ePolicy Orchestrator prematurely deploys a McAfee product software patch or update
Last Modified: 2023-07-10 12:03:58 Etc/GMT
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
ePolicy Orchestrator prematurely deploys a McAfee product software patch or update
Technical Articles ID:
KB77063
Last Modified: 2023-07-10 12:03:58 Etc/GMT EnvironmentePolicy Orchestrator (ePO) 5.x
ProblemA McAfee product software patch, update, or hotfix that has been checked in to the ePO Master Repository is deployed prematurely.
This issue can occur under any of the following conditions:
CauseThe Global Updating functionality is accessible from Menu, Configuration, Global Updating. Global Updating displays the same list of products as Selective Updating, but functions in a different way. The list of products in Global Updating is not a selective update list. It determines which item begins a Global Update task, not which products are updated. When a Global Update has been initiated, which triggers a One-Click update. A One-Click update doesn't use the configurations of update tasks. It checks for all available updates in the repository and applies any patch or Service Pack found for each listed product. One-Click updates occur automatically at the end of any software installation completed using the McAfee Agent Deployment task, or when selecting Update Now from the VSE or McAfee Agent system tray icon. The One-Click update that occurs at the end of a product installation is not a configurable option, and execute. SolutionUse the following information to ensure that a McAfee product patch or Service Pack is not automatically distributed to client systems:
Use an alternate repository branch Check the patch or Service Pack into a branch other than Current in ePO. By default, the McAfee Agent policy is configured to access updates from the Current branch. Checking the package into the Evaluation or Previous branch until it is ready to be deployed to the environment is the preferred method. The One-Click update that occurs at the end of the McAFee product installation cannot be configured or disabled. If you are deploying products through ePO, the only way to prevent unintended updates to patches or service packs is to use an alternate branch that is not configured to be accessible through policy. For information about configuring this feature, see the "Repository branches and their purposes" section in the respective ePolicy Orchestrator Product Guide. For product documents, go to the Product Documentation portal.
.Disable Global Updating
Disable Selective Updating for VSE
Affected ProductsLanguages:This article is available in the following languages: |
|