High memory use with MFEVTPS.EXE

Technische Artikel ID: KB73018
Zuletzt geändert am: 8/20/2020

Umgebung

McAfee Host Intrusion Prevention (Host IPS) 8.0
McAfee VirusScan Enterprise (VSE) 8.8

Microsoft Windows XP

Problem

MFEVTPS.exe uses an increasing amount of memory. This issue occurs even after you install Hotfix 660014, which was released to address a specific high memory use issue with MFEVTPS.exe. The same symptoms still occur because of a Microsoft update to CRYPT32.DLL.

Systemänderung

Applied a recent Microsoft update to CRYPT32.DLL.

Ursache

The root cause is an issue with CRYPT32.DLL that is exposed by the McAfee use of cryptographic APIs after you update the CRYPT32.DLL version.

NOTE: McAfee has observed this symptom only on Windows XP systems.

Lösung

A solution is available from Microsoft, but Windows XP is no longer supported by Microsoft.

Microsoft ended extended support for Windows XP SP3 on April 8, 2014. For best results and optimal security, upgrade to a supported operating system. See KB78434 for details.

McAfee strongly advises you to install VSE 8.8 Patch 1 or later.

McAfee product software, upgrades, maintenance releases, and documentation are available from the Product Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx.

NOTE: You need a valid Grant Number for access. KB56057 provides additional information about the Product Downloads site, and alternate locations for some products.

Behelfslösung

Restart the affected computers.

NOTE: The MFEVTP service, mfevtps.exe, is not a service that can readily be stopped and started to reset memory use to original levels. So, a computer restart is needed.

Themenbezogene Informationen

To investigate the issue, McAfee built a test harness tool to invoke cryptographic APIs, and observed the same memory increase in the test tool. This issue occurred without the presence of any McAfee code. So, McAfee engaged Microsoft to investigate this issue. Microsoft confirmed that the root cause is a bug in CRYPT32.DLL.

The rate of memory increase is entirely dependent on system use. And, the requirement for McAfee to invoke cryptographic APIs to validate and verify system calls being made that use McAfee code. Internal testing shows that you might need to reboot after about five days. The reason is because mfevtps.exe memory use reaches a level, more than 1 GB, which noticeably impacts system performance.

Betroffene Produkte

Host Intrusion Prevention 8.0
Known Issue/Product Defect
VirusScan Enterprise 8.8

Sprachen:

Dieser Artikel ist in folgenden Sprachen verfügbar:

German
English United States
Spanish Spain
French
Italian
Japanese
Korean
Dutch
Portuguese Brasileiro
Chinese Simplified
Chinese Traditional

Technisches Glossar

Glossarbegriffe hervorheben

Im technischen Glossar werden Fachbegriffe erklärt.

High memory use with MFEVTPS.EXE

Umgebung

Problem

Systemänderung

Ursache

Lösung

Behelfslösung

Themenbezogene Informationen

Betroffene Produkte

Sprachen:

Technisches Glossar

Title

Title

Empfohlene Lösungen

Unser Portfolio kennenlernen

Sicherheitsergebnisse

Branchen

Produkte

Empfohlene Lösungen

Unser Portfolio kennenlernen

MVISION-Produkte

Services und Schulungen

Bedrohungsforschung

Unsere Forscher

Bedrohungslage-Dashboard

Tools

Kontakt

Ressourcen

Downloads

Produkthilfe

Folgen Sie uns

Durchsuchen

Unser Unternehmen

Unsere Bemühungen

Weitere Ressourcen

Jobs

Partnerschaften

High memory use with MFEVTPS.EXE

Umgebung

Problem

Systemänderung

Ursache

Lösung

Behelfslösung

Themenbezogene Informationen

Betroffene Produkte

Sprachen:

Technisches Glossar

Wählen Sie Ihre Region

Title

Title