McAfee Data Loss Prevention Endpoint for Windows 11.4.200 Release Notes

The McAfee DLP Endpoint for Windows 11.4.200 release can update platform support.

Every update release is cumulative and includes all features and fixes from the previous release. We recommend that you always upgrade to the most current update.

Rating for update 11.4.200

The rating defines the urgency for installing this update.

Mandatory

Mandatory Critical High Priority Recommended

  • Required for all environments.
  • Failure to apply Mandatory updates might result in a security breach.
  • Mandatory updates and hotfixes resolve vulnerabilities that might affect product functionality and compromise security.
  • You must apply these updates to maintain a viable and supported product.

For more information, see KB51560.

Release details

Release builds:

  • McAfee® Data Loss Prevention Endpoint (McAfee DLP Endpoint) client build 11.4.200.182
  • McAfee® Data Loss Prevention (McAfee DLP) extension build 11.4.200.20

Known issues

For a list of current known issues, see McAfee Data Loss Prevention 11.x.x Known Issues (KB89301).

Resolved issues

This update resolves known issues.

Important: This release resolves vulnerabilities that might affect product functionality and compromise security. We recommend installing this release to maintain a viable and supported product.
Vulnerability issues
Reference Resolution
CVE-2020-7300

SB10326

The security vulnerability in McAfee DLP where web application fails to check user's rights when accessing certain resources and performing actions, such as Test Credentials, Save Protection Rule and Get Manual Classification has been resolved. See SB10326 for information about the vulnerability and remediation.
CVE-2020-7301

SB10326

The security vulnerability in McAfee DLP that allows a malicious user to use Cross-site scripting (XSS) in Case Management has been resolved. See SB10326 for information about the vulnerability and remediation.
CVE-2020-7302

SB10326

The security vulnerability in McAfee DLP that allows malicious software to run on users server or computer system after user uploads files from their local system to the web server has been resolved. See SB10326 for information about the vulnerability and remediation.
CVE-2020-7303

SB10326

The security vulnerability in McAfee DLP that allows a malicious user to use Cross-site scripting (XSS) when user adds a new label has been resolved. See SB10326 for information about the vulnerability and remediation.
CVE-2020-7304

SB10326

The security vulnerability in McAfee DLP that allows Cross Site Request Forgery (CSRF) attack remotely when user creates a label has been resolved. See SB10326 for information about the vulnerability and remediation.
CVE-2020-7305

SB10326

The security vulnerability in McAfee DLP that allows unauthorized users to use privilege escalation to create a new rule set has been resolved. See SB10326 for information about the vulnerability and remediation.
Other resolved issues
Reference Resolution
TSDP-4816 Microsoft OneNote is now recognized as an image printer when configured as an exception in a McAfee DLP Endpoint rule.
TSDP-4700 Fixed an issue where USB devices were blocked when configured as an exception in a Device Control rule.
TSDP-4598

Fixed an issue where text upload in the Google Chrome browser was not being monitored by McAfee DLP Endpoint.

TSDP-4559 McAfee DLP now allows serial numbers longer than 100 characters when creating user serial number pair exception.

