Release Notes for McAfee(R) SuperDAT(R) Manager Utility Version 2.5.0 Copyright (C) 2010 McAfee, Inc. All Rights Reserved __________________________________________________________ Thank you for using SuperDAT(R) Manager Utility software. This file contains important information regarding this release. McAfee strongly recommends that you read the entire document. IMPORTANT: McAfee strongly recommends that you use any pre-release software (beta or release candidate) in a test environment only. Pre-release software should not be installed in a production environment. __________________________________________________________ WHAT'S IN THIS FILE - What is SuperDAT Manager Utility? - What are DAT files? - What is Scan Engine? - New Features - Changed Features - Installation & System Requirements - Operating Systems for SuperDAT Manager - Operating Systems for SuperDAT Packages - Supported McAfee Products - Creating ePO Deployable SDAT Package - Known Issues - Documentation - Contact Information - Copyright & Trademark Attributions - License Information __________________________________________________________ WHAT IS SUPERDAT MANAGER UTILITY? The SuperDAT Manager Utility creates SuperDAT installation packages for distribution to computers on your network. SuperDAT installation packages are used to update your McAfee anti-virus products on supported platforms. The package you create can contain the scan engine alone, DAT files alone, or combinations of these files and other McAfee update files. Refer to the SuperDAT Manager Product Guide to learn about which packages you can create with the SuperDAT Manager Utility. __________________________________________________________ WHAT ARE DAT FILES? Detection definition (DAT) files contain up-to-date signatures and other information that McAfee anti-virus products use to protect your computer against the thousands of potentially unwanted programs. McAfee releases new DAT files regularly to provide protection against new threats that appear each month. Download and install the latest DAT files to ensure that your anti-virus software can protect your system or network against the latest threats. __________________________________________________________ WHAT IS SCAN ENGINE? The McAfee scan engine contains the program logic necessary to scan files at particular points, process and pattern-match virus definitions with data it finds in your files, decrypt and run potentially unwanted code in an emulated environment, apply heuristic techniques to recognize new threats, and remove infectious code from legitimate files. McAfee anti-virus products help to feed files to the engine for processing, integrate with various parts of your computer’s operating system to intercept files as they execute or as you work with them, and provide an interface you can use to configure various scan settings. __________________________________________________________ NEW FEATURES - SDAT manager 2.5.0 now supports updating 64-bit Anti-virus Engine files on McAfee Products. - Support for new McAfee products: - McAfee PortalShield 2.0 - McAfee Security for Microsoft SharePoint 2.5 - McAfee Security for Lotus Domino, v7.5 (Windows) - McAfee Security for Microsoft Exchange, v7.6 (Beta) - McAfee Security-as-a-Service (SaaS) - McAfee AntiVirus Plus 14.5 __________________________________________________________ CHANGED FEATURES - For SDAT Manager 2.5.0 to work with older scripts, change the "uTargetPlatform" field's value to "1" in the corresponding .INI file. - The SDAT executable package generated with SDAT Manager 2.5.0 cannot be directly checked-in to ePO like it used to be for the previous versions. You must create an ePO deployable package from the SDAT executable package, which could be checked in into ePO and deployed seamlessly like earlier SDAT Managers. For more information, refer to "CREATING EPO DEPLOYABLE SDAT PACKAGE" section. - SDAT Manager 2.5.0 does not support updating uncompressed V1 DATS like SCAN.DAT, NAMES.DAT, and CLEAN.DAT as they have reached End-Of-Life. All McAfee products using these DATs are not longer supported either. - All features of SuperDAT Manager 2.5 remain intact as in version 2.3.1 and 2.2. __________________________________________________________ INSTALLATION AND SYSTEM REQUIREMENTS Please see