Release Notes

McAfee Security for Microsoft Exchange 8.5.0 Patch 1

About this release
New features
Installation instructions
Known issues
Find product documentation

About this release

This document contains important information about McAfee® Security for Microsoft Exchange (MSME) 8.5.0. We strongly recommend that you read the entire document.

NoteWe do not support the automatic upgrade of a pre-release software version. To upgrade to a production release of the software, you must first uninstall the existing version.

New features

This release of the product includes these new features.

Feature Description
Protection from malicious URLs When enabled, MSME scans each URL in the email body, gets the reputation score of the link, compares the score to the defined threshold, and takes appropriate action according to the configuration.
Exchange server support Support for
Microsoft Exchange Server 2013 SP1
Microsoft Exchange Server 2013 Edge role
Microsoft Exchange Server 2016
No dependency on anonymous logon permission MSME does not require anonymous logon permission anymore in exchange receive connector for notification. Instead, MSME uses NTLM (Windows NT LAN Manager) authentication.
5800 Engine support Pre-packaged with the latest 5800 engine that provides enhanced detection capabilities.
Secured HTTPs communication channels between MSME and McAfee® Quarantine Manager (MQM) In addition to the existing quarantine mechanism (local database and RPC channels), MSME provides HTTP and HTTPs channels to communicate with the MQM server. These stateless connections make sure that the software communicates with the MQM server seamlessly.
Creation of DLP rules in all supported locale You can now define DLP rules in all supported locales. You can also view and edit the dictionaries of other supported locales. The supported locales are Chinese Simplified, English, French, German, Japanese, and Spanish.
Management of on-demand (MSMEODUser) user account Allows you to modify the on-demand user password credentials and synchronize them with the LDAP server using the interface.
Exclusion of subfolders and public folders from scanning

A new option lets you exclude mailbox subfolders and public folders from on-access scanning (VSAPI scanning).

You can also configure these exclusions from ePolicy Orchestrator.

IP whitelisting You can whitelist a known legitimate IP address that is refused by the IP reputation threshold settings defined in MSME. For more information about configuring IP whitelisting for IP Agent using the registry, see McAfee KnowledgeBase article KB82216.
Monitoring the scanner process to avoid high RPC issue The watch process approach lets the software monitor the high RPC issue that occurs due to additional time taken to scan specific sample files. Corrective action is taken according to the policy settings.
Mail size filtering A new option to configure the mail size filtering for the On-Access policy and Gateway policy separately.
Restricted files in .zip format A new option allows or blocks restricted files such as .exe files that come as a password-protected .zip file.
Scan failure scenario Configure actions for scan failure due to generic failure or product failure.
Proxy server for database update Configure proxy servers to get IP reputation, message reputation, and URL reputation database.
Support for 7-Zip archive file scanning Supports 7-Zip file scanning on all scanners and filters.
Compatibility with ePolicy Orchestrator FIPS (Federal Information Processing Standard) mode Provides compatibility with ePolicy Orchestrator, which is installed in FIPS mode. You can use the same ePolicy Orchestrator to manage MSME.
Viewing on-demand scan status in ePolicy Orchestrator View the status of scheduled on-demand scan tasks in ePolicy Orchestrator. For managed systems, on-demand scanning events are generated with details such as start time, end time, number of items scanned, and number of items quarantined. Events are generated whether the on-demand scan is initiated by the local system or from ePolicy Orchestrator.
Viewing on-demand scan completion percentage in ePolicy Orchestrator When scanning is initiated from ePolicy Orchestrator, view the completion status (percentage) for the on-demand scan task in ePolicy Orchestrator.

You can view the status on the Threat Event Log page in the Threat source URL column.

Purge old DAT using scheduled tasks from ePolicy Orchestrator Allows you to purge old DAT files from managed systems using scheduled tasks.
McAfee stack upgrade Bundled with newer versions of these components:
McAfee® Agent
McAfee Anti-malware engine 5800
McAfee Anti-Spam Engine
McAfee Content Scanning Engine 4.8
NoteDue to McAfee Content Scanning Engine 4.8.0 file grouping pattern, certain File Filter Categories are merged as primary and secondary file format. Some of the rules are now obsolete and are not available. For more information, see McAfee KnowledgeBase article KB84922. These File Categories changes are applicable for standalone and McAfee ePO policy upgrade.
PostgreSQL 9.3 database
NoteWhen upgrading the PostgreSQL database, your existing data is migrated to the 9.3 supported schema. Depending on the database size, the installer might take additional time to complete the update.
Enhanced alert notification for detected items Categorizes the detected items based on the reason for blocking, instead of repeating the reason for each item.
Browser enhancements Support for new browsers:
Microsoft Internet Explorer 8.0, 9.0, 10.0, and 11.0
Mozilla Firefox 29.x and 30.x
Google Chrome 35
NoteMake sure that you disable the pop-up blocker in the browser settings.
Virtualization Support for VMware workstation 7.0 or later, and VMware ESX 5.5

Installation instructions

For information about installing or upgrading McAfee Security for Microsoft Exchange, see McAfee Security for Microsoft Exchange 8.5.0 Product Guide.

NoteMcAfee recommends that after installing the software:
Make sure that the engine and DAT files are up to date.
Clear the browser cache, then reopen the browser.

If your previous version has File Filter Categories rules, when you upgrade, some of these rules are either migrated or removed. This is because in McAfee Content Scanning Engine 4.8.0, certain File Filter Categories are merged as primary and secondary file format and some are made obsolete. For more information, see McAfee KnowledgeBase article KB84922.

An HTML report is generated for any File Filter Categories changes in your configuration.
For standalone installation — You can find the HTML report in this location:

<MSME Install directory>/bin/FilefilterUpgradeReport_ddmmyyyyhhmmss.html.

For McAfee ePO policy upgrade — You can find the HTML report in this location:

<ePO Upgrade tool path>/bin/FilefilterUpgradeReport_ddmmyyyyhhmmss.html.

The EPODebugTrace.txt file contains all the actions taken. It is located in the folder where you executed MSMEePOUpgrade.EXE.

Known issues

For a list of known issues in this product release, see this McAfee KnowledgeBase article: KB82213.

Find product documentation

After a product is released, information about the product is entered into the McAfee online Knowledge Center.

Task
1 Go to the Knowledge Center tab of the McAfee ServicePortal at http://support.mcafee.com.
2 In the Knowledge Base pane, click a content source:
Product Documentation to find user documentation
Technical Articles to find KnowledgeBase articles
3 Select Do not clear my filters.
4 Enter a product, select a version, then click Search to display a list of documents.