Last Modified: 03/10/2014
Patches are cumulative; therefore, McAfee recommends that you install the latest one. For information about the latest releases, see KB51111.
McAfee product software, upgrades, maintenance releases, and documentation are available from the McAfee Downloads site at: http://www.mcafee.com/us/downloads/downloads.aspx.
NOTE: You will need a valid Grant Number for access. KB56057 provides additional information about the McAfee Downloads site, as well as alternate locations for some products.
Hotfix Release Date: Jan 8, 2013
- The hotfix and Release Notes are attached to this article.
- This release was developed for use with:
- VirusScan Enterprise 8.8.0 Patch 1
- VirusScan Enterprise 8.8.0 Patch 2
- VirusScan Enterprise 8.8.0 Patch 3
- Rating: This release is considered a High Priority rating. McAfee recommends this release for all environments. For information on ratings, see KB51560. Failure to apply a High Priority update may result in potential business impact.
- In addition to the state of the service, you can leverage two registry values to qualify the state of scanning. If required, contact McAfee Technical Support, to obtain the registry values.
|Reference Number||Related Article||Resolved Issue Description|
|Issue: Client system properties in ePolicy Orchestrator report that On Access Scanner was running even when certain conditions on client system prevent scanning.
Resolution: During system property collection, the VirusScan plugin to the McAfee Agent queries On Access Scanner services and registry to report status with increased accuracy.
Additional background Information
The dynamic link library interfacing with the McAfee Agent for VSE property collection would only query the status of the McShield service, and interpret Running as being enabled. This is not necessarily an accurate assumption, as the service might be running despite a failure of some kind that leads to an inability to scan for threats.
The bEnabled property is used to reflect the status of the On-Access scanner of VSE on end nodes within the ePolicy Orchestrator console. In earlier releases (VSE 8.7i and earlier) the status could be accurately obtained by checking the state of the McShield service, whether it is running or not. In version 8.8 and later, checking the state of the McShield service alone is insufficient. VSE 8.8 Hotfix 820636 has been created to improve the logic of what is examined to determine the On-Access scanner status, and report it accordingly via the same bEnabled property.
- 1 = enabled
- 0 = disabled (or system is unhealthy)
Previously in ePolicy Orchestrator (ePO) managed environments, VSE installations appended .wrk or .srv to their version properties as a means of distinguishing nodes as workstations or a servers. Current versions of ePO allow for tags that make this method redundant.
Systems with VSE 8.8 Hotfix 820636 will no longer append .wrk or .srv in their version properties. A new Machine Type field has been added to the property collection, and is listed in the General Properties of that node in ePO (prodprops.MachineType). With the release of VSE 8.8 Patch 3, there is an updated VSE reporting Extension that will allow you to query on the new Machine Type property after you check in the VSE 8.8 Patch 3 Extension.
218K • < 1 minute @ 56k, < 1 minute @ broadband
Glossary of Technical Terms
Please take a moment to browse our Glossary of Technical Terms.