TSDP-3555, TSDP-3622, TSDP-4788, TSDP-3630, TSDP-3980,

TSDP-4543, TSDP-3465, TSDP-4119, TSDP-3743,

TSDP-4479, TSDP-3409, TSDP-3605, TSDP-3623,

TSDP-3942, TSDP-4487, TSDP-4801, TSDP-3970

Fixed an issue where USB wired and wireless devices were blocked when a Device Control rule was enabled, or failed to upload after system reboot.
TSDP-4485 Fixed an issue where manual classification wasn't working when the document was on a network share.
TSDP-4445 Fixed an issue where devices were blocked for some users when using the serial number and user exception.
TSDP-4441 Fixed an issue where McAfee DLP service (fcags.exe) caused a high number of file handles, impacting the system performance.
TSDP-4383, TSDP-3948 Fixed an issue where Google Chrome web incidents showed as Not Available in the Destination column.
TSDP-4359 Fixed an issue where a file received a Locked file error message instead of applying a manual classification.
TSDP-4357 Fixed an issue where McAfee DLP wasn't detecting AIP labels in PDF files.
TSDP-4354 Fixed an issue where the manual classification user notification window was closed automatically when the rule reaction was set to close the notification manually.
TSDP-4295, TSDP-4232 Fixed an issue where evidence from some incidents were reporting under the None category instead of their evidence rule set name.
TSDP-4263 Fixed an issue where fcags.exe process file handles increased constantly causing the text extractor to crash.
TSDP-4246 Fixed an issue where Internet Explorer windows were blocked when a tab that included blocked content was moved out to a new window or minimized.
TSDP-4124, TSDP-4125 Fixed an issue where the McAfee DLP email notification window remained open, and the progress bar was stuck.
TSDP-3902 Fixed an issue where threat events IP addresses were reported incorrectly under the system names in the System Tree.
TSDP-3886 Fixed an issue where USBs weren't whitelisted when using the serial number.
TSDP-3785 Fixed an issue where two McAfee DLP justification windows were appearing with PDF files.
TSDP-3759 Fixed an issue where McAfee DLP events were not showing in the Incident Manager when using Device Control.
TSDP-3720 Fixed an issue where McAfee DLP incidents triggered on the wrong URL with Google Chrome.
TSDP-3703 Fixed an issue where the installer was leaving behind the content of the previous installation.
TSDP-3595 Fixed an issue where Syslog wasn't reporting all events.
TSDP-3579 Fixed an issue where false positives were generated for Email Protection when using built-in classifications.
TSDP-3515 McAfee DLP access protection is not applied to Google Chrome Incognito mode registry key, when enabling Chrome Incognito mode in the client configuration.
TSDP-3473 Fixed an issue where emails were sent without the body text when sending it out of the organization.
TSDP-4219 Fixed an issue where McAfee DLP incidents with low severity were reported with a high threat level status of critical.
TSDP-4849 Fixed an issue where advanced file copy protection failed to copy large files from the network share to the local drive.
TSDP-4094 Fixed an issue where a Removable Storage Device rule wasn't blocking optical media devices connected through external DVD drives.
TSDP-5062 Fixed an issue where no incidents were triggered when using web protection with a Google Chrome trusted rule to monitor file uploads.
TSDP-4775 Fixed an issue where COM and USB ports were reported with errors when loading Device Control following a system reboot .
TSDP-3562 Fixed an issue where Kanguru devices were blocked when set as an exception in a Device Control rule.
TSDP-4454 Fixed an issue with detection of USB serial numbers for iPhone.
TSDP-4781 Fixed an issue with McAfee DLPprocessing Outlook emails which caused emails to get stuck.
TSDP-4955 Fixed an issue where a device was blocked when set as an exception in a Device Control rule.
TSDP-4779 Fixed an issue where synchronization of data from OneDrive to local disks was taking too long.
TSDP-4427 Fixed an issue where files failed to upload following back up to OneDrive.
TSDP-4126 Fixed an issue where excluded recipients were intermittently scanned for classification despite exception.
TSDP-4799 Fixed an issue where some Rule Set names were displayed as blank in the McAfee DLP incident.
TSDP-3721 Fixed an issue with memory dump and error reports in the SQL database where McAfee DLP database is hosted.
TSDP-3934 Fixed an issue where McAfee DLP Discovery rollout tasks never completes.
TSDP-4199 The McAfee DLP progress bar for Outlook can now be disabled.
TSDP-4036 McAfee DLP policy backups are now restored with correct restore date.
TSDP-4462 McAfee DLP extension now opens the Classification page correctly in McAfee ePO 5.9.1 and McAfee ePO 5.10.
TSDP-3573 Importing incidents from MVISION Cloud to DLP Incident Manager no longer causes issues.
TSDP-4762 Fixed an issue where McAfee DLP reports were showing Computer IP Address as None.
TSDP-4941 Fixed an issue where a query using the Evidence File Type filter caused an error.