• Changes to AMCore content (V3 DAT) support coverage.
• How to ensure protection continuity on supported operating system platforms when the V3 DAT packages are exclusively signed by SHA-256 certificates as of July 27, 2021.

Solution Options:

1. (Recommended) Upgrade the operating system to a version that supports SHA-256.
2. Use Application and Change Control to secure the device instead of ENS (or VirusScan Enterprise) because it doesn’t require DATs.
3. Use VirusScan Enterprise 8.8 Patch 16, which uses V2 DAT content. This option requires a valid Extended Support contract with McAfee Enterprise as of December 31, 2021.

 
As of July 27, 2021, AMCore content (V3 DAT) support is being discontinued for the following End of Life platforms:

• Windows XP
• Windows Server 2003 (R1 and R2)
• Windows Vista

For Windows 7 (SP1), Windows Server 2008, and Windows Server 2008 R2 there are two important updates required that enable the recognition of the SHA-256 algorithm:

• KB4474419​
• KB4490628

 
Frequently Asked Questions:

Why is there an issue for Windows XP, Windows Server 2003, and Windows Vista?
Content files are signed with SHA-256 only, which these old platforms don’t support. For background about when V3 executable content packages removed SHA-1 support, see: KB93853 - Retirement of SHA-1 signing for McAfee Enterprise content on January 1, 2021.
 
Why don’t these older End of Life platforms support SHA-256?
Microsoft didn’t release any update for these platforms to support SHA-256.
 
What if we have no choice but to use outdated software for these older systems?
Our recommendation is to either use VirusScan Enterprise, a V2 DAT product, or to use Application and Change Control. Application and Change Control protects the system by giving you control over what processes are allowed to run.
 
Attempts to update McAfee Enterprise content on these systems is failing. What do I do?
AMCore V3 content is no longer supported for that platform. Implement one of the three Solution Options above to resolve the issue.