the product documentation for complete information on installation. OPERATING SYSTEMS FOR SUPERDAT MANAGER These operating systems are supported with this release of SuperDAT Manager: - Microsoft Windows 2003 Server (32-bit and 64-bit Edition) with latest Service Packs. - Microsoft Windows 2000 Professional, Server and Advanced Server with latest Service Packs. - Microsoft Windows XP Professional (32-bit and 64-bit Edition) with latest Service Packs. - Microsoft Windows Vista (32-bit and 64-bit Edition) with latest Service Packs. - Microsoft Windows 2008 Server (64-bit Edition) with latest Service Packs. - Microsoft Windows 7 (32-bit and 64-bit of all SKUs/Edition) with latest Service Packs. OPERATING SYSTEMS FOR SUPERDAT PACKAGES These operating systems are supported for creating packages with this release of SuperDAT Manager: - Microsoft Windows 2003 Server (32-bit and 64-bit Edition) with latest Service Packs. - Microsoft Windows 2000 Professional, Server and Advanced Server with latest Service Packs. - Microsoft Windows XP Professional (32-bit and 64-bit Edition) with latest Service Packs. - Microsoft Windows Vista (32-bit and 64-bit Edition) with latest Service Packs. - Microsoft Windows 2008 Server (64-bit Edition) with latest Service Packs. - Microsoft Windows 7 (32-bit and 64-bit of all SKUs/Edition) with latest Service Packs. __________________________________________________________ SUPPORTED MCAFEE PRODUCTS These McAfee products are supported with this release of SuperDAT Manager: - End-node Solutions - McAfee VirusScan Enterprise 8.5 and 8.7i - McAfee Security-as-a-Service (Saas) - McAfee AntiVirus Plus 14.5 - Server Solutions - McAfee PortalShield 2.0 - McAfee Security for Microsoft SharePoint 2.5 - McAfee GroupShield 7.0 for Lotus Domino - McAfee Security for Lotus Domino, v7.5 (Windows) - McAfee GroupShield 7.0 for Microsoft Exchange - McAfee Security for Microsoft Exchange, v7.6 (Beta) __________________________________________________________ CREATING EPO DEPLOYABLE SDAT PACKAGE Prerequisite: - You need the "ePOSign" tool to sign the Pkgcatalog.xml file into Pkgcatalog.z and encrypt the other scripts. - The SDAT package that you want to use as a ePO deployable package. To create the ePO deployable package: 1. Copy the files PkgCatalog.xml, SuperDATDet.mcs and SuperDATInstall.mcs from the folder \eposcripts\> into a new folder. For example, C:\ePO_SDAT. 2. Copy the SDAT package into the folder c:\ePO_SDAT and rename it to SETUP.EXE. 3. From the command prompt, go to the folder where the ePOSign tool is located and execute the following command: Eposign.exe c:\ePO_SDAT\PkgCatalog.xml .mcs /a Make sure to replace "c:\ePO_SDAT" with the complete path of the folder where the scripts were copied. 4. Verify if the signing was successful and ensure that there were no errors. Delete the file PkgCatalog.xml from c:\ePO_SDAT. 5. Create a ZIP archive containing all the files from the above folder, and sign the ZIP file using ePOSign tool. 6. Now you can use the ZIP file to check-in to the ePolicy Orchestrator Master repository. IMPORTANT: Ensure to make a fresh copy of the files from "\eposcripts", instead of reusing the files which were used to create the earlier packages. The signing process modifies the .MCS files and running the tool again on these files would result in an unusable ePO package. __________________________________________________________ KNOWN ISSUES The following list describes known issues for this release of the software product. 1. You cannot create a SuperDAT package with a file name that exceeds 204 characters. 2. The SuperDAT Manager Utility log file cannot exceed 100KB in size. If the log file exceeds this size, the utility deletes the oldest 20 percent of the file to make room for additional log entries. 3. If you install the SuperDAT package to update and upgrade an existing version of software, then you install a later version of the same software, you must reinstall the SuperDAT package to ensure that you have the most recent DAT files. For example, if you install VirusScan 4.5.1 software, then later install VirusScan Enterprise 7.0; you must install the SuperDAT package again to ensure that you have the most recent engine and DAT files. 