McAfee MVISION EDR 3.2.0 Release Notes (On-premises)

This McAfee® MVISION Endpoint Detection and Response 3.2.0 (On-premises) release includes new features and enhancements.

Every update release is cumulative and includes all features and fixes from the previous release.

Release details

Component Version
mvedr client
mvedr client extension
mvedr extension

Updated platform, environment, or operating system support

MVISION EDR Client is now compatible with CentOS 7.x (64 bits), Oracle Linux Server 7.7 (64 bits), and RHEL 7.6, 7.7, and 7.8.

New or changed

Visibility and detection improvements — This release extends endpoint protection capabilities and expands visibility with these improvements and features:

  • SysInfo event generation after installation and after configuration changes in the system.
  • Installation, performance, and logging activity improvements.

Resolved issues

This release resolves known issues.

Reference Resolution
SEC-23816 Issue with Process Reputation Change event is now fixed.
SEC-25523 Issue with EDR Processes collector is now fixed.
SEC-23470 EDR memory use improvements.
SEC-25025 Protection against arbitrary file deletion is added for Linux operating system.
SEC-25416 Warning and error messages no longer appear when EDR is installed on macOS devices.
SEC-27022 EDR client on Linux systems no longer uses /tmp folder in the installation process.
SEC-23094 Performance is improved when Outlook starts and the trace feature is enabled.
SEC-18678 Issue with Software collector is now fixed.
SEC-25017 Issue with WinRegistry collector on Windows 7 is now fixed.
SEC-20298 During EDR installation on macOS, the Read Me section now shows the correct supported versions.
SEC-25447 EDR now checks minimum supported macOS versions before installation.
SEC-22904 In the Threat Event Log page, EDR now shows the correct Event Category for Update successful events.
SEC-20297 macOS installer UI is now updated to improve readability with dark mode.
SEC-24321 In Real-time Search dashboard, EnvironmentVariables collector now displays two columns for name and value fields.
SEC-27306 Issue with BrowserHistory collector is now fixed.
SEC-28224 EDR Client now properly consumes trace content on Microsoft Windows 32-bit.
SEC-28325 End Quarantine action can now be executed on on-premises quarantined devices connected to VPN.
SEC-27620 Issue with VTP service is now fixed.

Installation information

The MVISION Endpoint Detection and Response Installation Guide has all the information you need to install the product for the first time and to migrate from McAfee® Active Response.

Important: New customers willing to use one click experience need to install MVEDR extension and manually update 3.2 EDR client extensions.

Known issues

For a list of known issues in this product release, see KB91275.