Megjelent a McAfee Data Loss Prevention (DLP) 11.3

Típus: Hírek
Publikálva: 25/07/2019
Az újdonságok listája:
- McAfee Data Loss Prevention Endpoint for Windows 11.3.x
     - File upload blocking in Chrome browser
     - Enhanced McAfee MVISION Cloud support
     - New OSs support (Microsoft Windows 10 May 2019 Update Version 1903, 32-bit and 64-bit, Microsoft Server 2019 Version 1903)
- McAfee Data Loss Prevention Prevent 11.3.x
     - Additional ICAP header

A hibajavítások listája:
- McAfee Data Loss Prevention Endpoint for Windows 11.3.x
     - CVE-2019-3621 - SB10290  - The security vulnerability in McAfee Agent that allows an attacker to bypass the Windows lock screen with certain McAfee DLP Endpoint for Windows configurations has been resolved. See SB10290 for information about the vulnerability and remediation.
     - CVE-2019-3622  - SB10290  - The security vulnerability in McAfee DLP Endpoint for Windows where permissions on the log directory were incorrectly set allowing privileged users to redirect the log files to arbitrary locations has been resolved. See SB10290 for information about the vulnerability and remediation.
     - CVE-2019-3591  - SB10289  - The security vulnerability in McAfee DLP extension that allows a malicious user to trigger a cross-site scripting vulnerability has been resolved. See SB10289 for information about the vulnerability and remediation.
     - CVE-2019-3593  - SB10289  - The security vulnerability in McAfee DLP extension where the extension was not correctly sanitizing CSV exports has been resolved. See SB10289 for information about the vulnerability and remediation.
- McAfee Data Loss Prevention Monitor 11.3.x
     - 1270287  - CVE-2018-6703  - SB10258  - This release updates the built-in McAfee Agent package on the appliance to version 5.5.1-462 to address the Use After Free vulnerability in the McAfee Agent remote logging feature. See SB10258 for information about the vulnerability and remediation.
     - 1270287  - CVE-2019-3598  - SB10272  - This release updates the built-in McAfee Agent package on the appliance to version 5.5.1-462 to address the vulnerability in handling UDP requests. See SB10272 for information about the vulnerability and remediation. 
     - CVE-2019-3591  - SB10289  - The security vulnerability in McAfee DLP extension that allows a malicious user to trigger a cross-site scripting vulnerability has been resolved. See SB10289 for information about the vulnerability and remediation.
     - CVE-2019-3593  - SB10289  - The security vulnerability in McAfee DLP extension where the extension was not correctly sanitizing CSV exports has been resolved. See SB10289 for information about the vulnerability and remediation.
     - 1262088  - This release changes how the classifications and short match strings in an incident are reported in DLP Incident Manager in McAfee ePO. The incidents now report only the classifications and short match strings that are part of the matching rule rather than all classifications and short match strings that matched.
     - 1263307  - Session directories are now cleared when a policy enforcement fails.
     - 1263429  - The maximum file size configuration for Analysis Settings is now considered.
     - 1265844  - McAfee DLP syslog information now contains information about a classification that triggered the incident.
     - 1270446  - This release fixes an issue where classifications created using the Bulgarian EGN validator were incorrectly handled. McAfee DLP appliances now accept policies with Bulgarian EGN.
     - 1271982  - This release fixes an issue where end-user policies based on organizational unit (OU) didn't work correctly when the distinguished name (DN) attribute from the directory server was in uppercase.
     - 1272515  - This release fixes an issue where the maintenance (deletion of oldest data so as to save new data) of captured data would not work correctly after resetting the appliance to its factory defaults.
     - 1274360  - This release fixes an issue where the McAfee DLP appliance incorrectly reported a failure to update the internal installation image from a USB drive, and could erase the data in the USB drive. This issue occurred only if two USB drives were connected simultaneously when updating the internal installation image.
- McAfee Data Loss Prevention Prevent 11.3.x
     - 1270287  - CVE-2018-6703  - SB10258  - This release updates the built-in McAfee Agent package on the appliance to version 5.5.1-462 to address the Use After Free vulnerability in the McAfee Agent remote logging feature. See SB10258 for information about the vulnerability and remediation.
