ePO 3.0.1 Patch #3 - Agent v 3.1.1.192

[cottonpants]

Just noticed this one - brief description:

"This release addresses the McAfee ePolicy Orchestrator Agent HTTP POST Buffer Mismanagement Vulnerability; vulnerability identifier: CVE-2004-0095."

Looks like a package you need to check-in, and then in typical mcafee patching style you need to stop services, manually delete files blah blah blah...

Here's the link I have for the download (the readme is actually called patch3.txt)

http://download.nai.com/products/patches/ePO/v3.1.0/EPO3013.zip

 

[addus5]

Has anyone done this yet? Why do you have to manually delete the files?

 

[P3dr0]

I think you dont need to install this patch because it will include in ePo Orchestrator service pack 2. (except of course if you think you will be hacked soon)
I read on NAI website that it will relaese soon (in the month i think).

 

[mattmsudawg]

You do need this because it updates the agents not the server. And to answer your question addus5, once you stop the services, delete the files and start the services those two files recreate themselves.

 

[mattmsudawg]

Response to your question from a NAI Tier 3 technician: The reason you delete these 2 files is so that when you stop and restart the ePO server service it forces a new package to be built with the new binaries. Yes it is necessary.

 

[addus5]

I imported the new package and deleted the files and then restarted the service. When I use the EPO agent update task, it appears to run on the machines but the agent versions stay at 3.1.0.221 not the new 3.1.1.192. Any ideas?

Addus

 

[addus5]

Deersh. Disregard my last post. You have to deploy the new agent through a deployment task not an agent update task.

Addus