McAfee has identified a compatibility issue in the VirusScan driver code of several McAfee products when interacting with McAfee Host DLP 9.1+.
This issue is critical, but the risk of encounter is low.
Specifically, when any of these products — VirusScan Enterprise (VSE) 8.8 Patch 1, VSE 8.7 Patch 5, *OR* Host Intrusion Protection (HIPs) 8.0 Patch 1 — are operating on the same system as Host Data Loss Prevention (HDLP) 9.1+, random BSODs (Blue Screens of Death) may occur. PLEASE NOTE that HDLP does not need to be configured, only active on endpoints for this random issue to occur.
VSE 8.8 Patch 1 is functional and operational, and resolves numerous VSE issues. McAfee will resolve the incompatibility with a VSE and/or HIPS patch.
RECOMMENDATIONS
1. If you DO have HDLP 9.1+ installed on a system running VSE and HIPS, do NOT upgrade to any of the following versions:
– VSE 8.7 Patch 5
– VSE 8.8 Patch 1
– Host IPS 8.0 Patch 1
Wait to install VSE 8.8 or HIPS 8.0 with the hot fixes as soon as they are available.
2. If you DO have HDLP 9.1+ *AND* the affected VSE/HIPS versions installed on the same system, de-install HDLP. This can be accomplished via ePO. Wait to install VSE 8.8 or HIPS 8.0 with the hot fixes as soon as they are available.
3. If you do NOT have HDLP 9.x installed on any system in your production environment, proceed with the VSE 8.8 Patch 1, 8.7 Patch 5, or HIPS 8.0 Patch 1 installations. Again, VSE 8.8 Patch 1 is functional and operational, and resolves numerous VSE issues.
For further information, please reference the McAfee KnowledgeBase. Log in to mysupport.mcafee.com and search for KB73722.