     - 1270287  - CVE-2019-3598  - SB10272  - This release updates the built-in McAfee Agent package on the appliance to version 5.5.1-462 to address the vulnerability in handling UDP requests. See SB10272 for information about the vulnerability and remediation.
     - CVE-2019-3591  - SB10289  - The security vulnerability in McAfee DLP extension that allows a malicious user to trigger a cross-site scripting vulnerability has been resolved. See SB10289 for information about the vulnerability and remediation.
     - CVE-2019-3593  - SB10289  - The security vulnerability in McAfee DLP extension where the extension was not correctly sanitizing CSV exports has been resolved. See SB10289 for information about the vulnerability and remediation.
     - 1262088  - This release changes how the classifications and short match strings in an incident are reported in DLP Incident Manager in McAfee ePO. The incidents now report only the classifications and short match strings that are part of the matching rule rather than all classifications and short match
strings that matched.
     - 1263307  - Session directories are now cleared when a policy enforcement fails.
     - 1263429  - The maximum file size configuration for Analysis Settings is now considered.
     - 1265844  - McAfee DLP syslog information now contains information about a classification that triggered the incident.
     - 1268643  - This release updates the McAfee DLP Prevent appliance behavior to allow ICAP requests with unscannable content. Examples of unscannable content include corrupt files, files that exceed the maximum analysis size or time, and files that exceed maximum depth if there are nested files. In previous versions of McAfee DLP Prevent, an ICAP request with unscannable content sends a 4xx ICAP response back to the web proxy server. The McAfee DLP Prevent appliance now allows an ICAP request with unscannable content and sends a 2xx ICAP response back to the web proxy server. In addition, the appliance adds the
X-MFE-PREVENT: SCANFAIL header in its ICAP response when it detects unscannable content.
     - 1270446  - This release fixes an issue where classifications created using the Bulgarian EGN validator were incorrectly handled. McAfee DLP appliances now accept policies with Bulgarian EGN. 
     - 1271592 - This release fixes an issue where the McAfee DLP Prevent appliance incorrectly processed 4xx or 5xx SMTP response codes from the Smart Host during the RCPT TO phase of an email conversation. This behavior is now corrected. The McAfee DLP Prevent appliance now relays any SMTP error response code from the Smart Host back to the sending MTA and rejects the email conversation. We recommend you to configure the Smart Host to "accept" all recipients for all emails that are sent to the McAfee DLP Prevent appliance.
     - 1271982  - This release fixes an issue where end-user policies based on organizational unit (OU) didn't work correctly when the distinguished name (DN) attribute from the directory server was in uppercase.
     - 1272515  - This release fixes an issue where the maintenance (deletion of oldest data so as to save new data) of captured data would not work correctly after resetting the appliance to its factory defaults.
     - 1272520  - By default, the McAfee DLP Prevent appliance sends a 4xx ICAP response back to the web proxy server for ICAP requests that exceed the maximum configured file size for scan. You can now configure the McAfee DLP Prevent appliance to allow these ICAP requests with a 2xx response. When the configuration is enabled, the appliance sends the 2xx ICAP response back to the web proxy server and also adds the X-MFE-PREVENT: SCANFAIL header. For information about how to configure to allow ICAP requests that exceed the maximum configured file size for scan with a 2xx response, see KB91550.
     - 1274360  - This release fixes an issue where the McAfee DLP appliance incorrectly reported a failure to update the internal installation image from a USB drive, and could erase the data in the USB drive. This issue occurred only if two USB drives were connected simultaneously when updating the internal installation image.


A teljes cikk elérhető az alábbi linkeken:
- Data Loss Prevention Endpoint for Windows 11.3 Release Notes 
Data Loss Prevention Monitor 11.3.x Release Notes
- Data Loss Prevention Prevent 11.3.x Release Notes

 

Kapcsolat

+36 1 371 2 370
mcafee.ecs.hu@arrow.com

 CL Social Media Icon - Facebook 40px CL Social Media Icon - Twitter 40px CL Social Media Icon - Blog 40px  YouTube_40  McAfee_SDS_badge