                  Release Notes for
          McAfee(R) ePolicy Orchestrator(R)
                 Version 3.5 Patch 3
           Copyright (C) 2005 McAfee, Inc.
                 All Rights Reserved


==========================================================

This Patch is build number:
3.5.0.635.

This release was developed and tested with:

- ePolicy Orchestrator: 3.5

Make sure you have installed this version before
using this release.

    IMPORTANT:
    IN ADDITION TO APPLYING THIS PATCH TO THE
    ePOLICY ORCHESTRATOR SERVER, BE SURE TO APPLY
    THIS PATCH TO ALL REMOTE CONSOLE SYSTEMS AS
    WELL. USING A REMOTE CONSOLE WITH A VERSION THAT
    IS DIFFERENT FROM THE ePOLICY ORCHESTRATOR
    SERVER WILL HAVE UNKNOWN RESULTS.

==========================================================


Thank you for using ePolicy Orchestrator(R)
software. This file contains important information
regarding this release. We strongly recommend that
you read the entire document.


The attached files are provided as is, and with no
warranty either expressed or implied as to their
suitability for any particular use or purpose.
McAfee, Inc. assumes no liability for damages
incurred either directly or indirectly as a result
of the use of these files, including but not limited
to the loss or damage of data or systems, loss of
business or revenue, or incidental damages arising
from their use. Patch files should be applied only
on the advice of McAfee Technical Support, and only
when you are actually experiencing the issue being
addressed by the Patch. Patch files should not be
proactively applied in order to prevent potential
product issues. You are responsible for reading and
following all instructions for preparation,
configuration, and installation of Patch files.
Patch files are not a substitute or replacement for
product Service Packs which may be released by
McAfee, Inc. It is a violation of your software
license agreement to distribute or share these files
with any other person or entity without written
permission from McAfee, Inc. Further, posting of
McAfee Patch files to publicly available Internet
sites is prohibited. McAfee, Inc. reserves the right
to refuse distribution of Patch files to any company
or person guilty of unlawful distribution of McAfee
software products. Questions or issues with McAfee
Patch files should be directed to McAfee Technical
Support.



__________________________________________________________
WHAT'S IN THIS FILE

-   About This Release
    -  Purpose
    -  Resolved Issues
    -  Previously Resolved Issues
-   Installation
    -  Installation Requirements
    -  Installation Steps
    -  Removing This Release
-   Participating in the McAfee Beta Program
-   Contact Information
-   Copyright & Trademark Attributions
-   License & Patent Information


__________________________________________________________
ABOUT THIS RELEASE

*************************
* IMPORTANT INFORMATION *
*************************

Installing this Patch is required on both ePolicy
Orchestrator servers and all ePolicy Orchestrator
remote consoles to maintain full functionality. Be
sure to patch both server and console systems with
this release.

Applying this Patch does not automatically update
existing Rogue System Sensors. To update deployed
sensors, you must uninstall all sensors from target
systems and redeploy them. For details on
uninstalling and redeploying Rogue System Sensors,
refer to your product documentation.


PURPOSE

This Patch replaces server files in ePolicy
Orchestrator to resolve the issues listed below.

ePolicy Orchestrator Patch releases are cumulative
for fixes. See "Previously Resolved Issues" for
fixes in earlier Patch versions.


RESOLVED ISSUES

1.  ISSUE:
    Spyware infections that are cleaned show as
    "Unresolved Infections" in the "Compliance
    Issues" report.

    RESOLUTION:
    Spyware infections that are cleaned no longer
    appear as "Unresolved Infections" in the
    "Compliance Issues" report.

2.  ISSUE:
    Incomplete compiled.xml causes policy
    enforcement issues.

    RESOLUTION:
    When a managed product is removed from ePolicy
    Orchestrator, tasks and policies associated with
    that product are cleanly removed to prevent
    policy compilation problems.

3.  ISSUE:
    Notifications is unable to parse XML event files
    that contain non-US characters, such as ,
    causing errors such as
    "java.io.UTFDataFormatException: Invalid byte 2
    of 3-byte UTF-8 sequence" to appear in the
    notifications.log file.

    RESOLUTION:
    Notifications can now handle XML event files
    containing non-US characters.

4.  ISSUE:
    Error 7031 appears in the System Event log
    during scheduled replications: "The McAfee
    ePolicy Orchestrator Server service terminated
    unexpectedly."

    RESOLUTION:
    SrvEventInf.dll was revised to allow concurrent
    access from multiple threads simultaneously so
    that this error no longer occurs.

5.  ISSUE:
    The ePO Audit Processing SQL job runs with
    errors and no audit log is generated.

    RESOLUTION:
    The ePO Audit Processing SQL job now runs
    without errors.

