Release Notes for McAfee(R) ProtectionPilot(R) Version 1.1.x Patch 3 Copyright (C) 2006 McAfee, Inc. All Rights Reserved ========================================================== This Patch is build number: 1.1.1.126. This release was developed and tested with: - ProtectionPilot: 1.1.0, 1.1.1 Make sure you have installed this version before using this release. ========================================================== Thank you for using ProtectionPilot(R) software. This file contains important information regarding this release. We strongly recommend that you read the entire document. The attached files are provided as is, and with no warranty either expressed or implied as to their suitability for any particular use or purpose. McAfee, Inc. assumes no liability for damages incurred either directly or indirectly as a result of the use of these files, including but not limited to the loss or damage of data or systems, loss of business or revenue, or incidental damages arising from their use. Patch files should be applied only on the advice of McAfee Technical Support, and only when you are actually experiencing the issue being addressed by the Patch. Patch files should not be proactively applied in order to prevent potential product issues. You are responsible for reading and following all instructions for preparation, configuration, and installation of Patch files. Patch files are not a substitute or replacement for product Service Packs which may be released by McAfee, Inc. It is a violation of your software license agreement to distribute or share these files with any other person or entity without written permission from McAfee, Inc. Further, posting of McAfee Patch files to publicly available Internet sites is prohibited. McAfee, Inc. reserves the right to refuse distribution of Patch files to any company or person guilty of unlawful distribution of McAfee software products. Questions or issues with McAfee Patch files should be directed to McAfee Technical Support. __________________________________________________________ WHAT'S IN THIS FILE - About This Release - Purpose - Resolved Issues - Previously Resolved Issues - Installation - Installation Requirements - Installation Steps - Removing This Release - Contact Information - Copyright & Trademark Attributions - License & Patent Information __________________________________________________________ ABOUT THIS RELEASE IMPORTANT: To maintain full functionality, installing this Patch is required on the ProtectionPilot server and all ProtectionPilot consoles. PURPOSE This Patch replaces server and console files in ProtectionPilot to resolve the issues listed below. The fixes in ProtectionPilot Patch releases are cumulative. See "Previously Resolved Issues" for fixes in earlier Patch versions. RESOLVED ISSUES 1. ISSUE: A successful exploit of a reported security vulnerability could allow an attacker to remotely execute arbitrary code on the ProtectionPilot server. The attack would require network access to the ProtectionPilot server system and reverse engineering of the proprietary communications protocol. RESOLUTION: This vulnerability has been resolved in this release. NOTE: This vulnerability was discovered by Mati Aharoni and Moti Joseph. 2. ISSUE: The ProtectionPilot console shows the latest components as not up-to-date. This affects DATs and managed products. RESOLUTION: If a system has the latest DATs and managed products, they now show as up-to-date. 3. ISSUE: When editing a scheduled task in the ProtectionPilot console, an Internet Explorer Script Error dialog box appears with the message: "An error has occurred in the script on this page." RESOLUTION: Editing a scheduled task in the ProtectionPilot console no longer produces this script error. 4. ISSUE: The SMBSP_UpdateCompliance stored procedure included in the recently released ProtectionPilot 1.1.x Patch 2 is not installed if the ProtectionPilot database collation is not the same as the Microsoft SQL server collation. This causes the Engine and DAT Compliance reports to show as not up-to-date. RESOLUTION: The SMBSP_UpdateCompliance stored procedure now installs properly. 