A glitched update released yesterday triggered McAfee security products to crash affecting email systems.
The affected update (DAT 66822) was pushed out to corporate customers and affected six McAfee products including email and web security, email gateway, and GroupShield.
McAfee said users should not upgrade to the affected DAT file and instead apply the subsequent fixed update (DAT 66823).
Sydney IT administrator Jackie Chen said the error caused his large organisation’s Exchange server to crash.
“The bloody McAfee [sic] caused another trouble yesterday by re-releasing the new DAT 6682,” he said. “The only thing you can do is to revert the DAT back to 6681 in both ePO master repository and the mail server.”
Another commentator on the SANS Internet Storms Centre said the glitch caused email at US IT services company Axway to jam up.
“Axway spammed me all day because of this. It's causing their email security products to fail and queue email,” they said.
Users would need to manually remove large dump files produced when McAfee products including GroupShield and Security for Exchange/Domino and VirusScan crashed.
The glitched update would be resolved in most products by applying automatic updates, however users of McAfee’s ePolicy Orchestrator would need to follow manual remediation steps.
Copyright © SC Magazine, Australia
Issue: 340 | July 2015