McAfee Host Intrusion Prevention Version 7.0.0 Patch 3 Released
Download
McAfee KB
New Resolved Issues
Host IPS 7.0 Patch 3 resolves a number of stability issues seen on high availability servers, domain controllers, and backup servers. In addition, the following customer issues were also resolved:
Issue: Tivoli does not function when using Check Point VPN-1 Client when Connection Aware Group firewall rules are applied. (Reference: 425392)
Resolution: Connection Aware Group matching failed with inbound traffic with some IPSec VPNs. The Connection Aware Group matching logic was extended to handle IPSec VPN re-routing of inbound traffic to the physical adapter’s NDIS miniport instance.
Issue: Unable to connect to HTTPS server when a client is connected with T3G wireless network connection. (Reference: 414155)
Resolution: Unsolicited inbound traffic was not being matched by the Connection Aware Group. The Host IPS Firewall will now use the IP address, instead of the MAC address, when matching traffic for Connection Aware Groups.
Issue: The Host IPS client does not block all SQL injections on a single IIS 6 server hosting multiple sites. (Reference: 419431)
Resolution: The ISAPI filter stub tracked the engine status using a single value even when multiple instances of the stub were loaded. Each ISAPI filter stub instance now tracks its respective engine status.
Issue: System stops responding or ‘hangs’ at shutdown because of incompatibility with NetMotion VPN. (Reference: 426645)
Resolution: In certain circumstances, a specific Windows API used during shutdown caused the system to stop responding. This API is no longer used during shutdown.
Issue: TCP traffic is blocked when firewall rules use short path names. (Reference: 414249)
Resolution: The firewall drivers, which failed to convert a short path name to a long form, now obtain a long form of a short path name before matching the rules.