft confirmed that the root cause is a bug in CRYPT32.DLL.

The rate of memory increase is entirely dependent on system use. And, the requirement for McAfee to invoke cryptographic APIs to validate and verify system calls being made that use McAfee code. Internal testing shows that you might need to reboot after about five days. The reason is because mfevtps.exe memory use reaches a level, more than 1 GB, which noticeably impacts system performance.

Betroffene Produkte

Host Intrusion Prevention 8.0
Known Issue/Product Defect
VirusScan Enterprise 8.8

Sprachen:

Dieser Artikel ist in folgenden Sprachen verfügbar:

German
English United States
Spanish Spain
French
Italian
Japanese
Korean
Dutch
Portuguese Brasileiro
Chinese Simplified
Chinese Traditional

Technisches Glossar

Glossarbegriffe hervorheben

Im technischen Glossar werden Fachbegriffe erklärt.

Knowledge Center

High memory use with MFEVTPS.EXE

Umgebung

Problem

Systemänderung

Ursache

Lösung

Behelfslösung

Themenbezogene Informationen

Betroffene Produkte

Sprachen:

Technisches Glossar

Title

Title

Knowledge Center

High memory use with MFEVTPS.EXE

Umgebung

Problem

Systemänderung

Ursache

Lösung

Behelfslösung

Themenbezogene Informationen

Betroffene Produkte

Sprachen:

Technisches Glossar

Wählen Sie Ihre Region

Title

Title