4. The SuperDAT package installer works within the existing security structures for your system. For Windows NT systems that run McAfee version 4.5.x anti-virus products, you typically must have certain administrator rights to upgrade the scan engine for your anti-virus software. Those rights are required to stop and start system services. Logging on to the system with the same identity and rights that you used to install your anti-virus software should give you sufficient privileges. 5. If you try to deploy an EXTRA.DAT file with a time and date stamp that is earlier than the time and date stamp for your current DAT files, the EXTRA.DAT file does not install correctly. This can occur if you configured your computer to download new DAT files automatically through the AutoUpdate utility, then you use the SuperDAT package or another method to distribute an EXTRA.DAT file that McAfee released before the regular DAT file update. To work around this issue you can: a. Use the SuperDAT Manager Utility to create a SuperDAT package that has both the regular DAT file update and the EXTRA.DAT file that you want to deploy. b. Configure your anti-virus software to use the AutoUpdate utility to download and install these files from a central server. The SuperDAT Manager Utility does not reject EXTRA.DAT files with time and date stamps earlier than the installed DAT files. 6. The SuperDAT package installer does NOT support Lotus Domino partition servers. It does support GroupShield Domino in its single-server mode. 7. In order to update GroupShield Domino software, the SuperDAT package installer requires that the Lotus Domino server have server administrator rights. If the Domino server does not, the SuperDAT package installer displays this error message: "The SuperDAT package installer cannot stop GroupShield services on this server because it does not have Lotus Domino Server Administrative privileges." To ensure that the Domino server has server administrator rights, add the fully qualified server name to the Administrators field in the Current Server document within the Names and Addresses Book. After you do so, restart the Lotus Domino server. The SuperDAT package installer can then update the DAT and engine files for your software. Follow these steps: a. Open the Lotus Domino Administrator application. b. Click the Configuration tab, then click the Server "twistie." c. Click the Current Server Document, then click "Edit Server." d. Expand the Administrators field to display a list of address books. e. Select your server's address book, then select your server. f. Click "Add" to add that server to the list box to the right, then click "OK." g. Click "OK" again. h. Click "Save," and then "Close." i. Restart your Domino server. 8. If the DAT and engine files are deleted from GroupShield for Domino installation folders, the update of DAT and engine files using SuperDAT package fails. The error message logged is "Unable to determine the version information of the specified file." 9. The hotkey shortcut does not work for the "Finish" button in the last screen of the SuperDat Manager Utility and the SuperDAT packages in some languages. 10. On Spanish operating systems, the popup that appears before machine reboot contains clipped text. 11. The hotkey shortcut does not work for the "Next" button in the Dutch SuperDAT package. 12. During the creation of an SDAT package through SDM, if the versions of the files mcscan32.dll and config.dat (those present in the root directory) are mismatched, DAT swapping does not work. Ensure that these two files are never replaced or changed. 13. If a SuperDAT package with EXTRA.DAT is used to forcibly update (using /f switch) on PortalShield 2.0/GroupShield for Lotus Domino 7.0/GroupShield for Microsoft Exchange 7.0, with the system having the same DAT version and EXTRA.DAT folder, the update succeeds. However, it logs the message "An error occurred during the update" for extra.dat. 14. If a SuperDAT package with EXTRA.DAT is used to update DAT files on PortalShield 2.0/GroupShield for Lotus Domino 7.0/GroupShield for Microsoft Exchange 7.0 system with two DAT folders with at least one of them having an EXTRA.DAT file and the same DAT version as in the package, the update succeeds. However, it logs the message "An error occurred during the update" for extra.dat. 15. After VirusScan Enterprise is updated using a SuperDAT package, an attempt to rollback DATs fails. 