Release Notes for McAfee GroupShield Version 5.0
   Service Pack 2 for Microsoft Exchange 5.5

                    Patch 1

          2003 Networks Associates
                Technology, Inc.
              All Rights Reserved


===============================================

Patch 1 Release Date:      30th September 2003


This Patch was developed and tested with:

- McAfee GroupShield 5.0 Service Pack 2
  for Microsoft Exchange 5.5

- DAT Version:                            4292

- Engine Version:                       4.2.40

Make sure you have installed this version or
later before using this Patch.

===============================================


Thank you for using McAfee GroupShield software.
This file contains important information
regarding this release. We strongly recommend
that you read the entire document.

The attached file is provided as is, and with
no warranty either expressed or implied as to
their suitability for any particular use or
purpose. Network Associates, Inc. assumes no
liability for damages incurred either directly
or indirectly as a result of the use of these
files, including but not limited to the loss or
damage of data or systems, loss of business or
revenue, or incidental damages arising from
their use. Patch files should be applied only
on the advice of McAfee Technical Support, and
only when you are actually experiencing the
issue being addressed by the Patch. Patch
files should not be proactively applied in
order to prevent potential product issues. You
are responsible for reading and following all
instructions for preparation, configuration,
and installation of Patch files. Patch files
are not a substitute nor replacement for
product Service Packs which may be released by
Network Associates, Inc. It is a violation of
your software license agreement to distribute
or share these files with any other person or
entity without written permission from Network
Associates, Inc. Further, posting of McAfee
Patch files to publicly available Internet
sites is prohibited. Network Associates, Inc.
reserves the right to refuse distribution of
Patch files to any company or person guilty of
unlawful distribution of McAfee software
products. Questions or issues with McAfee
Patch files should be directed to McAfee
Technical Support.


_______________________________________________
WHAT'S IN THIS FILE


-  About This Patch
   -  Purpose
   -  Resolved Issues
   -  Files Included with This Patch
-  Installation
   -  Installation Requirements
   -  Installation Steps
   -  Testing Your Installation
   -  Removing This Patch
-  Contacting McAfee and Network Associates
-  Copyright and Trademark Attributions
   -  Trademarks
   -  License Agreement


_______________________________________________
ABOUT THIS PATCH


PURPOSE

This Patch includes one Microsoft Windows Installer
Patch file for use with McAfee GroupShield version 5.0
Service Pack 2 for Microsoft Exchange 5.5.


RESOLVED ISSUES

1.  This Patch resolves an issue in McAfee GroupShield,
    where applying configuration changes (e.g. via
    the Administration Console or via ePO) when
    there was high mail traffic, might have caused
    the scanning process to slow down drastically.
    This might have caused mail to queue up.

2.  This Patch resolves an issue in McAfee GroupShield
    when using ESE-mode, where an incorrect SMTP address
    was reported in the alert and notification messages
    for a recipient who did not have an SMTP-address
    assigned.

3.  This Patch resolves an issue in McAfee GroupShield
    where the McAfee GroupShield Store Post service
    might hang in a "stop pending" state when shutting
    it down on multi-processor systems.

4.  This Patch resolves an issue where a large number
    of 3026 Events, relating to AVePOConfig, were
    written into the Windows Application Log.
    The Event details are as follows:
    "Dapi returned 'Unable to initialize Directory
    user agent (DUA) workspace' (0xc00000c3)."

5.  This Patch resolves an issue where an On-Demand
    scan configured to scan all local Mailboxes and
    local Public Folders was not limited to folders
    hosted on the local Exchange Server.

6.  This Patch resolves an issue where an On-Demand
    scan detected the same email as infected with
    "unknown virus name" each time the On-Demand
    scan was run, but was unable to clean or
    quarantine these emails.

7.  This Patch resolves an issue where an On-Demand
    scan ended prematurely when "scan selected" was
    used and Public Folders which have been deleted
    were still present in the Selected List.

8.  This Patch resolves an issue where an On-Demand
    scan seemed to run indefinitely when
    "scan selected" was used and Mailboxes which have
    been deleted were still present in the
    Selected List.

9.  This Patch resolves an issue where reports
    generated in ePO did not show the DAT version in
    "4.0.xxxx" format.

10. This Patch resolves an issue where no
    UNC-conversion of a local path was done on the
    ePO-client, when locations for Quarantine and
    Logging Database paths were set on an ePO-server.

11. This Patch resolves an issue where notifications
    produced as a result of an infected file sent
    through the Exchange store and detected by
    GroupShield using ESE as the scanning mode may
    contain "null" in the sender field.

12. This Patch resolves an issue with a custom
    installation of Microsoft Exchange (the Admin
    component has been installed to a non default
    location) resulting in AVAPI mode not being
    selectable and displaying an error message.

13. This Patch resolves an issue where in AVAPI/MAPI
    or MAPI/MAPI mode under special circumstances
    only the first "To"-recipient is shown in alerts,
    log database entries, quarantine database entries
    and Anti Virus reports.

14. This Patch resolves an issue where under special
    circumstances multiple ALERT.TXT's generated as a
    result of multiple infections  within a mail may
    contain superfluous information.

