Release Notes for:
McAfee(R) Desktop Firewall Version 8.5 Patch 4Copyright (C) 2006 McAfee, Inc.
All Rights Reserved
================================================== ========
This release was developed and tested with:
ePolicy Orchestrator: 3.5
ePolicy Orchestrator: 3.6
Make sure you have installed one of these versions
before using this release.
================================================== ========
Thank you for using Desktop Firewall version 8.5.
This file contains important information regarding
this release. We strongly recommend that you read
the entire document.
The attached files are provided as is, and with no
warranty either expressed or implied as to their
suitability for any particular use or purpose.
McAfee, Inc. assumes no liability for damages
incurred either directly or indirectly as a result
of the use of these files, including but not limited
to the loss or damage of data or systems, loss of
business or revenue, or incidental damages arising
from their use. Patch files should be applied only
on the advice of McAfee Technical Support, and only
when you are actually experiencing the issue being
addressed by the Patch. Patch files should not be
proactively applied in order to prevent potential
product issues. You are responsible for reading and
following all instructions for preparation,
configuration, and installation of Patch files.
Patch files are not a substitute or replacement for
product Service Packs which may be released by
McAfee, Inc. It is a violation of your software
license agreement to distribute or share these files
with any other person or entity without written
permission from McAfee, Inc. Further, posting of
McAfee Patch files to publicly available Internet
sites is prohibited. McAfee, Inc. reserves the right
to refuse distribution of Patch files to any company
or person guilty of unlawful distribution of McAfee
software products. Questions or issues with McAfee
Patch files should be directed to McAfee Technical
Support.
__________________________________________________ ________
WHAT'S IN THIS FILE
- About This Release
- Purpose
- Resolved Issues
- Files Included with This Release
- Installation
- Installation Requirements
- Installation Steps
- Participating in the McAfee Beta Program
- Contact Information
- Copyright & Trademark Attributions
IMPORTANT NOTE
We strongly recommend that you test with the
stand-alone version before checking in the Package
file for this Patch.
__________________________________________________ ________
ABOUT THIS RELEASE
PURPOSE
The purpose of this Patch is to resolve issues
found since the product was released.
RESOLVED ISSUES
1. ISSUE:
Patches would fail to install if Desktop
Firewall was customized with McAfee Installation
Designer (MID).
RESOLUTION:
The patch installer scripts have been modified
to correctly identify a MID installation and
successfully install the Patch.
2. ISSUE:
Client interface passwords were being stored in
clear text.
RESOLUTION:
The code was changed so that ePolicy
Orchestrator encodes the password when it is
stored for use by Desktop Firewall.
NOTES:
Immediately after performing an upgrade, the end
user will be unable to unlock the interface
until after the first policy enforcement takes
place.
For ePolicy Orchestrator 3.6: After performing
an upgrade, the user must create a new password.
The password can be changed back to its previous
version, if desired.
3. ISSUE:
Certain applications were not correctly
identified and rule processing in application
hooking mode was not working correctly.
RESOLUITION:
Desktop Firewall now handles file names
properly.
4. ISSUE:
In certain cases, incoming connections to server
applications were being blocked by Desktop
Firewall.
RESOLUTION:
Desktop Firewall drivers were changed to
properly handle incoming traffic and pass it to
open ports.
ADDITIONAL FEATURES
- Cisco VPN support.
Desktop Firewall 8.5 Patch 4 has been tested on
Cisco VPN, which is now fully supported.
- This Patch is a rollup that includes all
previous Patches and HotFixes released since the
original product release of version 8.5. Patch 4
upgrades all previous installations and patch
levels.
PREVIOUSLY FIXED ISSUES
1. ISSUE:
Ptdebug.txt file grows to fill partition.
RESOLUTION:
Desktop Firewall uses this file for debugging.
In some situations, the file could grow to fill
the installed drive partition. Now, the file
growth has been set to a maximum limit and the
file location moved to the installation path
directory of Desktop Firewall. An associated
file, epodbg.txt, now has reduced logging.
2. ISSUE:
Logon failure using Novell WinLogon before
Windows login.
RESOLUTION:
In some cases, logging into a Novell account
before completing Windows authentication may
fail. This issue has been resolved.
3. ISSUE:
Password prompting when no password is set.
RESOLUTION:
If you set a password to unlock the user
interface then later remove the password, you
are still prompted for a password, even though
no password is assigned. This has been fixed.
4. ISSUE:
The server hangs due to a signature defect.