6.  ISSUE:
    Computers with identical MAC addresses overwrite
    each other in the ePolicy Orchestrator database.
    This can occur if the systems are connecting to
    the ePolicy Orchestrator server using network
    load balancing or through a virtual private
    network.

    RESOLUTION:
    MAC address included in the search algorithm for
    finding a match in the ePolicy Orchestrator
    Directory can now be disabled by a registry
    setting.

    Registry key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Network
    Associates\ePolicy Orchestrator\Options

    String Value:
    DisableMACSearch

    Set "DisableMACSearch" to "1" to disable the MAC
    search.

    The following services must be restarted in
    order to begin using the new value set by this
    registry key:

    -  McAfee ePolicy Orchestrator 3.5.0 Event
        Parser
    -  McAfee ePolicy Orchestrator 3.5.0 Server

    If this "DisableMACSearch" setting is not
    present, the default value is "0" which means
    that the MAC search will be activated.

7.  ISSUE:
    When trying to send the ePolicy Orchestrator
    agent to a rogue system, the following error is
    displayed: "java.io.IOException: Failed to
    authenticate with ePO server!"

    RESOLUTION:
    A change was made so that the agent push is no
    longer looking for a hard-coded user name that
    might not exist, therefore allowing the push to
    occur successfully.

8.  ISSUE:
    Older versions of ePolicy Orchestrator did not
    uniformly set stored procedure permissions.

    RESOLUTION:
    The permissions of the stored procedures have
    been reset to match those of a fresh
    installation of the current version of ePolicy
    Orchestrator.

9.  ISSUE:
    The report "Content Filter Report by Rule" shows
    the count for a content filter as ##### because
    the number of events is greater than 99999.

    RESOLUTION:
    The display field within the WebShield RPT files
    is now large enough to display a number that is
    larger than five digits.

10. ISSUE:
    Policies are not compiled properly if a site or
    group named "Directory" exists in the ePolicy
    Orchestrator Directory.

    RESOLUTION:
    Policies are compiled successfully even when a
    site or group within the ePolicy Orchestrator
    Directory is named "Directory."

11. ISSUE:
    Notifications including any substitution
    variable that contains special characters, such
    as $, ., {, }, [, ], ^, \ are not sent.

    RESOLUTION:
    Notifications are now sent properly when the
    event includes a special character.

12. ISSUE:
    Login to reporting on a remote console fails
    when the ePolicy Orchestrator database is
    configured to use NT authentication with a user
    who does not have administrator rights on the
    remote console system.

    RESOLUTION:
    Impersonation issue is resolved so that the
    database user is not used for all remote console
    operations, but just for database access, and
    login is now successful.

13. ISSUE:
    When making changes to an ePolicy Orchestrator
    Directory containing over 1000 groups, response
    is slow.

    RESOLUTION:
    The speed of adding and deleting sites or groups
    in a Directory that contains more than 1000
    groups has been significantly increased.


14. ISSUE:
    The ePolicy Orchestrator console closes
    unexpectedly when trying to check in an
    extra.dat file that contains a very large number
    of virus definitions.

    RESOLUTION:
    Extra.dat files containing a large number of
    virus definitions can now be checked in
    successfully.

15. ISSUE:
    Notifications are not sent if XML events contain
    any white space or trailing null characters at
    the end of the file, resulting in the error:
    "JDOMParseException: Content is not allowed in
    trailing section."

    RESOLUTION:
    Notifications are sent properly even if XML
    events contain white space or trailing null
    characters at the end of the file.

16. ISSUE:
    Under certain circumstances, Rogue System
    Detection appears to stop working because the
    mail client was blocking due to waiting for a
    response from the mail server.  Restarting the
    McAfee ePolicy Orchestrator 3.5.0 Discovery &
    Notification services temporarily resolves the
    issue.

    RESOLUTION:
    A socket timeout was added to the mail client so
    that the blocked state is avoided.

17. ISSUE:
    When GroupShield Exchange sends an event where
    the action was "Allow Through," ePolicy
    Orchestrator reports the action as "Cleaned."

    RESOLUTION:
    The events reported by GroupShield Exchange
    should now display the action as "Warning"
    instead of "Cleaned" when the action was "Allow
    Through."

18. ISSUE:
    When running the "DAT/Definition Deployment
    Summary" report, there might be a delay before
    the "Current Protection Standards" dialog box is
    displayed.

    RESOLUTION:
    Changes were made to the stored procedure used
    by the DAT/Definition Deployment Summary report
    that dramatically improves the performance of
    this report.

19. ISSUE:
    A debug log statement indicating the number of
    computers found in an Active Directory Import
    was malformed, causing an exception error when
    the log level is set to 8.

    RESOLUTION:
    The debug log statement has been fixed, so the
    number of computers found in an Active Directory
    Import now appears in the log when the log level
    is set to 8.