5. ISSUE: When managed systems are upgraded to the 5100 engine from the 4400 engine, the ProtectionPilot console would temporarily show systems as non-compliant. Systems became compliant after a full property collection. RESOLUTION: Managed systems now show as compliant immediately after the 5100 Engine update. PREVIOUSLY RESOLVED ISSUES (ProtectionPilot 1.1.x Patch 2) 1. ISSUE: After updating to the 4825 DAT or later, the ProtectionPilot dashboard shows that systems are not up-to-date, although they are running the latest DATs. RESOLUTION: Application of this Patch normalizes the DAT and Engine versions to a common format. When calculating the compliance, versions are either truncated, or used as is if they are the same length, which will address the dashboard issue. KNOWN ISSUE: DAT and Engine versions in "Detailed Product Properties" are not normalized. PREVIOUSLY RESOLVED ISSUES (ProtectionPilot 1.1.x Patch 1) 1. ISSUE: Error 7031 appears in the System Event log during scheduled replications: "The McAfee ProtectionPilot Server service terminated unexpectedly." RESOLUTION: SrvEventInf.dll was revised to allow concurrent access from multiple threads simultaneously so that this error no longer occurs. 2. ISSUE: Replication tasks fail intermittently, often hanging or ending with an exception error such as the following: "Stack Exception c0000005 address 77fccc2c." RESOLUTION: The code involved in replication now has improved error handling. 3. ISSUE: The repository AutoUpdate downloads extra.dat files but they do not work correctly in GroupShield Exchange. RESOLUTION: The extra.dat file now is used correctly by GroupShield. 4. ISSUE: Replication can sometimes fail and stack traces are visible in the server log. RESOLUTION: Replications in this circumstance now succeed and the stack traces no longer appear. 5. ISSUE: System properties report that systems that have more than 2 GB of RAM have 0 GB of RAM. RESOLUTION: System properties now report the correct amount of RAM. 6. ISSUE: Pushing the ProtectionPilot agent to systems running Windows 2000 sometimes can fail. RESOLUTION: ProtectionPilot agents can now successfully be deployed to this platform. 7. ISSUE: From a remote console, after a manual download of updates to the ProtectionPilot server, agents sometimes did not see that the server had been updated. RESOLUTION: An error on the server side has been corrected so that the latest updates are always available to agents. 8. ISSUE: NAIREPL32.EXE can create an excessive CPU load. RESOLUTION: This has been corrected and NAIREPL32.EXE now uses resources in line with its current demands. 9. ISSUE: Server tasks can enter a state where they no longer execute and cannot be rescheduled. Next run times show as "Unknown." RESOLUTION: This no longer occurs. 10. ISSUE: The Inherit box in VirusScan tasks loses state and doesn't reflect the currently set policy. RESOLUTION: The Inherit box now correctly matches the current state of the task settings. PREVIOUSLY RESOLVED ISSUES (ProtectionPilot 1.1.1) 1. ISSUE: The ProtectionPilot console shows latest components as not up-to-date. This affects DATs and managed products. RESOLUTION: If a system has the latest DATs and managed products, it now shows as up-to-date. 2. ISSUE: AvertLog.xml can grow without limits. RESOLUTION: This log is now properly "bounds checked" to prevent it from using all available disk space. __________________________________________________________ INSTALLATION INSTALLATION REQUIREMENTS To use this release, you must have ProtectionPilot 1.1 software installed on the computer you intend to update with this release. NOTES: This release does not work with earlier versions of ProtectionPilot software. IMPORTANT: In addition to applying this Patch to the ProtectionPilot server, be sure to apply this Patch to all remote console systems. Using a remote console with a version different than the ProtectionPilot server will produce unknown results. INSTALLATION STEPS WARNING: Close the Windows Services dialog box to avoid installation issues. 1. Create a temporary folder on the hard drive of the ProtectionPilot server. 2. Extract the PRP1113.ZIP file to the temporary folder that you created in Step 1. NOTE: On systems running Microsoft Windows XP SP2 or Windows 2003 SP1 (or later), using the built-in Microsoft Windows Zip extractor or WinZip 10 on NTFS partitions can result in script errors being displayed in the ProtectionPilot console. McAfee recommends using a different Zip extractor, such as 7-Zip, or previous versions of WinZip. 3. Log on to the desired computer using an account with local administrator permissions. 4. Close all ProtectionPilot consoles. 5. On the taskbar, click the "Start" button, then select "Run." The "Run" dialog box appears. 6. In "Open," type the path where the Setup program (SETUP.EXE) is located, then click "OK." The "ProtectionPilot 1.1 Patch 3 Setup" wizard appears. 7. Click "Next" to begin the installation. 8. Click "Finish" to complete the installation. 