                  Release Notes for
        McAfee(R) Common Management Agent(TM)
                Version 3.5.0 Patch 3
           Copyright (C) 2005 McAfee, Inc.
                 All Rights Reserved


==========================================================

Patch Release:    2-25-2005

Patch Package:
3.5.0.456

This release was developed and tested with:

- McAfee VirusScan Enterprise 7.X
- McAfee VirusScan Enterprise 8.0i
- McAfee GroupShield Exchange 6.0 SP1

Make sure you have installed these versions before
using this release.

==========================================================


Thank you for using Common Management Agent(TM)
software. This file contains important information
regarding this release. We strongly recommend that
you read the entire document.

The attached files are provided as is, and with no
warranty either expressed or implied as to their
suitability for any particular use or purpose.
McAfee, Inc. assumes no liability for damages
incurred either directly or indirectly as a result
of the use of these files, including but not limited
to the loss or damage of data or systems, loss of
business or revenue, or incidental damages arising
from their use. Patch files should be applied only
on the advice of McAfee Technical Support, and only
when you are actually experiencing the issue being
addressed by the Patch. Patch files should not be
proactively applied in order to prevent potential
product issues. You are responsible for reading and
following all instructions for preparation,
configuration, and installation of Patch files.
Patch files are not a substitute or replacement for
product Service Packs which may be released by
McAfee, Inc. It is a violation of your software
license agreement to distribute or share these files
with any other person or entity without written
permission from McAfee, Inc. Further, posting of
McAfee Patch files to publicly available Internet
sites is prohibited. McAfee, Inc. reserves the right
to refuse distribution of Patch files to any company
or person guilty of unlawful distribution of McAfee
software products. Questions or issues with McAfee
Patch files should be directed to McAfee Technical
Support.


__________________________________________________________
WHAT'S IN THIS FILE

-   About This Release
   -   Purpose
   -   Resolved Issues
   -   Previously Resolved Issues
   -   Files Included with This Release
-   Installation
   -   Installation Requirements
   -   Installation Steps
-   Contact Information
-   Copyright & Trademark Attributions
-   License Information

__________________________________________________________
ABOUT THIS RELEASE


PURPOSE

This patch replaces the Common Management Agent
3.5.0 to resolve the issues listed below. This patch
is for stand alone installs of McAfee point
products. This patch is not for use in an ePolicy
Orchestrator or ProtectionPilot environment. The
Common Management Agent 3.5.0 is the upgrade path
for Common Management Agent 3.1.2. Common Management
Agent patches are cumulative for fixes. See
previously resolved issues for fixes in earlier
patch versions.

RESOLVED ISSUES

1.  ISSUE:
    The Framework service crashes when multiple
    simultaneous agent wakeup calls are received.

    RESOLUTION:
    The Framework service continues to run when
    multiple simultaneous wakeup calls are
    received.

2.  ISSUE:
    Changing the computer name causes properties to
    be added to the wrong node in the ePolicy
    Orchestrator properties database.

    RESOLUTION:
    The properties are now added to the correct node
    in the ePolicy Orchestrator database.

3.  ISSUE:
    UPDATERUI.EXE runs on each session of a Windows
    NT 4 terminal server.

    RESOLUTION:
    UPDATERUI.EXE now runs only on the local NT 4
    server. UPDATERUI.EXE no longer runs on terminal
    server client sessions. If Agent UI
    functionality is desired on Terminal Services
    clients, UPDATERUI.EXE can still be manually
    executed.


4.  ISSUE:
    If the proxy server name is configured in the
    format http://proxy.mcafee.com, updates fail
    with the error "Failed to connect to http at
    port 0."

    RESOLUTION:
    Proxy server configuration can now handle the
    format http://proxy.mcafee.com.

5.  ISSUE:
    VirusScan Enterprise 8.0i policy enforcement
    might fail with a -1400 error message.

    RESOLUTION:
    Policy enforcement for VirusScan Enterprise 8.0i
    is now successful.

6.  ISSUE:
    On some systems, the speed of the client CPU is
    not reported correctly.

    RESOLUTION:
    CPU speed of the client is now reported
    correctly.

7.  ISSUE:
    A subsystem of the Common Management Agent could
    fail during an update or deployment task. This
    failure causes the tasks to report as running,
    resulting in a continual reschedule of the
    subsequent update or deployment tasks.