20. ISSUE:
    When the "DAT/Definition Deployment Summary" or
    "DAT Engine Coverage" reports are run, the
    "Current Protection Standards" dialog box
    displays no DAT or engine information.

    RESOLUTION:
    The "Current Protection Standards" dialog box
    displays the appropriate DAT and engine
    information.

21. ISSUE:
    When running the "Action Summary" report, event
    IDs such as 1036 and 1037, appear as the
    "Action."

    RESOLUTION:
    The appropriate action name appears in place of
    the event IDs when the "Action Summary" report
    is run.


PREVIOUSLY RESOLVED ISSUES (ePO 3.5 PATCH 2)

1.  ISSUE:
    Replication tasks fail intermittently, often
    hanging or ending with an exception error such
    as the following: "Stack Exception c0000005
    address 77f5d61b."

    RESOLUTION:
    The code involved in replication now has
    improved error handling.

2.  ISSUE:
    The following error appears in the Application
    Event Log: "Event ID 1004- faulting application
    NaRepl32.Exe, version 1.5.0.467, faulting module
    ntdll.dll, version 5.2.3790.0, fault address
    0x0001d61b."

    RESOLUTION:
    Several changes were made to the code involved
    in replication.  This error no longer appears in
    the Application Event Log.

3.  ISSUE:
    In rare circumstances, a -1207 error is
    displayed in the agent log when enforcing
    policies.  This error is due to an incomplete
    removal of the product .NAP file.

    RESOLUTION:
    A software table insert trigger removes any
    ghost product entries when a new product .NAP
    file is installed.

4.  ISSUE:
    When Regional settings are set to French
    (Canada), the text in several reports does not
    display correctly.

    RESOLUTION:
    Reports now display properly when Regional
    settings are set to any sublanguage, including
    French (Canada).

5.  ISSUE:
    Certain events are not processed if the default
    language of the account used to access SQL is
    not English; the date/time format causes a
    conversion error.  The following error appears
    in the eventparser.log: "Error converting data
    type varchar to datetime."

    RESOLUTION:
    Using an international date/time format allows
    the events to be processed without error.

6.  ISSUE:
    When performing a directory search for inactive
    agents, four-digit numbers are returned as the
    location.

    RESOLUTION:
    Directory search queries now look up the
    location information directly from a table,
    instead of calling a separate stored procedure
    for each computer.  This is much faster and
    avoids the contention problems that caused the
    numbers to appear.

7.  ISSUE:
    The VirusScan 8.0i Top 10 Access Protection
    Report does not allow you to select the Rule
    Name when choosing the option to set a data
    filter.

    RESOLUTION:
    The Access Protection Report now allows the Rule
    Name filter to be selected.

8.  ISSUE:
    Exporting to certain report formats does not
    export all data from subreports.

    RESOLUTION:
    All data from subreports are now exported
    properly.

9.  ISSUE:
    The Event Parser log shows repeated error codes,
    for example: "AlertER - Failed to read the log
    level information from the registry."

    RESOLUTION:
    These messages provide information about the
    startup configuration and are not actual errors.
    The wording has been changed to more appropriate
    messages.

10. ISSUE:
    Default "Virus detected and not removed"
    notification contains incorrect value for
    "Actual Threat or Rule names" when triggered by
    an on-demand scan.

    RESOLUTION:
    The event that triggers this notification has
    been reclassified so that the appropriate
    information is sent.

11. ISSUE:
    When you run the ePolicy Orchestrator remote
    console and you are logged in as a
    non-administrative user on a Terminal Server,
    the console stops responding after 15 minutes of
    inactivity.

    RESOLUTION:
    Site Manager no longer requires the logged-on
    user to have local administrator rights;
    therefore, the restriction of access is not
    enforced and the timeout is avoided.

12. ISSUE:
    Message: "Failed to get MAC address from SPIPE
    package" appears in the server.log.

    RESOLUTION:
    This message is only an informational message
    and not an actual error.  The wording of the
    message is now changed to "Optional MAC address
    not found in SPIPE" to clarify that this is not
    an error when it does occur.

13. ISSUE:
    High CPU utilization by NAIMSERV.EXE ended in
    crashes due to a malfunction in the task-policy
    caching mechanism that caused multiple threads
    to continually refresh the cache.

    RESOLUTION:
    The code involved in the caching of tasks has
    been changed so that NAIMSERV.EXE does not
    crash.

14. ISSUE:
    Only one PDA device is allowed to exist in the
    ePolicy Orchestrator Directory tree.

    RESOLUTION:
    Multiple PDA devices are now allowed to exist in
    the Directory.

15. ISSUE:
    After performing a database merge using
    AVIDB_MERGE_TOOL.EXE, the Action Summary Report
    shows incorrect data because unicode sql script
    files are not loading properly; this is due to
    invalid characters that are read into the
    buffer.

