Resolved issues

Release Notes
Revision A
McAfee Data Loss Prevention 9.3.3
Contents
About this release
Enhancements
Resolved issues
Installation instructions
Known issues
Find product documentation
About this release
Thank you for choosing McAfee® Data Loss Prevention (McAfee DLP). This document contains
important information about the current release. We strongly recommend that you read the entire
document.
McAfee DLP version 9.3.3 introduces feature enhancements and resolves issues present in the
previous release.
You must have version 9.2.0 or later installed on your target system before installing version 9.3.3.
Version 9.3.3 does not support coexistence with previous versions; therefore, in a managed
environment, all appliances must be upgraded to version 9.3.3 at the same time.
For virtual appliance installation instructions, see the McAfee Data Loss Prevention Virtual Appliance
Installation Guide.
Supported McAfee DLP products
This release supports these McAfee DLP product versions:
•
McAfee DLP Manager 9.3.3
•
McAfee DLP Monitor 9.3.3
•
McAfee DLP Discover 9.3.3
1
•
McAfee DLP Prevent 9.3.3
•
McAfee DLP Endpoint Agent 9.3.300.31
These host extensions are supported:
•
9.3.1.4 — For use with a unified McAfee DLP policy
•
9.3.300.16 — For use only with incident management in McAfee® ePolicy Orchestrator®
Supported systems
The following platform versions and operating systems are supported:
•
McAfee DLP 4400/5500 appliances — McAfee Linux Operating System 1.1.5
(McafeeNDLPmlos-1.1.5-1.x86_64.rpm)
•
McAfee DLP 1650/3650 appliances — Fedora-3 Linux Operating System
•
Virtual appliances — VMware vSphere ESX 4.x, ESXi 5.x
®
Compatible McAfee products
The following McAfee product versions were tested for compatibility with McAfee DLP 9.3.3 software:
•
ePolicy Orchestrator 4.6, 5.0, 5.1.0, 5.1.1
•
McAfee Web Gateway 6.x, 7.x
•
McAfee Email Gateway 7.x
•
McAfee® Logon Collector 2.0, 2.1, 2.2
®
®
Supported repositories
McAfee DLP Discover supports the following.
Database repositories
File systems and servers
• DB2 — 5x iSeries, 6.1 iSeries,
7.x–9.x
• EMC Celerra 5.6
• Microsoft SQL Server 2000,
2005, 2008, 7.0, MSDE 2000,
2012
• EMC Documentum 5.3, 6.0, 6.5
• Microsoft SharePoint 2007, 2010, 2013
• FTP
• MySQL (Enterprise) 5.0.x, 5.1
• HTTP/HTTPS
• Oracle 8i, 9i, 10g, 11g
• NFS (Network File System)
• CIFS (Common Internet File System)
• Microsoft Windows Server 2003, 2008, 2008 R2 cluster
• Microsoft Windows XP Professional SP3 or later (32-bit)
• Microsoft Windows Vista SP1 or later Enterprise and Business
editions (32-bit)
• Microsoft Windows 7 SP1 or later (32- and 64-bit)
• NetApp 7.2, 7.3
Supported browsers
McAfee DLP supports the following third-party browsers. These versions were tested for compatibility
with the software:
2
•
Microsoft Internet Explorer 7, 8, 9, 10
•
Mozilla Firefox 17, 33
Supported languages
In scanned content, McAfee DLP supports the following languages:
•
English
•
Italian
•
Chinese (Traditional)
•
Japanese
•
Chinese (Simplified)
•
Korean
•
Hebrew
•
Russian
•
Arabic
•
Dutch
•
French
•
Greek
•
German
•
Hungarian
•
Spanish
•
Czech
•
Portuguese
•
Turkish
Enhancements
This release includes these enhancements.
Concepts — Updates these concepts:
•
CREDIT-CARD-NUMBER
•
CREDIT-CARD-NUMBER-GENERAL
•
CREDIT-CARD-NUMBER-THRESHOLD
Content types — Adds content type MSOfficeEncryptedDoc for Microsoft Office 2007 encrypted
documents
Resolved issues
These issues are resolved in this release of the product. For a list of issues fixed in earlier releases,
see the release notes for the specific release.