    RESOLUTION:
    The Common Management Agent now detects the
    failure and restarts the subsystem.


8.  ISSUE:
    ePolicy Orchestrator 2.5.1 agents cannot be
    upgraded to Common Management Agent 3.5 on
    Windows 95 and Windows 98 clients.

    RESOLUTION:
    Upgrades from ePolicy Orchestrator 2.5.1 to
    Common Management Agent 3.5 on Windows 95 and
    Windows 98 clients now succeed.

9.  ISSUE:
    When the Common Management Agent receives an
    http redirection from what it believed to be the
    ePolicy Orchestrator server, the agent log
    records a stack error.

    RESOLUTION:
    Stack errors are no longer generated under these
    conditions.

10. ISSUE:
    Under certain circumstances, the Common
    Management Agent fails to run a task and reports
    a -1203 error.

    RESOLUTION:
    Tasks no longer report a -1203 error in that
    situation.

11. ISSUE:
    The Common Management Agent might remove the
    registry plug-in information for VirusScan
    Enterprise.

    RESOLUTION:
    The Common Management Agent is now more robust
    in determining whether the product registry
    plug-in key should be deleted.

12. ISSUE:
    When not connected to the network, the Common
    Management Agent might consume all of the
    available cached credentials when it attempts to
    connect to the UNC repositories. This causes a
    user to get locked out of the machine.


    RESOLUTION:
    The Common Management Agent no longer uses all
    of the cache credentials when it tries to
    connect to the UNC repositories.

13. ISSUE:
    System Compliance Profiler fails to upgrade when
    the template version is greater than 127.

    RESOLUTION:
    McScript.exe now handles the template version
    properly and System Compliance Profiler can be
    upgraded even if the template version is greater
    than
    127.

14. ISSUE:
    The Common Management Agent log does not contain
    the ePolicy Orchestrator server name. Common
    Management Agent version 3.1.2 and earlier
    contain the ePolicy Orchestrator server name.

    RESOLUTION:
    The Common Management Agent log now contains the
    ePolicy Orchestrator server name.

15. ISSUE:
    Checkpoint software fails if the format of the
    date in the VirusScan engine plug-in key was not
    as expected. This was incorrectly reported as
    fixed in CMA 3.5 patch 2.

    RESOLUTION:
    The date format has been modified to work with
    Checkpoint software. The change occurs after the
    next successful DAT update.

16. ISSUE:
    When the Entercept server is installed on a
    system with VirusScan Enterprise 8.0i, the
    Entercept Notification Manager generates ePolicy
    Orchestrator events, even in an unmanaged
    environment.

    RESOLUTION:
    The Common Management Agent has been changed so
    that the Entercept Notification Manager does not
    create events unless the Common Management Agent
    is running in managed mode.


PREVIOUSLY RESOLVED ISSUES (CMA 3.5.0.446 patch 2)

1.  ISSUE:
    Remote System Sensor product version did not
    display properly.

    RESOLUTION:
    Remote System Sensor product version now
    displays correctly.

2.  ISSUE:
    The date format in the engine plug-in key caused
    Checkpoint software to fail.

    RESOLUTION:
    The date format has been modified to work with
    Checkpoint software.

3.  ISSUE:
    A user-defined sitelist.xml containing a large
    number of disabled repositories before an
    enabled repository could result in an update
    from a disabled repository.

    RESOLUTION:
    The framework service now dynamically generates
    the buffer size needed to hold the entire
    sitelist.xml. The framework service will not try
    to update from a disabled repository.

4.  ISSUE:
    RSSENSOR.EXE crashes

    RESOLUTION:
    A timing issue in the framework service has been
    corrected that was causing the crash in
    RSSENSOR.EXE.

5.  ISSUE:
    UPDATERUI.EXE could run multiple times on a
    terminal server.

    RESOLUTION:
    UPDATERUI.EXE now runs only on the local server.
    UPDATERUI.EXE does not run on terminal server
    clients.


PREVIOUSLY RESOLVED ISSUES (CMA 3.5.0.435 patch 1)

1.  ISSUE:
    The Framework service fails to start if the
    sitelist.xml file does not contain an FTP or an
    HTTP repository.

    RESOLUTION:
    The Framework service now starts, even if the
    sitelist.xml file does not contain an FTP or an
    HTTP repository.

2.  ISSUE:
    The Common Management Agent is not added to the
    Microsoft Windows Firewall whitelist on
    installation.