    RESOLUTION:
    The invalid characters are now removed, allowing
    the unicode script files to load properly.

16. ISSUE:
    A machine name in a double-byte language, such
    as Japanese, does not display properly in Rogue
    System Detection.

    RESOLUTION:
    Most systems with double-byte characters in the
    machine name now display correctly in Rogue
    System Detection.

17. ISSUE:
    The Rogue System Sensor Deployment Task allows
    you to select both "Force install" and "Force
    uninstall" at the same time.

    RESOLUTION:
    The checkboxes for these options now behave like
    radio buttons; only one option can be selected
    at any one time.

18. ISSUE:
    Rogue System Detection allows a machine that is
    already managed to be re-added to the ePolicy
    Orchestrator Directory, causing the following
    error message:
    "manualactionbean_missing_selection_add_to_epo."

    RESOLUTION:
    The option to add a machine that is already
    managed is no longer available in Rogue System
    Detection.

19. ISSUE:
    Machines that have the Rogue System Sensor
    deployed periodically receive the following
    error in the System Event log: "RSSensor.exe-
    Application error: The instruction at
    "0x004d4d7b" referenced memory at "0x00000004."

    RESOLUTION:
    Modifications have been made to the code in
    RSSensor.exe so that this crash no longer
    occurs.

20. ISSUE:
    If the ePolicy Orchestrator database name
    contains a space, the following error is
    displayed when clicking on Rogue System
    Detection or Notifications: "HTTP error 500-
    Server error: Initialization error details-
    Failed to initialize the alerting database."

    RESOLUTION:
    Rogue System Detection and Notifications now
    display correctly, even if the ePolicy
    Orchestrator database contains a space in the
    name.

21. ISSUE:
    Rogue System Detection and Notifications fail to
    load with "HTTP error 500- Server error:
    Initialization error details- Failed to
    initialize the alerting database" if the user
    account specified in CfgNaiMs.exe contains a
    space.  This account is used by ePolicy
    Orchestrator to administer the ePolicy
    Orchestrator database.

    RESOLUTION:
    Rogue System Detection and Notifications now
    display correctly, even if the account used to
    access the database contains a space.

22. ISSUE:
    The "Push ePO Agent" Automatic Response in Rogue
    System Detection does not activate the OK button
    when non-US English characters, such as
    ,,,,,or , are used in the username or
    password.

    RESOLUTION:
    Non-US English characters now activate the OK
    button when used in the username and password of
    the "Push ePO Agent" Automatic Response in Rogue
    System Detection.

23. ISSUE:
    Inactive agents show up multiple times in Rogue
    System Detection reports.

    RESOLUTION:
    Inactive agents no longer show up multiple times
    in these reports.

24. ISSUE:
    When running the "Rogues Detected by Subnet"
    report, the same machines are reported multiple
    times, based on the number of sensors installed
    on the subnet.

    RESOLUTION:
    The report has been redesigned to no longer show
    duplicate computer entries that are due to more
    than one sensor on a subnet.

25. ISSUE:
    Machines marked as Rogue System Exceptions still
    show as rogue machines in the reports.

    RESOLUTION:
    Rogue System Detection reports now exclude
    machines that are marked as Exceptions.

26. ISSUE:
    When accessing Rogue System Detection, the
    message "Reconnecting" is displayed.  This is
    caused when the ePolicy Orchestrator console
    login contains any of the following characters:
    &, +, or %.

    RESOLUTION:
    The characters &, +, or % are now allowed, and
    the Rogue System Detection page loads properly.

27. ISSUE:
    When the Rogue System Sensor policy is set to
    inherit at the Directory level, the
    sensor-to-server communication port changes to
    8445.

    RESOLUTION:
    The sensor-to-server communication port no
    longer changes to 8445 when the policy is set to
    inherit at the Directory level.

PREVIOUSLY RESOLVED ISSUES (ePO 3.5 PATCH 1)

1.  ISSUE:
    E-mail notifications sent by Rogue System
    Detection are missing the UTF-8 identifiers in
    the e-mail headers, which causes problems when
    viewing e-mail messages that contain high-order
    characters, such as Japanese characters.

    RESOLUTION:
    The proper identifiers have been added; now
    e-mail messages from Rogue System Detection that
    contain high-order characters are properly
    displayed.

2.  ISSUE:
    Replication to distributed repositories residing
    on Novell NetWare FTP servers completes with
    partial failure due to files being locked at the
    time of download.

    RESOLUTION:
    Files are no longer held in a locked state,
    allowing replication to complete successfully.

3.  ISSUE:
    When scheduling a replication task to start at a
    time between 00:01 and 00:59 from a non-English
    console, the start time switches to the current
    system time.

