Documentos de Académico
Documentos de Profesional
Documentos de Cultura
Hotfix 973112
Resolved issues
Installation instructions
Additional information
Rating
Mandatory McAfee requires this release for all environments. This update must be applied
immediately to avoid a potential security breach, and to maintain a viable and supported product.
For more information about patch ratings, see McAfee KnowledgeBase article KB51560.
Resolved issues
This hotfix resolves the following issues. For a list of issues fixed in earlier releases, see the Release
Notes for the specific release.
Issue
An attacker using a carefully crafted handshake can force the use of weak keying material in
OpenSSL SSL/TLS clients and servers. This can be exploited by a man-in-the-middle (MITM) attack
where the attacker can decrypt and modify traffic from the attacked client and server.
o
CVE-2014-0224
OpenSSL 0.9.8a-y
OpenSSL 1.0.0a-l
OpenSSL 1.0.1a-g
OpenSSL 0.9.8za
OpenSSL 1.0.0m
1.0.1e-13 (MLOS2)
OpenSSL 1.0.1h
Resolution
This hotfix replaces all OpenSSL and Apache files used by McAfee ePO that are affected by this
vulnerability.
Installation instructions
For information about installing or upgrading ePolicy Orchestrator, see the McAfee ePolicy Orchestrator
Installation Guide.
Before proceeding with the upgrade process, see McAfee KnowledgeBase article KB71825 for important
steps to take before upgrading (KB76739 for McAfee ePO 5.0.0 and later).
NOTE:
There are now separate installers for McAfee ePO 4.6.x (ePOHF973112_4x.exe) and McAfee ePO 5.x
(ePOHF973112_5x.exe). Use the appropriate installer for your McAfee ePO server and remote Agent
Handlers, if any.
If you install the hotfix, then upgrade to another affected version of McAfee ePO, you must reapply
the hotfix.
Requirements
Make sure that your system meets these requirements before installing the software.
NOTE:
This hotfix updates all McAfee ePO versions previously listed.
This hotfix must be installed on the McAfee ePO server, and any remote Agent Handlers where
the ssleay32.dll file version is not 1.0.1.8 or later. See below for more information.
FIPS 140-2 installations of McAfee ePO are NOT vulnerable. These updates will not install in FIPS
mode.
Run the appropriate (4.x or 5.x) ePOHF973112_*x.exe and follow the on-screen instructions.
Close all connections (open consoles, either remote or local) to the McAfee ePO server.
b.
The hotfix must be installed on the node where the first installation of McAfee ePO was
performed, and that node must be the Active node.
i. Shut down all passive nodes. Although this is optional, we highly recommend this
step to ensure that the installation is isolated to the active node.
ii. Use the Failover Cluster Manager to take the following McAfee ePO services offline:
1. Apache
2. Event Parser
3. Tomcat
Copy the ePOHF973112.zip file to a temporary folder on the node where the first installation of
McAfee ePO was performed.
Locate the appropriate ePOHF973112_*x.exe file for your version of McAfee ePO.
Run the appropriate ePOHF973112_*x.exe and follow the instructions in the InstallShield
wizard.
i. When the installation is finished, use the Failover Cluster Manager to bring these
McAfee ePO services online:
1. Apache
2. Event Parser
3. Tomcat
b.
Select the Details tab, and make sure the file version is 1.0.1.8 and the product version is
1.0.1h.
Additional information
Important
The attached files are provided as is, and with no warranty either expressed or implied as to their
suitability for any particular use or purpose. McAfee, Inc. assumes no liability for damages incurred
either directly or indirectly as a result of the use of these files, including but not limited to the loss
or damage of data or systems, loss of business or revenue, or incidental damages arising from
their use. Hotfix files should be applied only on the advice of McAfee Technical Support, and only
when you are actually experiencing the issue being addressed by the hotfix. Hotfix files should not
be proactively applied in order to prevent potential product issues. You are responsible for reading
and following all instructions for preparation, configuration, and installation of hotfix files. Hotfix
files are not a substitute or replacement for product Service Packs which may be released by
McAfee, Inc. It is a violation of your software license agreement to distribute or share these files
with any other person or entity without written permission from McAfee, Inc. Further, posting of
McAfee hotfix files to publicly available Internet sites is prohibited. McAfee, Inc. reserves the right
to refuse distribution of hotfix files to any company or person guilty of unlawful distribution of
McAfee software products. Questions or issues with McAfee hotfix files should be directed to McAfee
Technical Support.
Enter a product name, select a version, then click Search to display a list of documents.