Java application performance issues reported with Host IPS 8.0 5660 and 5709 content
技術的な記事 ID:
KB82087
最終更新: 6/5/2019
最終更新: 6/5/2019
Java application performance issues reported with Host IPS 8.0 5660 and 5709 content
技術的な記事 ID:
KB82087
最終更新: 6/5/2019 環境McAfee Host Intrusion Prevention (Host IPS) 8.0
概要McAfee has received reports from some customers about performance degradation on web-based enterprise Java applications.
問題Customers might experience increased response time, latency, or resource consumption when navigating enterprise Java applications.
Profiling might indicate that the jsbp.method_entry() function consumes most of the resource overhead. Internet Explorer might stop responding when starting the Java Enterprise application. システムの変更
原因The 5709 content version included a loader for signature 6666, which was unintended. This issue only affected systems that previously experienced the original Java-related issue with security content 5660 installed.
Other observations:
Host IPS content version 5660 added one new signature: Signature 6666 - Generic Java Sandbox Escape Exploit Detected. Signature 6666 updated jsbp.dll and jsbp.jar, located in the Host IPS 8.0 program installation folder. Security content version 5709, released June 10, 2014, will inadvertently load the JSBP resource files, even though signature 6666 is not included in security content version 5709. This behavior is unintended and security content version 5709 has been recalled and replaced with security content version 5710. 解決策McAfee posted Host IPS content 5735 to the common repository on July 1, 2014. This update resolves the issue incurred with content version 5709, posted on June 10, 2014.
NOTE: Content version 5735 includes the regular planned June IPS signature updates originally included in content version 5709. McAfee posted Host IPS content 5710 to the common repository on June 12, 2014. This update resolved the issue incurred with content version 5709, posted on June 10, 2014. McAfee posted Host IPS content 5664 to the common repository on June 1, 2014, which resolved the issue incurred with content version 5660, posted on May 27, 2014.
http://www.mcafee.com/us/content-release-notes/host-intrusion-prevention/index.aspx 解決策McAfee is currently conducting a full process review and has inserted new process checkpoints to make sure that a similar issue does not occur in future Host IPS security content updates.
McAfee is withholding re-release estimates for Host IPS Signature 6666, JSEP content, until we finalize solutions for reported issues and have full confidence to validate JSEP signature functionality. This article will be updated when further updates related to this functionality are confirmed. 添付ファイル言語:技術用語集 |
|