Loading...

Knowledge Center


Threat Intelligence Exchange Module for VirusScan Enterprise 1.0.x Known Issues
Technical Articles ID:   KB84487
Last Modified:  3/8/2018

Environment

McAfee Threat Intelligence Exchange Module (TIEm) for VirusScan Enterprise (VSE) 1.0.x

Summary

Recent updates to this article:
Date Update
March 8, 2018 Updated to add expand/collapse titles.
February 15, 2018 Multiple new entries added, and tagged resolved, with TIEm for VSE 1.0.3.

To receive email notification when this article is updated, click Subscribe on the right side of the page. You must be logged on to subscribe.

This article contains important information about known issues of high or medium rating that are outstanding with this product release. This article will be updated if new issues are identified post-release, or if additional information becomes available. To read the Release Notes, see:
 
TIEm for VSE
Version
Release to World (RTW) Release Notes
1.0.3 February 9, 2018 PD27533
1.0.2 September 14, 2016 PD26651
1.0.1.140 February 17, 2016 PD26380
1.0.1.137 January 25, 2016 PD26332
1.0.1 April 27, 2015 PD25919

Issue resolutions in updates and major releases are cumulative; Technical Support recommends that you install the latest version. To find the most recent release for your product, visit the Product Downloads site at http://www.mcafee.com/us/downloads/downloads.aspx.

Click to expand the section you want to view:

Reference
Number
Related
Article
Found
Version
Resolved
Version
Issue Description
1184195 KB89611 1.0.1 1.0.3 Issue: High memory usage on systems with the Threat Intelligence Exchange Module for VSE 1.0.2 or 1.0.1.

Reference
Number
Related
Article
Found
Version
Resolved
Version
Issue Description
1168438 KB88096 1.0.1 1.0.3 Issue: An ePolicy Orchestrator (ePO) Restore from quarantine task fails, because the detection names in the ePO Threat Event logs and Quarantine Manager do not match.
1186543 KB89512 1.0.2 1.0.3 Issue: Upgrade from TIEm from version 1.0.1 to 1.0.2 (build 1.0.2.178) fails, because self-protection is blocking the creation of the TIEm uninstall key during the upgrade.

Workaround: Disable TIE self-protection before performing the upgrade. For configuration changes to TIEm, see the Threat Intelligence Exchange 1.3.0 Product Guide - PD26441.
1167721 - 1.0.1 1.0.3 Issue: The TIE client installation could fail due to a mismatch in the name of the setup executable JTISetup64.exe and its name in the installation script.
1194946 - 1.0.1 1.0.3 Issue: The TIE client makes unexpected file reputation requests when trying to get the JCM_ITEM_ID_GTI_CERTIFICATE_REVOKED attribute.
1199194 - 1.0.2 1.0.3 Issue: The TIE client does not honor scan exclusions for the VSE On-Access Scanner (OAS). TIEm continues to monitor files despite OAS exclusion.
1168011 - 1.0.1 1.0.3 Issue: A delay of 30–40 seconds in starting an application can occur after a system restart, due to a problem when saving or loading certificate reputation information from the cache.
1147879 KB87510 1.0.1.140 1.0.2 Issue: A system with VSE and TIEm for VSE 1.0.1.140 experiences infrequent performance issues such as hangs or freeze-like symptoms, which requires a hard reboot to recover the affected system. Preceding the hang, you observe that the McShield service has stopped working entirely (crashed).
 
Resolution: This issue is resolved in TIEm for VSE 1.0.2. See the Knowledge Base article for details.
1133652 KB87439 1.0.1 1.0.2 Issue: TIEm for VSE blocks Known Trusted files, including files with a Known Trusted enterprise reputation. The rule reported is TIEM/Suspicious.rule0. The TIEMVE.log shows the MD5 hash calculation failed with an entry similar to:
 
[E] [0x1c94] CHashDataProvider: Failed to calc md5 for C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\plug_ins\AcroForm.api 1359
 
The issue occurs when the environment is set to block items with an Unknown reputation. When the MD5 hash calculation fails, the reputation is Unknown for the transaction even when a Portable Executable (PE) file has a Known Trusted enterprise reputation.
 
Resolution: This issue is resolved in TIEm for VSE 1.0.2. See the Knowledge Base article for details.
1129086 KB87436 1.0.1 1.0.2 Issue: When you close a Remote Desktop Protocol (RDP) session, you see an error dialog for a fatal exception in tiestatus.exe:

STATUS_INVALID_PARAMETER_msvcr110!__crtCreateThreadpoolWait+1b

Resolution: This issue is resolved in TIEm for VSE 1.0.2. See the Knowledge Base article for details.
1117781 KB86515 1.0.1 1.0.1.140 Issue: When trying to open PDF email attachments, Outlook errors similar to the following display:
 
Cannot open file: C:\users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Ou.... The file may not exist, you may not have permission to open item or it may be open in another program. Right-click the folder and then click the Properties to check your permissions for the folder

We can't open 'C:\users\\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content....' It's possible the file is already open, or you don't have permissions to open it.

 
Resolution: This issue is resolved in TIEm for VSE 1.0.1.140. See the Knowledge Base article for details.
1115944 KB86632 1.0.1 1.0.1.137 Issue: You observe high CPU in McShield.exe, followed by McShield.exe generating a system error (crash), when you try to start or stop the service. The corresponding event is recorded as McLogEvent Event ID 5019.

Resolution: This issue is resolved in TIEm for VSE 1.0.1.137. See the Knowledge Base article for details.
1020118   1.0.1 1.0.1 Hotfix 0630151 Issue: After uninstalling McAfee Agent and rebooting, TIEm for VSE will not initialize.

Resolution: McAfee Agent must be installed for TIEm for VSE to initialize. Starting with TIEm for VSE 1.0.1 Hotfix 0630151, the TIE client disables itself if McAfee Agent is removed.


Back to Top
 

Rate this document

Beta Translate with

Select a desired language below to translate this page.

Glossary of Technical Terms


 Highlight Glossary Terms

Please take a moment to browse our Glossary of Technical Terms.