    RESOLUTION:
    Selecting a replication task start time between
    00:01 and 00:59 on a non-English console is now
    allowed.

4.  ISSUE:
    In certain circumstances, after checking in a
    Patch, Hotfix or update for a product managed by
    ePolicy Orchestrator, that product is not listed
    in the Selective Updating list.

    RESOLUTION:
    Once a Patch, Hotfix or update for an ePolicy
    Orchestrator managed product is checked in, that
    product appears in the Selective Updating list.

5.  ISSUE:
    When creating a SuperAgent repository on a
    non-English version of ePolicy Orchestrator, the
    SuperAgent repository is not added to the
    sitelist.xml file.

    RESOLUTION:
    SuperAgent repositories are now added to the
    sitelist.xml file for all language versions of
    ePolicy Orchestrator.

6.  ISSUE:
    If the Server Task log grows too large, clicking
    the "Server Task" tab to view the log may cause
    the console to appear to hang.

    RESOLUTION:
    A change in how the task log is handled allows
    the "Server Task" tab to be displayed without
    causing the console to hang.

7.  ISSUE:
    Information on tasks associated with client
    computers may not be accurate in reports.

    RESOLUTION:
    Reports list the correct tasks associated with
    each client computer.

8.  ISSUE:
    Running the Compliance Issues Report fails with
    the error: "Error detected by database DLL" due
    to the columns of the temp tables not being able
    to handle the size of the data.

    RESOLUTION:
    The size of the columns in the temp tables is
    adjusted to match the size of the source data so
    that the Compliance Issues Report now runs
    successfully.

9.  ISSUE:
    The Rogue System Detection window displays an
    "Internal Server Error" page when the Rogue
    System Detection object is selected on
    non-English SQL installations; the date/time
    format causes a conversion error.

    RESOLUTION:
    Using an international date/time format allows
    the Rogue System Detection window to display
    without the error.

10. ISSUE:
    Replication to FTP repositories is slow if a
    proxy is used.

    RESOLUTION:
    Changes have been made to improve the speed of
    replication to FTP repositories when a proxy is
    used.

11. ISSUE:
    When running Infection Reports, the error "No
    data found for this report" displays, due to old
    temp tables not having been deleted.

    RESOLUTION:
    The temp tables are now properly removed,
    allowing the Infection Reports to run
    successfully.

12. ISSUE:
    The ver.js file in the Common Management Agent
    NAP file reads 3.1.2.163 instead of 3.5.0.163,
    which causes the incorrect version to be
    displayed when it is selected in the ePolicy
    Orchestrator console.

    RESOLUTION:
    The Common Management Agent NAP file has been
    corrected to display the correct version.

13. ISSUE:
    When performing a directory search, the "move
    to" function cannot be cancelled.  Even if
    "Cancel" is selected, the computers are moved to
    the last container to which computers were
    moved.

    RESOLUTION:
    The issue has been corrected and the "move to"
    function can be cancelled successfully.

14. ISSUE:
    In certain cases, a problem in caching server
    tasks could cause NAIMSERV to crash.

    RESOLUTION:
    Improvements have been made to the database
    access code to avoid causing the crash.

15. ISSUE:
    When scheduling a Norton Antivirus Corporate
    Edition LiveUpdate agent task in ePolicy
    Orchestrator, the LiveUpdate task does not
    initiate on the client systems, even though the
    agent logs show that the task completed
    successfully.

    RESOLUTION:
    The updated Norton Antivirus plug-in included
    with this Patch contains a fix so that the
    LiveUpdate task runs as stated.

16. ISSUE:
    Merging two ePolicy Orchestrator databases using
    the AVIDB_MERGE_TOOL.EXE does not complete
    successfully; this is due to the schema scripts
    being reloaded with a pre-existing target
    AVIDB_MERGE database.

    RESOLUTION:
    The AVIDB_MERGE utility has been modified to
    prevent the schema scripts from being run
    multiple times on a pre-existing AVIDB_MERGE
    database.

17. ISSUE:
    In some cases, when ePolicy Orchestrator is
    uninstalled, the file PSAPI.DLL is removed by
    the ePolicy Orchestrator uninstaller.

    RESOLUTION:
    Logic has been added to the ePolicy Orchestrator
    installer to increment the PSAPI.DLL entry in
    the SharedDLL reference count registry key so
    that the PSAPI.DLL file is not deleted if it is
    still needed.

18. ISSUE:
    In certain circumstances, a delay in loading the
    ePolicy Orchestrator Agent Configuration
    Policies page occurs.

    RESOLUTION:
    The speed with which the ePolicy Orchestrator
    Agent Configuration Policies page loads is now
    improved.

19. ISSUE:
    On rare occasions, the SITEMGR_1000 and
    EPOSERV_3000 plug-in registry keys are not
    present in the registry, causing scheduled
    server tasks to fail to run.