9. For all remote consoles, repeat Steps 3 – 8. REMOVING THIS RELEASE To remove this Patch from your computer, uninstall, then reinstall ProtectionPilot. NOTE: We recommend that you do NOT remove the Patch files once you install them. If you reinstall the ProtectionPilot software, we recommend that you also reinstall the Patch. __________________________________________________________ CONTACT INFORMATION THREAT CENTER: McAfee Avert(R) Labs Homepage http://www.mcafee.com/us/threat_center/default.asp Avert Labs Threat Library http://vil.nai.com/ Avert Labs WebImmune & Submit a Sample (Logon credentials required) https://www.webimmune.net/default.asp Avert Labs DAT Notification Service http://vil.nai.com/vil/signup_DAT_notification.aspx DOWNLOAD SITE Homepage http://www.mcafee.com/us/downloads/ - Product Upgrades (Valid grant number required) - Security Updates (DATs, engine) - HotFix and Patch Releases - For Security Vulnerabilities (Available to the public) - For Products (ServicePortal account and valid grant number required) - Product Evaluation - McAfee Beta Program TECHNICAL SUPPORT Homepage http://www.mcafee.com/us/support KnowledgeBase Search http://knowledge.mcafee.com/ McAfee Technical Support ServicePortal (Logon credentials required) https://mysupport.mcafee.com/eservice_enu/start.swe CUSTOMER SERVICE Web: http://www.mcafee.com/us/support/index.html http://www.mcafee.com/us/about/contact/index.html Phone: +1-888-VIRUS NO or +1-888-847-8766 Monday-Friday, 8 a.m.-8 p.m., Central Time US, Canada, and Latin America toll-free PROFESSIONAL SERVICES - Enterprise: http://www.mcafee.com/us/enterprise/services/index.html - Small & Medium Business: http://www.mcafee.com/us/smb/services/index.html _____________________________________________________ COPYRIGHT & TRADEMARK ATTRIBUTIONS Copyright (C) 2006 McAfee, Inc. All Rights Reserved. No part of this publication may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language in any form or by any means without the written permission of McAfee, Inc., or its suppliers or affiliate companies. TRADEMARKS ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY (AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN (STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT, EPOLICY ORCHESTRATOR, FIRST AID, FOUNDSTONE, GROUPSHIELD, GROUPSHIELD (AND IN KATAKANA), INTRUSHIELD, INTRUSION PREVENTION THROUGH INNOVATION, MCAFEE, MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN, MCAFEE.COM, MCAFEE VIRUSSCAN, NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN, NETSHIELD, NUTS & BOLTS, OIL CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN, VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN, WEBSHIELD, WEBSHIELD (AND IN KATAKANA) are registered trademarks or trademarks of McAfee, Inc. and/or its affiliates in the US and/or other countries. The color red in connection with security is distinctive of McAfee brand products. All other registered and unregistered trademarks herein are the sole property of their respective owners. _____________________________________________________ LICENSE & PATENT INFORMATION LICENSE AGREEMENT NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE AVAILABLE ON THE WEBSITE FROM WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A FULL REFUND. LICENSE ATTRIBUTIONS This product includes or may include: * Software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). * Cryptographic software written by Eric A. Young and software written by Tim J. Hudson. * Some software programs that are licensed (or sublicensed) to the user under the GNU General Public License (GPL) or other similar Free Software licenses which, among other rights, permit the user to copy, modify and redistribute certain programs, or portions thereof, and have access to the source code. The GPL requires that for any software covered under the GPL, which is distributed to someone in an executable binary format, that the source code also be made available to those users. For any such software covered under the GPL, the source code is made available on this CD. If any Free Software licenses require that McAfee provide rights to use, copy or modify a software program that are broader than the rights granted in this agreement, then such rights shall take precedence over the rights and restrictions herein. * Software originally written by Henry Spencer, Copyright 1992, 1993, 1994, 1997 Henry Spencer. * Software originally written by Robert Nordier, Copyright (C) 1996-7 Robert Nordier. * Software written by Douglas W. Sauder. * Software developed by the Apache Software Foundation (http://www.apache.org/). A copy of the license agreement for this software can be found at www.apache.org/licenses/LICENSE-2.0.txt. * International Components for Unicode ("ICU") Copyright (C) 1995-2002 International Business Machines Corporation and