RESOLUTION:
A defect in a Network Intrusion Prevention
System (NIPS) signature that addresses an
MDF_RpcDcom exploit caused the problem. This
signature has been updated to fix the issue
where a certain type of packet being received
could cause an infinite loop. The affected
computer would hang, and the only way to recover
was a hard reset.
5. ISSUE:
Importing a ruleset into Firewall causes the
client to continiously try to get an update from
the ePO server.
RESOLUTION:
The Firewall service was changed to correctly
import rulesets.
PREVIOUS ADDITIONAL FEATURES
- Windows 2003 Service Pack 1 Support.
Prior to this Patch release, only Windows 2003
was officially supported.
- ePolicy Orchestrator 3.6 Support.
This Patch provides compatibility for managing
Desktop Firewall through ePolicy Orchestrator
3.6, and is backward compatibile with older
versions of ePolicy Orchestrator.
FILES INCLUDED WITH THIS RELEASE
This release consists of a package called
MDF850_HOTFIX4_LEN.ZIP, which contains the
following
folders:
- Desktop Firewall:
This is the stand-alone version of the product.
This folder contains one file - Setup.exe.
- Desktop Firewall for ePolicy Orchestrator:
This is the ePolicy Orchestrator version of the
product, which contains these files –
FirewallDet.McS, McAfeeFireHF4_EN.exe, and
PkgCatalog.z.
- ePolicy Orchestrator Update for Firewall:
This is required for your ePolicy Orchestrator
console installation. This folder contains one
file – McAfeeFireEPOUpdate85.exe.
__________________________________________________ ________
INSTALLATION
BEFORE YOU BEGIN
1. Create a temporary folder on the hard drive of
the computer where you want to install this
Patch release.
2. Extract the MDF850_HOTFIX4_LEN.ZIP file to the
temporary folder that you created in Step 1.
INSTALLATION REQUIREMENTS
Please see product documentation for complete
information regarding installation and system
requirements.
INSTALLATION STEPS
Installing The Stand-alone Version
To install this Patch release:
1. From the temporary folder you created,
double-click the Setup.exe file.
2. Follow the prompts to complete the
installation.
3. Restart your computer.
Installing the ePolicy Orchestrator Version
IMPORTANT:
Installing this Patch on your ePolicy
Orchestrator server may deploy this version to
all clients. McAfee strongly recommends that
before installing this Patch on your ePolicy
Orchestrator server, you first install the
stand-alone version on a test computer. Follow
the steps in "Installing the Stand-alone
Version."
When you’ve verified the fixes and your testing
is complete, remove the stand-alone version from
the test computer and follow the steps in the
ePolicy Orchestrator procedures.
Installing the ePolicy Orchestrator Update for
Desktop Firewall
4. Remove the prior version of McAfee Desktop
Firewall ePO Update:
a. Open "Add/Remove Programs" in the Control
Panel.
b. In the list, select "McAfee Desktop Firewall
ePO Update" and click "Change/Remove."
5. Confirm the uninstall by clicking "OK."
6. Click "Finish" to restart the computer.
WARNING:
Clicking "Finish" will restart your computer!
7. After rebooting, double-click the new "McAfee
Desktop Firewall ePO Update for Firewall" and
proceed through the installation wizard.
Updating the ePolicy Orchestrator Package
To install this Patch release on the ePolicy
Orchestrator server:
1. Check in the new PkgCatalog.z file. For
instructions, refer to the procedures in the
Desktop Firewall Installation Guide.
2. Create a new Update task to deploy the updated
software to your remote Desktop Firewall
clients.
NOTE:
If you do not have ePolicy Orchestrator 3.5
Patch 3 or later, you will not see Desktop
Firewall in the list of deployable Patches. You
can use the option "This task updates all
components" if you are using an older version of
ePolicy Orchestrator. If you already have a
Global Update task enabled, or a DAT update
task, the new Patch will be deployed with the
next agent-server communication or agent wakeup
call.
POST-INSTALLATION NOTES:
You can identify who has received the Patch by
going to the following location in your ePolicy
Orchestrator Server:
Reporting | ePO Databases | ePO_<Servername> | Queries | Installations | All
Installations
Look in Column 1 for "Firewall8500." Then, in
Column 5, the computers that have reported back
as having received the Patch are indicated by a
"4." A blank entry indicates that the Patch has
not been received or, if received, is not able
to report back. If that client never reports
back as having received the Patch, this could be
an indication of another problem.
For Download Link (no pass. required) please post your request in to reply to this thread.
Notice: The build number in the about box never changes.