    RESOLUTION:
    Logic has been added to the ePolicy Orchestrator
    installer to create or update the registry keys
    for the SITEMGR_1000 and EPOSERV_3000 plug-in
    keys each time the ePolicy Orchestrator
    installer is run.

20. ISSUE:
    Incoming events to the ePolicy Orchestrator
    server may be processed slowly when the server
    is under a heavy load.

    RESOLUTION:
    Additional enhancements have been made to
    improve event processing performance.

21. ISSUE:
    When running the report called Virus Type, the
    following error is received: "Error detected by
    database.dll."

    RESOLUTION:
    A temp table was being created with a fixed text
    field size that was not large enough to store
    long virus type values.  The temp table can now
    store virus type values of the correct length.

22. ISSUE:
    In rare cases, the ePolicy Orchestrator server
    service crashes and generates an error in the
    Dr. Watson log.

    RESOLUTION:
    Modifications to the code for the area where the
    issue was discovered have been made to ensure
    that this particular crash no longer occurs.


__________________________________________________________
INSTALLATION

INSTALLATION REQUIREMENTS

To use this release, you must have ePolicy
Orchestrator 3.5 software installed on the computer
you intend to update with this release.

    NOTES:
    This release does not work with earlier versions
    of ePolicy Orchestrator software.

    If the VirusScan Enterprise 8.0i Reports NAP
    file is checked into the ePolicy Orchestrator
    repository after the initial application of this
    Patch, it will be necessary to reapply this
    Patch.


INSTALLATION STEPS

1.  Create a temporary folder on the hard drive of
    the ePolicy Orchestrator server.

2.  Extract the EPO3503.ZIP file to the temporary
    folder that you created in Step 1.

    WARNING:
    Close the Windows Services dialog box to avoid
    installation issues.

3.  Back up ePolicy Orchestrator databases.

    If you are using Microsoft SQL Server as the
    ePolicy Orchestrator database, see the SQL
    Server product documentation.

    If you are using Microsoft Data Engine (MSDE) as
    the ePolicy Orchestrator database, you can use
    the Database Backup Utility (DBBAK.EXE) to back
    up ePolicy Orchestrator MSDE databases on the
    database server. For instructions, see "Backing
    up an MSDE database" in the ePolicy Orchestrator
    3.5 Product Guide.

4.  Log on to the desired computer using a user
    account with local administrator permissions.

5.  Close all ePolicy Orchestrator consoles.

6.  On the taskbar, click the "Start" button, then
    select "Run." The "Run" dialog box appears.

7.  In "Open," type the path where the Setup program
    (SETUP.EXE) is located, then click "OK." The
    "ePolicy Orchestrator 3.5 Patch 3 Setup" wizard
    appears.

8.  Click "Next" to begin the installation.

9.  Click "Finish" to complete the installation.

10. For all remote consoles, perform Steps 4  9.


REMOVING THIS RELEASE

To remove this Patch from your computer, uninstall,
then reinstall ePolicy Orchestrator.

      NOTE:
      We recommend that you do NOT remove the Patch
      files once you install them. If you reinstall
      the ePolicy Orchestrator software, we
      recommend that you also reinstall the Patch.


__________________________________________________________
PARTICIPATING IN THE MCAFEE BETA PROGRAM

To download new beta software or to read about the
latest beta information, visit the McAfee beta web
site located at:
       http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

To submit beta feedback on any McAfee product, send
e-mail to:
       mcafee_beta@mcafee.com

McAfee is devoted to providing solutions based on
your input.


__________________________________________________________
CONTACT INFORMATION

SECURITY HEADQUARTERS:  AVERT
(Anti-Virus & Vulnerability Emergency Response
Team)
    Home Page
       http://www.mcafeesecurity.com/us/security/home.asp

    Virus Information Library
       http://vil.mcafeesecurity.com/

    AVERT WebImmune & Submit a Virus Sample
       https://www.webimmune.net/default.asp

    AVERT DAT Notification Service
       http://vil.mcafeesecurity.com/vil/join-DAT-list.asp


DOWNLOAD SITE
    Home Page
       http://www.mcafeesecurity.com/us/downloads/

    Anti-Virus DAT File and Engine Updates
       http://www.mcafeesecurity.com/us/downloads/updates/

       ftp://ftp.mcafee.com/pub/antivirus/datfiles/4.x

    Anti-Spam Rules File and Engine Updates
       ftp://ftp.nai.com/spamdefs/1.x/

    Product Upgrades
       https://secure.nai.com/us/forms/downloads/upgrades/login.asp

    Valid grant number required (contact Customer
    Service)


TECHNICAL SUPPORT
    Home Page
       http://www.mcafeesecurity.com/us/support/technical_support