16. When a SuperDAT package with DAT and EXTRA.DAT files is updated on PortalShield 2.0, the update fails if VirusScan Enterprise 8.5 and GroupShield for Lotus Domino 7.0/GroupShield for Microsoft Exchange 7.0 coexist on the same machine and neither product has an EXTRA.DAT file. 17. If first an upgrade then a downgrade is performed on PortalShield 2.0/GroupShield for Lotus Domino 7.0/GroupShield for Microsoft Exchange 7.0 with a DAT and EXTRA.DAT package followed by an update with a package containing extra.dat or only extra.dat, the update happens successfully. However, there is an extra.dat update failure message. 18. Sometimes while updating the 64-bit Engine "Mcsan64a.Dll" on VirusScan Enterprise 8.7i with an Engine-only SDAT package, the following error may occur: "Product already running latest engine files." NOTE: Users can still install the 64-bit engine by relaunching the SDAT package after waiting for a minute. The SuperDAT package installer this time would give a similar error for the 32-bit engine update, but the 64-bit Engine update would succeed. 19. If the Antivirus files are already in use, the SuperDAT package installer may prompt the user to reboot the computer. The updated Engine/DAT files will be not used by the product until the user reboots the computer. __________________________________________________________ DOCUMENTATION Documentation is included on the product CD and/or is available with a valid grant number from the McAfee download site: https://secure.nai.com/us/forms/downloads/upgrades/login.asp NOTE: Unless otherwise noted, product documentation comes as Adobe Acrobat .PDF files. The product CD includes the latest version of Acrobat Reader, or you can download any version from the Adobe web site: http://www.adobe.com/products/acrobat/readstep2.html This product includes the following documentation set: - Product Guide. Introduces the product, describes product features, provides detailed instructions for installation, configuration, deployment, and ongoing operation and maintenance. - This README file. __________________________________________________________ CONTACT INFORMATION THREAT CENTER: McAfee Avert(R) Labs Homepage http://www.mcafee.com/us/threat_center/default.asp Avert Labs Threat Library http://vil.nai.com/ Avert Labs WebImmune & Submit a Sample (Logon credentials required) https://www.webimmune.net/default.asp Avert Labs DAT Notification Service http://vil.nai.com/vil/signup_DAT_notification.aspx DOWNLOAD SITE Homepage http://www.mcafee.com/us/downloads/ - Product Upgrades (Valid grant number required) - Security Updates (DATs, engine) - HotFix and Patch Releases - For Security Vulnerabilities (Available to the public) - For Products (ServicePortal account and valid grant number required) - Product Evaluation - McAfee Beta Program TECHNICAL SUPPORT Homepage http://www.mcafee.com/us/support KnowledgeBase Search http://knowledge.mcafee.com/ McAfee Technical Support ServicePortal (Logon credentials required) https://mysupport.mcafee.com/eservice_enu/start.swe CUSTOMER SERVICE Web: http://www.mcafee.com/us/support/index.html http://www.mcafee.com/us/about/contact/index.html Phone: +1-888-VIRUS NO or +1-888-847-8766 Monday-Friday, 8 a.m.-8 p.m., Central Time US, Canada, and Latin America toll-free PROFESSIONAL SERVICES - Enterprise: http://www.mcafee.com/us/enterprise/services/index.html - Small & Medium Business: http://www.mcafee.com/us/smb/services/index.html __________________________________________________________ COPYRIGHT Copyright (C) 2010 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. __________________________________________________________ TRADEMARK ATTRIBUTIONS AVERT, EPO, EPOLICY ORCHESTRATOR, FOUNDSTONE, GROUPSHIELD, INTRUSHIELD, LINUXSHIELD, MAX (MCAFEE SECURITYALLIANCE EXCHANGE), MCAFEE, NETSHIELD, PORTALSHIELD, PREVENTSYS, SECURITYALLIANCE, SITEADVISOR, TOTAL PROTECTION, VIRUSSCAN, WEBSHIELD are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. McAfee Red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. __________________________________________________________ LICENSE INFORMATION LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANY YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. V3.1.9