Endpoint Security 10.6.1 February 2021 Update

Every update release is cumulative and includes all features and fixes from the previous release. We recommend that you always upgrade to the most current update.

Rating

Critical—This release is critical for all environments. Failure to apply it might result in severe business impact.

Release details

This release includes the following build numbers:

Component Version
McAfee® Endpoint Security Platform 10.6.1.2286
McAfee® Endpoint Security Platform extension 10.6.1.1459
McAfee® Endpoint Security Threat Prevention 10.6.1.2335
McAfee® Endpoint Security Threat Prevention extension 10.6.1.1596
McAfee® Endpoint Security Firewall 10.6.1.1692
McAfee® Endpoint Security Firewall extension 10.6.1.1489
McAfee® Endpoint Security Web Control 10.6.1.1852
McAfee® Endpoint Security Web Control extension 10.6.1.1443
McAfee® Endpoint Security Adaptive Threat Protection (ATP) 10.6.1.1854
McAfee® Endpoint Security Adaptive Threat Protection (ATP) extension 10.6.1.1447
McAfee® Endpoint Security Migration extension 10.6.1.1089

For more details about the product versions listed in Control Panel, see KB92355.

For information regarding the latest Security Bulletin updates, see Product Security Bulletins.

What’s new in the 10.6.1 February 2021 Update release

This update includes fixes and resolutions for several issues, as well as cumulative fixes from the previous monthly updates.

Feature Enhancements

Cancel or Pause On-Demand Scan using McAfee® ePolicy Orchestrator® (McAfee® ePO™) Client Task

On-Demand Scan Cancel Client Task—Cancel the current running On-Demand Scan(s) on the selected endpoints. This will not impact scans scheduled to run in the future and will not modify task assignment. Any future instances of the scan task will start over as if the cancelled instance of the task had not started.

On-Demand Scan Pause Client Task—Pause the current running On-Demand Scan(s) on the selected endpoints. The scan (s) will remain paused until future instances of the same task are executed or if the endpoint is re-booted. Once either of these triggers are encountered, the scan will resume and will continue scanning from where it previously left off.

Hardware Support

Compatibility support for Intel® Control-flow Enforcement Technology (Intel® CET)

Intel® CET requires certain versions of Intel chipsets. For more information regarding Intel® CET, see https://newsroom.intel.com/editorials/intel-cet-answers-call-protect-common-malware-threats/

Known issues

For a list of current known issues, see Endpoint Security 10.x Known Issues (KB82450).

Resolved issues

This update resolves known issues.

Platform
Category Reference Resolution
Performance ENSW-104906 Resolves a BugCheck D5 caused by mfehidk.sys.
Interoperability ENSW-101349 Resolves an issue where migration fails in Hyper-V environment when McAfee® Endpoint Security Threat Prevention is enabled.
Installation ENSW-108178 Resolves an issue where Trend Micro Office Scan Agent 11 is not getting uninstalled during McAfee® Endpoint Security installation on 32-bit systems.

Installation

ENSW-107834

Resolves an issue where AMCore installer can be executed to uninstall AMCore from the system, this used to break Endpoint Security functionality in the system.

Feature Fix

ENSW-107701

Resolves an issue where the Signer data is not accepted as a valid distinguished name in McAfee® Endpoint Security Threat Prevention and McAfee® Endpoint Security Firewall policies when it contains a P.O. Box (Postal Office).

Performance

ENSW-107275

Resolves a 133 Bugcheck caused by mfeaack.sys driver.

Threat Prevention
Category Reference Resolution
Feature Fix ENSW-96273 Resolves an issue where Exploit Prevention gets disabled in the client even though it is enabled in policy.
Feature Fix ENSW-107320 Resolves an issue where Pause Scan and Cancel Scan buttons are enabled even when the User can pause and cancel scans option is not selected.
Feature Fix ENSW-108435 Resolves an issue where FRP encrypted files in a network share take longer time to open when OAS is enabled.
Adaptive Threat Protection
Category Reference Resolution
Feature Fix ENSW-106553 Resolves an issue where the Application Protection Rules exclusions are not honored after Exploit prevention content update is successful.
Firewall
Category Reference Resolution
Feature Fix ENSW-108044 Resolves an issue where CIDR notation for IPv6 addresses is not being accepted under Networks section while adding a Rule in McAfee® Endpoint Security Firewall extension.
Web Control
Category Reference Resolution
Feature Fix ENSW-108138 Resolves an issue where annotations for Yahoo searches are not being displayed in Firefox browser.
Feature Fix ENSW-107345 Resolves an issue where McAfee® Endpoint Security Web Control search annotations are not displayed in the search.
Feature Fix ENSW-106937 Resolves an issue where the license status for all the modules shows invalid when the username is a Double Byte character.