    KnowledgeBase Search
       https://knowledgemap.mcafeesecurity.com/phpclient/homepage.aspx

    PrimeSupport Service Portal (Logon credentials
    required)
       https://mysupport.mcafeesecurity.com

    PSVANS  PrimeSupport Vulnerability Alert
    Notification Service
       http://www.mcafeesecurity.com/us/support/primesupport/


CUSTOMER SERVICE
    US, Canada, and Latin America toll-free:
   Phone:     +1-888-VIRUS NO or +1-888-847-8766
              Monday-Friday, 8am-8pm, Central Time

   E-mail:    https://secure.nai.com/us/forms/support/request_form.asp

   Web:       http://www.mcafeesecurity.com/us/support/default.asp


MCAFEE BETA PROGRAM
    Download Site:
       http://www.mcafeesecurity.com/us/downloads/beta/mcafeebetahome.htm

    E-mail to Submit Beta Feedback:
       mcafee_beta@mcafee.com


TRAINING: MCAFEE UNIVERSITY
       http://www.mcafeesecurity.com/us/services/education/mcafee/university.htm


WORLDWIDE OFFICES
    For addresses and phone numbers of worldwide
    offices:

       http://www.mcafeesecurity.com/us/contact/home.htm


_____________________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

Copyright (C) 2005 McAfee, Inc. All Rights Reserved.
No part of this publication may be reproduced,
transmitted, transcribed, stored in a retrieval
system, or translated into any language in any form
orbyany means without the written permission of
McAfee, Inc., or its suppliers or affiliate
companies.


TRADEMARKS

ACTIVE FIREWALL, ACTIVE SECURITY, ACTIVESECURITY
(AND IN KATAKANA), ACTIVESHIELD, CLEAN-UP, DESIGN
(STYLIZED E), DESIGN (STYLIZED N), ENTERCEPT,
EPOLICY ORCHESTRATOR,  FIRST AID, GROUPSHIELD,
GROUPSHIELD (AND IN KATAKANA),  INTRUSHIELD,
INTRUSION PREVENTION THROUGH INNOVATION,  MCAFEE,
MCAFEE (AND IN KATAKANA), MCAFEE AND DESIGN,
MCAFEE.COM, MCAFEE VIRUSSCAN, NA NETWORK ASSOCIATES,
NET TOOLS, NET TOOLS (AND IN KATAKANA), NETSCAN,
NETSHIELD, NETWORK ASSOCIATES, NUTS & BOLTS, OIL
CHANGE, PRIMESUPPORT, SPAMKILLER, THREATSCAN, TOTAL
VIRUS DEFENSE, VIREX, VIRUS FORUM, VIRUSCAN,
VIRUSSCAN, VIRUSSCAN (AND IN KATAKANA), WEBSCAN,
WEBSHIELD, WEBSHIELD (AND IN KATAKANA), YOUR
NETWORK. OUR BUSINESS.  are registered trademarks or
trademarks of McAfee, Inc. and/or its affiliates in
the US and/or other countries.  The color red in
connection with security is distinctive of McAfee
brand products.  All other registered and
unregistered trademarks herein are the sole property
of their respective owners.


_____________________________________________________
LICENSE & PATENT INFORMATION

LICENSE AGREEMENT

NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE
LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND
CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF
YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED
LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A
BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED
THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF
THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL
THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO MCAFEE OR THE PLACE OF PURCHASE FOR A
FULL REFUND.