    RESOLUTION:
    The Common Management Agent is now added to the
    firewall whitelist on installation.

3.  ISSUE:
    The Framework service fails to start if the
    sitelist.xml file includes a large number of
    repositories.

    RESOLUTION:
    This problem was caused when the Framework
    service would ping the repositories on service
    startup. The Windows Service Control Manager
    would time out before all the repositories could
    be contacted. Now the Framework service does not
    ping all of the repositories in the sitelist.xml
    file prior to startup.

4.  ISSUE:
    The Framework service fails to start and
    generates a 1920 error in some environments.

    RESOLUTION:
    The Framework service "image path" now contains
    quote marks. This allows the Framework service
    to start without error.

5.  ISSUE:
    The Common Management Agent did not support a
    503 (server busy) response code. This event type
    was added with McAfee ePolicy Orchestrator 3.0.2
    patch 8 and later.

    RESOLUTION:
    The Common Management Agent now supports this
    response code and retries at a later date if it
    receives this return when contacting the
    server.

6.  ISSUE:
    McAfee GroupShield Exchange 6.0 could lock files
    in use by the Common Management Agent, causing
    the Common Management Agent to fail to upgrade.

    RESOLUTION:
    The Common Management Agent now successfully
    upgrades even if the files are locked by McAfee
    GroupShield Exchange 6.0.

7.  ISSUE:
    Slow logon or logoff occurred, due to roaming
    profiles and the Common Management Agents use
    of Microsofts WININET.DLL.

    RESOLUTION:
    The Common Management Agent now releases
    WININET.DLL after each use. This allows faster
    logon and logoff for users with roaming
    profiles.

8.  ISSUE:
    Agent-to-server communication fails.

    RESOLUTION:
    Improvements have been made to the
    agent-to-server communication in the Common
    Management Agent.

9.  ISSUE:
    Microsoft Windows 95 and Windows 98 clients are
    locked out of the domain when the Common
    Management Agent is trying to update on certain
    domain environments.

    RESOLUTION:
    The Common Management Agent now does not cause
    lock out for Windows 95, Windows 98, or Windows
    ME clients from the domain.

10. ISSUE:
    User names that included characters under 032
    ASCII would cause the event files from the
    Common Management Agent to be discarded.

    RESOLUTION:
    User names that include a character under 032
    ASCII now are displayed as "N/A".

11. ISSUE:
    The Common Management Agent did not respond to
    an HTTP error code 416 correctly, which would
    lead to an error downloading the System
    Compliance Profiler installer.

    RESOLUTION:
    The Common Management Agent now handles an HTTP
    416 error code correctly.

12. ISSUE:
    Randomized scheduled tasks start at the same
    time for multiple clients.

    RESOLUTION:
    The Common Management Agent randomization has
    been improved so that tasks now run at different
    times on different clients.



FILES INCLUDED WITH THIS RELEASE
This release consists of a package called
CMA3503SA.ZIP, which contains the following files:

       Readme-stand-alone_final.txt
       Framepkg_upd.exe



__________________________________________________________
INSTALLATION


INSTALLATION REQUIREMENTS

To use this release, you must not be managing the
McAfee point product with ePolicy Orchestrator 3.0
Service Pack 2, ProtectionPilot 1.0 Service Pack 1,
or ePolicy Orchestrator 3.5. This patch is only for
stand alone McAfee users.


INSTALLATION STEPS

To install, double click on the file
framepkg_upd.exe.

__________________________________________________________
PARTICIPATING IN THE MCAFEE BETA PROGRAM

To download new beta software or to read about the
latest beta information, visit the McAfee beta web
site located at:
       http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

To submit beta feedback on any McAfee product, send
e-mail to:
       mcafee_beta@mcafee.com

McAfee is devoted to providing solutions based on
your input.


