DON`T Install Patch 11 on ad windows 2003 AD

[Lotushader]

I have just rolled out patch 11 on our AD domain controllers, this was a bad thing, mcafee has just sent information : Halt installation of patch 11. - dont do it. This morning we had 3 DC there was totally busted because of patch 11. so dont install patch 11.

 

[kamiquasi]

can you provide more information (or point me to where i can find more) about this? does it have to do with the fact that installing the patch reverts all settings back to the defaults? (see NAI kb43305)

 

[Lotushader]

The following services is demanding all the power on the DC lsass.exe and dfssvc.exe, we are running a Citrix enviroment with thin clients. That means that one user can be validatet alot of times. Mcafee know the problem but have no solution.

 

[gsavy]

you wrote

mcafee has just sent information : Halt installation of patch 11.

Could you please give us the link, thanks

 

[Lotushader]

here is the link:

http://www.mcafee.dk/

 

[gsavy]

ok many thanks,

there is nothing on Nai web site

https://mysupport.nai.com/

even on hot topics !

they are very bad for communication

 

[Lotushader]

Mcafee have a solution ready .... reinstall patch 10 or you can wait until Mcafee will release a superdat file to downgrade the VSE8.0i it is the naiavf5x.sys file there have a bug. tjek the

http://www.mcafee.dk

for updates I`ll tell when the superdat file it released... i hope it will beready around 18:00 date 4-10-2005

 

[Lotushader]

your problems has been solved, Mcafee has provided us with a patch to rollback to patch 10, it is a bug in citrix print patch from mcafee, you will only see the problems if you are running citrix in a large scale. Contact your mcafee supporter to get the fix.

 

[DaNetPro]

This is all garbage.
1st off the problem has nothing to do with any citrix print patch .which patch was this??
2nd it has nothing to do with patch11 on the dc. its the workstations that cause a problem
if you run a dfs share then all that happens is the workstations poll the servers more than usual causing them to slowdown
3rd i was told the is an update you can run on epolicy server that fixes the problem all you have to do is ask a teccy at mcafee/ the fix just changes 1 file not rollback to patch 10!
i cant read the post on mcafee.dk i only speak american! how about you tell us?

 

[TPNDK]

Answee To DaNetPro

1st off the problem has nothing to do with any citrix print patch .which patch was this??

That is not correct, it is the citrix hotfix for virusscan 8.0i that cause this error the patch is called HF220262 912, the error is the Avfilter driver. Mcafee have made a superdat that fix this problem so that patch11 use a avdriver from patch10.


2nd it has nothing to do with patch11 on the dc. its the workstations that cause a problem
if you run a dfs share then all that happens is the workstations poll the servers more than usual causing them to slowdown

That is correct the error is on the workstations, we have the issue on 2300computers across 20dc's.

3rd i was told the is an update you can run on epolicy server that fixes the problem all you have to do is ask a teccy at mcafee/ the fix just changes 1 file not rollback to patch 10!

Do you know what the update is called? Because i only know there is a superdat made that fix this currently.

The only problem with the superdat is that it requires and reboot.

I dont understand why mcafee dosent inform all their clients about this MAJOR issue.

 

[JimmyZ1]

I'm not installing anything until patch 12 comes out

 

[Lotushader]

yes, your all right when i made the first notise on this forum, mcafee did not know what to do and what was wrong.
Mcafee have seen this problem in 8 installations worls wide. 3 i in denmark and 1 austria and the last ... ?
We have at consultan from mcafee for 36 hours to fix the problem... after installing the superdat and restartet the hosts problem solved. we will have a Technical explanations from mcafee within 2 weeks, i`ll post it.

 

[FengTeo]

I'm with Xavier2 on this one.

I haven't rolled patch 11 to anywhere except our test environment, but get all sorts of network issues (on the client side) when I install AutoCAD LT2004.

I get stalled network app installs which continue after disabling the VSE8 realtime scanner.

I've lodged a call with Prime Support, but they have been no help thus far.

Their latest suggestion (which I am yet to try) is as follows:

<b>Can we try the following.

1) Disable Buffer overflow- do this in the VSE console.
(Should not require a reboot)

2) Replace the NaiAvf5x.sys(depends on the OS) with Vse 8.0i patch 10's filter driver version. You can locate this file in the system32\drivers folder. Copy one from the patch 10 machine and place it on the patch 11 machine.</b>

Sounds very similar to the problems with AD DCs :|

This is an interesting issue though. Does anyone have an english translation of the website.

 

[FengTeo]

Just a followup on what I noted before (i.e. what NAI support told me to try):

Can we try the following.

1) Disable Buffer overflow- do this in the VSE console.
(Should not require a reboot)

2) Replace the NaiAvf5x.sys(depends on the OS) with Vse 8.0i patch 10's filter driver version. You can locate this file in the system32\drivers folder. Copy one from the patch 10 machine and place it on the patch 11 machine.

Worked a treat on our XP boxes which had this network delay latency issue. Installed v11, extracted the file, upgraded to p11 and copied over the NaiAvf5x.sys file over an restarted.

The logon script now processes fine, and all network traffic and network based applications respond normally.

Hopefully they resolve this in p12.

*sigh*.

As a wise man said to me today... The merry go round continues....!!

I say blow the silly merry go round up!!!!