LICENSE ATTRIBUTIONS

This product includes or may include:
*Software developed by the OpenSSL Project for use
in the OpenSSL Toolkit (http://www.openssl.org/).
*Cryptographic software written by Eric A. Young
and software written by Tim J. Hudson. *Some
software programs that are licensed (or sublicensed)
to the user under the GNU General Public License
(GPL) or other similar Free Software licenses which,
among other rights, permit the user to copy, modify
and redistribute certain programs, or portions
thereof, and have access to the source code. The GPL
requires that for any software covered under the GPL
which is distributed to someone in an executable
binary format, that the source code also be made
available to those users. For any such software
covered under the GPL, the source code is made
available on this CD. If any Free Software licenses
require that McAfee provide rights to use, copy or
modify a software program that are broader than the
rights granted in this agreement, then such rights
shall take precedence over the rights and
restrictions herein.  *Software originally written
by Henry Spencer, Copyright 1992, 1993, 1994, 1997
Henry Spencer.  *Software originally written by
Robert Nordier, Copyright (C)1996-7 Robert Nordier.
*Software written by Douglas W. Sauder.  *Software
developed by the Apache Software Foundation
(http://www.apache.org/). A copy of the license
agreement for this software can be found at
www.apache.org/licenses/LICENSE-2.0.txt.
*International Components for Unicode ("ICU")
Copyright (C)1995-2002 International Business
Machines Corporation and others.  *Software
developed by CrystalClear Software, Inc., Copyright
(C)2000 CrystalClear Software, Inc. *FEAD(R)
Optimizer(R) technology, Copyright Netopsystems AG,
Berlin, Germany. *Outside In(R) Viewer Technology
(C)1992-2001 Stellent Chicago, Inc. and/or Outside
In(R) HTML Export, (C)2001 Stellent Chicago, Inc.
*Software copyrighted by Thai Open Source Software
Center Ltd. and Clark Cooper, (C)1998, 1999, 2000.
*Software copyrighted by Expat maintainers.
*Software copyrighted by The Regents of the
University of California, (C)1989.  *Software
copyrighted by Gunnar Ritter.  *Software
copyrighted by Sun Microsystems(R), Inc. (C)2003.
*Software copyrighted by Gisle Aas. (C)1995-2003.
*Software copyrighted by Michael A. Chase,
(C)1999-2000.  *Software copyrighted by Neil
Winton, (C)1995-1996.  *Software copyrighted by
RSA Data Security, Inc., (C)1990-1992.  *Software
copyrighted by Sean M. Burke, (C)1999, 2000.
*Software copyrighted by Martijn Koster, (C)1995.
*Software copyrighted by Brad Appleton,
(C)1996-1999.  *Software copyrighted by Michael G.
Schwern, (C)2001.  *Software copyrighted by Graham
Barr, (C)1998.  *Software copyrighted by Larry
Wall and Clark Cooper, (C)1998-2000.  *Software
copyrighted by Frodo Looijaard, (C)1997.
*Software copyrighted by the Python Software
Foundation, Copyright (C)2001, 2002, 2003. A copy
of the license agreement for this software can be
found at www.python.org.  *Software copyrighted by
Beman Dawes, (C)1994-1999, 2002.  *Software
written by Andrew Lumsdaine, Lie-Quan Lee, Jeremy G.
Siek (C)1997-2000 University of Notre Dame.
*Software copyrighted by Simone Bordet & Marco
Cravero, (C)2002.  *Software copyrighted by
Stephen Purcell, (C)2001.  *Software developed by
the Indiana University Extreme! Lab
http://www.extreme.indiana.edu/).  *Software
copyrighted by International Business Machines
Corporation and others, (C)1995-2003.  *Software
developed by the University of California, Berkeley
and its contributors.  *Software developed by Ralf
S. Engelschall <rse@engelschall.com> for use in the
mod_ssl project (http://www.modssl.org/).
*Software copyrighted by Kevlin Henney,
(C)2000-2002.  *Software copyrighted by Peter
Dimov and Multi Media Ltd. (C)2001, 2002.
*Software copyrighted by David Abrahams, (C)2001,
2002. See http://www.boost.org/libs/bind/ bind.html
for documentation.  *Software copyrighted by Steve
Cleary, Beman Dawes, Howard Hinnant & John Maddock,
(C)2000.  *Software copyrighted by Boost.org,
(C)1999-2002.  *Software copyrighted by Nicolai M.
Josuttis, (C)1999.  *Software copyrighted by
Jeremy Siek, (C)1999-2001.  *Software copyrighted
by Daryle Walker, (C)2001.  *Software copyrighted
by Chuck Allison and Jeremy Siek, (C)2001, 2002.
*Software copyrighted by Samuel Krempp, (C)2001.
See http://www.boost.org for updates, documentation,
and revision history.  *Software copyrighted by
Doug Gregor (gregod@cs.rpi.edu), (C)2001, 2002.
*Software copyrighted by Cadenza New Zealand Ltd.,
(C)2000.  *Software copyrighted by Jens Maurer,
(C)2000, 2001.  *Software copyrighted by Jaakko
Jrvi (jaakko.jarvi@cs.utu.fi), (C)1999, 2000.
*Software copyrighted by Ronald Garcia, (C)2002.
*Software copyrighted by David Abrahams, Jeremy
Siek, and Daryle Walker, (C)1999-2001.  *Software
copyrighted by Stephen Cleary (shammah@voyager.net),
(C)2000.  *Software copyrighted by Housemarque Oy
<http:// www.housemarque.com>,(C)2001.  *Software
copyrighted by Paul Moore, (C)1999.  *Software
copyrighted by Dr. John Maddock, (C)1998-2002.
*Software copyrighted by Greg Colvin and Beman
Dawes, (C)1998, 1999.  *Software copyrighted by
Peter Dimov, (C)2001, 2002.  *Software copyrighted
by Jeremy Siek and John R. Bandela, (C)2001.
*Software copyrighted by Joerg Walter and Mathias
Koch, (C)2000-2002.


PATENTS
Protected by US Patents 6,470,384; 6,493,756;
6,496,875; 6,553,377; 6,553,378.



V3.1.2