__________________________________________________________
CONTACT INFORMATION

Technical Support
    Home Page
       http://www.mcafeesecurity.com/us/support/technical_support

    KnowledgeBase Search
       https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx

    PrimeSupport Service Portal (Logon credentials
    required)
       https://mysupport.mcafeesecurity.com

    PSVANS  PrimeSupport Vulnerability Alert
    Notification Service
       http://www.mcafeesecurity.com/us/support/primesupport/


Customer Service
    US, Canada, and Latin America toll-free:
   Phone:     +1-888-VIRUS NO or +1-888-847-8766
              Monday-Friday, 8am-8pm, Central Time

   E-mail:    https://secure.nai.com/us/forms/support/request_form.asp

   Web:       http://www.mcafeesecurity.com/us/support/default.asp

Security Headquarters:  AVERT
(Anti-Virus & Vulnerability Emergency Response
Team)
    Home Page
       http://www.mcafeesecurity.com/us/security/home.asp

    Virus Information Library
       http://vil.mcafeesecurity.com/

    AVERT WebImmune & Submit a Virus Sample
       https://www.webimmune.net/default.asp

    AVERT DAT Notification Service
       http://vil.mcafeesecurity.com/vil/join-DAT-list.asp


Download Site
    Home Page
       http://www.mcafeesecurity.com/us/downloads/

    Anti-Virus DAT File and Engine Updates
       http://www.mcafeesecurity.com/us/downloads/updates/

       ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x

    Anti-Spam Rules File and Engine Updates
       ftp://ftp.nai.com/spamdefs/1.x/

    Product Upgrades
       https://secure.nai.com/us/forms/downloads/upgrades/login.asp

    Valid grant number required (contact Customer
    Service)


Training: McAfee University
       http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm


Worldwide Offices
    For addresses and phone numbers of worldwide
    offices:

       http://www.mcafeesecurity.com/us/contact/home.htm


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (C) 2005 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced,
transmitted, transcribed, stored in a retrieval
system, or translated into any language in any form
orbyany means without the written permission of
McAfee, Inc., or its suppliers or affiliate
companies.


TRADEMARKS

ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY
(AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN
(STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT,
EPOLICY ORCHESTRATOR,  FIRST AID, GROUPSHIELD,
GROUPSHIELD (AND IN KATAKANA),  INTRUSHIELD,
INTRUSION PREVENTION THROUGH INNOVATION,  MCAFEE,
MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN,
MCAFEE.COM, MCAFEE VIRUSSCAN, NA NETWORK ASSOCIATES,
NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN,
NETSHIELD, NETWORK ASSOCIATES, NUTS & BOLTS, OIL
CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL
VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN,
VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN,
WEBSHIELD, WEBSHIELD (AND IN KATAKANA), YOUR
NETWORK. OUR BUSINESS.  are registered trademarks or
trademarks of McAfee, Inc. and/or its affiliates in
the US and/or other countries.  The color red in
connection with security is distinctive of McAfee
brand products.  All other registered and
unregistered trademarks herein are the sole property
of their respective owners.



_____________________________________________________
LICENSE & PATENT INFORMATION

LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE
LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND
CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF
YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED
LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A
BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED
THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF
THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL
THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A
FULL REFUND.