others. * Software developed by CrystalClear Software, Inc., Copyright (C) 2000 CrystalClear Software, Inc. * FEAD(R) Optimizer(R) technology, Copyright Netopsystems AG, Berlin, Germany. * Outside In(R) Viewer Technology (C) 1992-2001 Stellent Chicago, Inc. and/or Outside In(R) HTML Export, (C) 2001 Stellent Chicago, Inc. * Software copyrighted by Thai Open Source Software Center Ltd. and Clark Cooper, (C) 1998, 1999, 2000. * Software copyrighted by Expat maintainers. * Software copyrighted by The Regents of the University of California, (C) 1996, 1989, 1998-2000. * Software copyrighted by Gunnar Ritter. * Software copyrighted by Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, California 95054, U.S.A., (C) 2003. * Software copyrighted by Gisle Aas. (C) 1995-2003. * Software copyrighted by Michael A. Chase, (C) 1999-2000. * Software copyrighted by Neil Winton, (C) 1995-1996. * Software copyrighted by RSA Data Security, Inc., (C) 1990-1992. * Software copyrighted by Sean M. Burke, (C) 1999, 2000. * Software copyrighted by Martijn Koster, (C) 1995. * Software copyrighted by Brad Appleton, (C) 1996-1999. * Software copyrighted by Michael G. Schwern, (C) 2001. * Software copyrighted by Graham Barr, (C) 1998. * Software copyrighted by Larry Wall and Clark Cooper, (C) 1998-2000. * Software copyrighted by Frodo Looijaard, (C) 1997. * Software copyrighted by the Python Software Foundation, Copyright (C) 2001, 2002, 2003. A copy of the license agreement for this software can be found at www.python.org. * Software copyrighted by Beman Dawes, (C) 1994-1999, 2002. * Software written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G. Siek (C) 1997-2000 University of Notre Dame. * Software copyrighted by Simone Bordet & Marco Cravero, (C) 2002. * Software copyrighted by Stephen Purcell, (C) 2001. * Software developed by the Indiana University Extreme! Lab (http://www.extreme.indiana.edu/). * Software copyrighted by International Business Machines Corporation and others, (C) 1995-2003. * Software developed by the University of California, Berkeley and its contributors. * Software developed by Ralf S. Engelschall for use in the mod_ssl project (http:// www.modssl.org/). * Software copyrighted by Kevlin Henney, (C) 2000-2002. * Software copyrighted by Peter Dimov and Multi Media Ltd. (C) 2001, 2002. * Software copyrighted by David Abrahams, (C) 2001, 2002. See http://www.boost.org/libs/bind/bind.html for documentation. * Software copyrighted by Steve Cleary, Beman Dawes, Howard Hinnant & John Maddock, (C) 2000. * Software copyrighted by Boost.org, (C) 1999-2002. * Software copyrighted by Nicolai M. Josuttis, (C) 1999. * Software copyrighted by Jeremy Siek, (C) 1999-2001. * Software copyrighted by Daryle Walker, (C) 2001. * Software copyrighted by Chuck Allison and Jeremy Siek, (C) 2001, 2002. * Software copyrighted by Samuel Krempp, (C) 2001. See http://www.boost.org for updates, documentation, and revision history. * Software copyrighted by Doug Gregor (gregod@cs.rpi.edu), (C) 2001, 2002. * Software copyrighted by Cadenza New Zealand Ltd., (C) 2000. * Software copyrighted by Jens Maurer, (C) 2000, 2001. * Software copyrighted by Jaakko Järvi (jaakko.jarvi@cs.utu.fi), (C) 1999, 2000. * Software copyrighted by Ronald Garcia, (C) 2002. * Software copyrighted by David Abrahams, Jeremy Siek, and Daryle Walker, (C) 1999-2001. * Software copyrighted by Stephen Cleary (shammah@voyager.net), (C) 2000. * Software copyrighted by Housemarque Oy , (C) 2001. * Software copyrighted by Paul Moore, (C) 1999. * Software copyrighted by Dr. John Maddock, (C) 1998-2002. * Software copyrighted by Greg Colvin and Beman Dawes, (C) 1998, 1999. * Software copyrighted by Peter Dimov, (C) 2001, 2002. * Software copyrighted by Jeremy Siek and John R. Bandela, (C) 2001. * Software copyrighted by Joerg Walter and Mathias Koch, (C) 2000-2002. * Software copyrighted by Carnegie Mellon University (C) 1989, 1991, 1992. * Software copyrighted by Cambridge Broadband Ltd., (C) 2001-2003. * Software copyrighted by Sparta, Inc., (C) 2003-2004. * Software copyrighted by Cisco, Inc and Information Network Center of Beijing University of Posts and Telecommunications, (C) 2004. * Software copyrighted by Simon Josefsson, (C) 2003. * Software copyrighted by Thomas Jacob, (C) 2003-2004. * Software copyrighted by Advanced Software Engineering Limited, (C) 2004. * Software copyrighted by Todd C. Miller, (C) 1998. * Software copyrighted by The Regents of the University of California, (C) 1990, 1993, with code derived from software contributed to Berkeley by Chris Torek. PATENTS Protected by US Patents 6,470,384; 6,493,756; 6,496,875; 6,553,377; 6,553,378. V3.1.4