Backup and restore
•
Resolves an issue where a backup could not be configured if the selected share contained an accent
mark in the folder name, such as "é" (965736)
•
Resolves an issue where a scan task timeout error resulted in a failed backup (977682)
3
Concepts
•
Resolves an issue where an algorithm in a custom concept might not function correctly if any
concept was deleted and re-added (961985)
•
Resolves an issue where validating a test string containing a space would result in no match, even
if the string matched the concept (972158)
•
Resolves an issue where concepts using hexadecimal strings did not correctly match scanned
content after upgrading to version 9.3.2 (1006106)
Incidents and cases
•
Adds a Publish Configuration link to the device System Utilities page to resolve an issue where incident
attachments could not be opened due to an "unknown task" error (938146)
•
Resolves an issue where filtering incidents using "UserID = domain\username" did not display the
correct results (962362)
•
Resolves an issue where Korean characters in a file name were not correctly displayed in the
incident (966184)
•
Resolves an issue where McAfee DLP reported the wrong sender address when SMTP traffic
contained an anti-spam X-Header (984653)
•
Resolves an issue where selecting filters on multiple rules did not display any Data in Use incidents
(1016624)
McAfee DLP Discover
•
Resolves a memory leak when scanning a CIFS share of 1 terabyte or larger (953870)
•
Resolves an issue where a scheduled scan ran several hours beyond the scheduled end time
(955410)
•
Resolves an issue where scanning an Oracle Database with Oracle Advanced Security enabled
would fail (963020)
Scanned content
•
Resolves an issue where encrypted Microsoft Word and Excel files were incorrectly classified as
PowerPoint files (956585)
•
Resolves a system process failure when scanning corrupt XLSX files (958264, 960930, 986055)
Searches
4
•
Resolves an issue where a search limited to specified devices displayed results from all managed
devices (984036, 992754)
•
Resolves an issue where search results were not processed when selecting all appliance types
(1007804)
Vulnerabilities — Common Vulnerabilities and Exposures (CVE)
•
Addresses these OpenSSH vunerabilities (961926):
•
Resolves an issue with forwarded X connections (CVE-2008-1483)
•
Resolves an issue with using a block cipher algorithm in Cipher Block Chaining mode
(CVE-2008-5161)
•
Removes the fixed time limit between establishing a TCP connection and completing a logon
(CVE-2010-5107)
•
Resolves an issue where sendmail did not correctly handle a '\0' character in the Common Name
field of an X.509 certificate (963587, CVE-2009-4565)
•
Resolves an issue where OpenSSL did not properly restrict ChangeCipherSpec message processing
(976967, CVE-2014-0224)
•
Addresses the Shellshock vulnerability (1010538, CVE-2014-6271, CVE-2014-7169,
CVE-2014-7186, CVE-2014-7187)
•
Addresses the POODLE vulnerability (1015169, CVE-2014-3566)
Other
•
Resolves a system process failure due to a memory leak, causing the appliance to core dump
(940644, 942204)
•
Resolves an issue where setting the syslog server entry to localhost by removing the existing entry
would fail (982324)
•
Resolves a sendmail TLS issue after installing hotfix 976967_47171 (1019496)
Installation instructions
For installation and upgrade instructions, see the McAfee Data Loss Prevention Product Guide, version
9.3.2.
The installation procedure for version 9.3.3 is the same as version 9.3.2.
If your product is at version 9.2.0 or later, you can upgrade directly to 9.3.3.
Known issues
For known issues in this product release, refer to KnowledgeBase article KB82368.
5
Find product documentation
After a product is released, information about the product is entered into the McAfee online Knowledge
Center.
Task
1
Go to the Knowledge Center tab of the McAfee ServicePortal at http://support.mcafee.com.
2
In the Knowledge Base pane, click a content source:
•
Product Documentation to find user documentation
•
Technical Articles to find KnowledgeBase articles
3
Select Do not clear my filters.
4
Enter a product, select a version, then click Search to display a list of documents.
Copyright © 2015 McAfee, Inc. www.intelsecurity.com
Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/
registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others.
A00