LICENSE ATTRIBUTIONS

This product includes or may include:
*Software developed by the OpenSSL Project for use
in the OpenSSL Toolkit (http://www.openssl.org/).
*Cryptographic software written by Eric A. Young
and software written by Tim J. Hudson. *Some
software programs that are licensed (or sublicensed)
to the user under the GNU General Public License
(GPL) or other similar Free Software licenses which,
among other rights, permit the user to copy, modify
and redistribute certain programs, or portions
thereof, and have access to the source code. The GPL
requires that for any software covered under the GPL
which is distributed to someone in an executable
binary format, that the source code also be made
available to those users. For any such software
covered under the GPL, the source code is made
available on this CD. If any Free Software licenses
require that McAfee provide rights to use, copy or
modify a software program that are broader than the
rights granted in this agreement, then such rights
shall take precedence over the rights and
restrictions herein.  *Software originally written
by Henry Spencer, Copyright 1992, 1993, 1994, 1997
Henry Spencer.  *Software originally written by
Robert Nordier, Copyright (C)1996-7 Robert Nordier.
*Software written by Douglas W. Sauder.  *Software
developed by the Apache Software Foundation
(http://www.apache.org/). A copy of the license
agreement for this software can be found at
www.apache.org/licenses/LICENSE-2.0.txt.
*International Components for Unicode ("ICU")
Copyright (C)1995-2002 International Business
Machines Corporation and others.  *Software
developed by CrystalClear Software, Inc., Copyright
(C)2000 CrystalClear Software, Inc. *FEAD(R)
Optimizer(R) technology, Copyright Netopsystems AG,
Berlin, Germany. *Outside In(R) Viewer Technology
(C)1992-2001 Stellent Chicago, Inc. and/or Outside
In(R) HTML Export, (C)2001 Stellent Chicago, Inc.
*Software copyrighted by Thai Open Source Software
Center Ltd. and Clark Cooper, (C)1998, 1999, 2000.
*Software copyrighted by Expat maintainers.
*Software copyrighted by The Regents of the
University of California, (C)1989.  *Software
copyrighted by Gunnar Ritter.  *Software
copyrighted by Sun Microsystems(R), Inc. (C)2003.
*Software copyrighted by Gisle Aas. (C)1995-2003.
*Software copyrighted by Michael A. Chase,
(C)1999-2000.  *Software copyrighted by Neil
Winton, (C)1995-1996.  *Software copyrighted by
RSA Data Security, Inc., (C)1990-1992.  *Software
copyrighted by Sean M. Burke, (C)1999, 2000.
*Software copyrighted by Martijn Koster, (C)1995.
*Software copyrighted by Brad Appleton,
(C)1996-1999.  *Software copyrighted by Michael G.
Schwern, (C)2001.  *Software copyrighted by Graham
Barr, (C)1998.  *Software copyrighted by Larry
Wall and Clark Cooper, (C)1998-2000.  *Software
copyrighted by Frodo Looijaard, (C)1997.
*Software copyrighted by the Python Software
Foundation, Copyright (C)2001, 2002, 2003. A copy
of the license agreement for this software can be
found at www.python.org.  *Software copyrighted by
Beman Dawes, (C)1994-1999, 2002.  *Software
written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G.
Siek (C)1997-2000 University of Notre Dame.
*Software copyrighted by Simone Bordet & Marco
Cravero, (C)2002.  *Software copyrighted by
Stephen Purcell, (C)2001.  *Software developed by
the Indiana University Extreme! Lab
http://www.extreme.indiana.edu/).  *Software
copyrighted by International Business Machines
Corporation and others, (C)1995-2003.  *Software
developed by the University of California, Berkeley
and its contributors.  *Software developed by Ralf
S. Engelschall <rse@engelschall.com> for use in the
mod_ssl project (http://www.modssl.org/).
*Software copyrighted by Kevlin Henney,
(C)2000-2002.  *Software copyrighted by Peter
Dimov and Multi Media Ltd. (C)2001, 2002.
*Software copyrighted by David Abrahams, (C)2001,
2002. See http://www.boost.org/libs/bind/ bind.html
for documentation.  *Software copyrighted by Steve
Cleary, Beman Dawes, Howard Hinnant & John Maddock,
(C)2000.  *Software copyrighted by Boost.org,
(C)1999-2002.  *Software copyrighted by Nicolai M.
Josuttis, (C)1999.  *Software copyrighted by
Jeremy Siek, (C)1999-2001.  *Software copyrighted
by Daryle Walker, (C)2001.  *Software copyrighted
by Chuck Allison and Jeremy Siek, (C)2001, 2002.
*Software copyrighted by Samuel Krempp, (C)2001.
See http://www.boost.org for updates, documentation,
and revision history.  *Software copyrighted by
Doug Gregor (gregod@cs.rpi.edu), (C)2001, 2002.
*Software copyrighted by Cadenza New Zealand Ltd.,
(C)2000.  *Software copyrighted by Jens Maurer,
(C)2000, 2001.  *Software copyrighted by Jaakko
Jrvi (jaakko.jarvi@cs.utu.fi), (C)1999, 2000.
*Software copyrighted by Ronald Garcia, (C)2002.
*Software copyrighted by David Abrahams, Jeremy
Siek, and Daryle Walker, (C)1999-2001.  *Software
copyrighted by Stephen Cleary (shammah@voyager.net),
(C)2000.  *Software copyrighted by Housemarque Oy
<http:// www.housemarque.com>,(C)2001.  *Software
copyrighted by Paul Moore, (C)1999.  *Software
copyrighted by Dr. John Maddock, (C)1998-2002.
*Software copyrighted by Greg Colvin and Beman
Dawes, (C)1998, 1999.  *Software copyrighted by
Peter Dimov, (C)2001, 2002.  *Software copyrighted
by Jeremy Siek and John R. Bandela, (C)2001.
*Software copyrighted by Joerg Walter and Mathias
Koch, (C)2000-2002.


V3.1.2


