SEC-34850
|
Trace Scanner still running even after disabling the plug-in.
|
SEC-34739
|
Ignore Application Paths from Quarantine for Windows (and macOS) policy changes are not saved in the Client extension on MVISION ePO.
|
SEC-34237
|
Action Chrono worker thread doesn't detect exceptions in actions. This causes the
mfemvedr.exe process to crash.
|
SEC-34129
|
TDM Rule 107 is not working for some binaries.
|
SEC-33847
|
MVISION EDR crash:
APPLICATION_FAULT_NULL_CLASS .
|
SEC-33846
|
System Info plug-in crash.
|
SEC-33774
|
MVISION EDR doesn't inject processes with Cairo and HC DLLs.
|
SEC-33757
|
Process Exclusion on Trace is not applying.
|
SEC-33163
|
Samples are not stopped and removed manually.
|
SEC-33103
|
Update File Hashing Exclusions.
|
SEC-32957
|
Folder
C:\Program Files\McAfee\MAR\tools\phoenix\temp consumes more than 30 GB of hard drive space.
|
SEC-32792
|
MVISION EDR client crashes continuously and trace communication stops.
|
SEC-32786
|
MVISION EDR memory leak continues even when the parent process has already stopped.
|
SEC-32458
|
Content update is shown as successful in UI when it fails to update.
|
SEC-32088
|
MVISION EDR causes high CPU usage.
|
SEC-31956
|
Windows Performance Analyzer crashes when opening WPA event trace log (ETL) files.
|
SEC-31720
|
MVISION EDR upgrade doesn't always remove old data and it doesn't update registry key related to Content data.
|
SEC-31663
|
MVISION EDR Client fails to add traces to database.
|
SEC-30793
|
Registry key
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mfemvedr.exe is not protected.
|
SEC-30288
|
When a fake process instance that creates three children processes is started and then it tries to kill the process tree, there are more than four processes killed.
|
SEC-29955
|
Enable triggers checkbox should not be visible in
McAfee ePO policy. We don't have triggers in
MVISION EDR.
|
SEC-29762
|
In cases of
Full shutdown and Resume from standby, there is a considerable performance impact with
MVISION EDR and
McAfee Endpoint Security.
|
SEC-29728
|
In Real-time Search,
DNSCache collector returns no results when
nslookup command fails on Linux.
|
SEC-29401
|
Binaries for
MVISION EDR client have outdated copyright strings.
|
SEC-29383
|
Process Injection detection is not triggered using MSF Mimikatz extension.
|
SEC-29382
|
Lack of API hooking visibility with
rundll32 .
|
SEC-29374
|
Trace enabled prevents download of VMware workstation file from software center.
|
SEC-28943
|
Fix Coverity Findings.
|
SEC-28437
|
MVISION EDR Rules are automatically deployed when
Unattended Content Updates is disabled.
|
SEC-28418
|
WinRegistry queries fail to execute.
|
SEC-27489
|
VM Map tool reports two Write/Read/Execute pages.
|
SEC-26852
|
AAC errors are reported continuously on macOS machines with MVEDR installed.
|
SEC-25872
|
Files collector fields related to creation, change, and deletion of files are empty for Linux.
|
SEC-25652
|
When user edits an
MVISION EDR policy, the product name in policy edit page should be
MVISION EDR and not MVISION EDR:MVEDR__META.
|
SEC-25550
|
Quarantine action doesn't get applied to an offline machine after it comes back online.
|
SEC-25444
|
MVISION EDR policy shows blank page when adding custom quarantine message containing double quotes.
|
SEC-24976
|
Performance issue related to WMI when using
MVISION EDR.
|
SEC-19181
|
HostInfo collector not returning macOS endpoint status as Quarantined.
|
SEC-17877
|
VNC connection is not working after End Quarantine reaction in macOS Mojave.
|
SEC-36169
|
Duplicate core object error prevents phoenix tool from taking a snapshot.
|