15. This Patch resolves an issue where ePO policies
    may not have been applied to McAfee GroupShield 5.0.


FILES INCLUDED WITH THIS PATCH

This Patch consists of a package called
GS50SP2P1.ZIP, which contains the
following files:

 
   GS50SP2P1.MSP - Microsoft Windows Installer
                   Patch File
   README.TXT    - This text file
   VALIDATE.TXT  - Validate codes for this Patch


__________________________________________________
INSTALLATION


INSTALLATION REQUIREMENTS

To use this Patch, you must have GroupShield 5.0
Service Pack 2 for Microsoft Exchange 5.5 software
already installed on the computer you intend to
update. This Patch is not designed to work with
earlier versions of the software.


INSTALLATION STEPS

   NOTE:
   This Patch will replace files in your
   GroupShield Exchange program directory.
   After installation of this Patch, it is not
   possible to revert back to the original
   pre-patched state without reinstalling
   GroupShield Exchange.

   McAfee recommends that you make a backup of
   your GroupShield v5.0 files before applying
   this Patch.

To install this Patch, follow these steps:

1.  Create a temporary directory on your hard
    disk, then download the file GS50SP2P1.ZIP
    from the McAfee website to this directory.

2.  Use a compression utility such as WinZip or
    PKZip to extract the Patch files from
    the GS50SP2P1.ZIP archive into the temporary
    directory. Be sure to extract all the files. 
    If using WinZip, select the Use Folder Names
    and the All Files options.

    You can download the necessary software from
    most shareware archives, or directly from
    these websites:

    WinZip
    http://www.winzip.com/ddchomeb.htm

    PKZip
    http://www.pkware.com/shareware/

    The codes in the VALIDATE.TXT file can be
    used to ensure the files are the correct
    versions.

    If you plan to use the GS50SP2P1.ZIP archive
    file again, keep it available on your
    computer. Otherwise, delete the file.

3.  Close all GroupShield Administration
    consoles that are running on the server or
    the management console.

4.  Double-click the file GS50SP2P1.MSP to start
    the patch installation wizard.

    NOTE:
    The installation of this Patch requires that
    the original GroupShield Exchange version 5.0
    installation file, SETUP.MSI,
    is available in its original location. If
    this file is not in the same location that
    GroupShield version 5.0 was originally
    installed from, you may be prompted to specify
    the directory containing SETUP.MSI.

    NOTE:
    If required, this Patch can be installed
    silently (without any on screen prompts) 
    from the command line.

    To install the Patch use the following
    command, either with the /q option to apply
    the patch silently, or without the /q for a
    prompted install.

    MSIEXEC /q /p <location>GS50SP2P1.MSP
    REINSTALL=all REINSTALLMODE=os

    The meaning of the MSIEXEC switches are as
    follows:

    /q = Silent install
    /p = Apply Patch
    <location> = Location of the Patch file
    GS50SP2P1.MSP = Patch file

    The meaning of the REINSTALLMODE switches
    are as follows:

    o = overwrite missing or older files.
    m = re-write registry (HKLM)
    u = re-write registry (HKCU)
    s = update shortcuts.

5.  Select Next. This will start the
    installation of the Patch.

6.  Once the Patch is installed, a dialog box
    stating that the patch has been successfully
    installed will appear. Select 'Finish' to
    complete the installation.

    NOTE:
    Once the installation is completed, you may
    check that the patch is applied correctly by
    verifying the file MAPISCAN.DLL in the
    Program Files\McAfee\GroupShield Exchange\i386
    folder has the newer version information as
    follows:

    MAPISCAN.DLL   5.0.1218.1

    NOTE:
    To install this Patch on a Microsoft Cluster
    server, install the Patch on the active node
    as per the installation process above. Once
    these steps have been completed, repeat the 
    steps above to install the Patch on the
    second node. The Cluster does not need to be
    failed over to apply the Patch to the
    passive node.


TESTING YOUR INSTALLATION

You can test the operation of the software by
sending the EICAR Standard AntiVirus Test File
via any computer where you have installed the
software. The EICAR Standard AntiVirus Test File
is a combined effort by anti-virus vendors
throughout the world to implement one standard
by which customers can verify their anti-virus
installations.

To test your installation:

1.  Using a Text Editor, copy the following
    line into its own file, without any spaces,
    carriage returns or other characters,
    then save the file with the name EICAR.COM.

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

    The file size will be 68 or 70 bytes.

2.  To test the GroupShield Exchange On-Access
    scanner, start your e-mail client software
    and insert the EICAR.COM file attachment
    into a new e-mail and send it to a mailbox
    on the GroupShield Exchange server.

    The On-Access scanner reports finding the
    EICAR test file.

3.  To test the GroupShield Exchange On-Demand
    scanner, make a note of the current
    On-Access settings, then select the "Log
    Infection And Continue Without Attempting To
    Disinfect" action option on the On-Access
    property page. Next, send a message that
    contains the EICAR test file to a mailbox on
    the GroupShield Exchange server, then start
    an On-Demand scan operation. The software
    reports finding the EICAR test file. Once 
    you have completed testing the On-Demand
    scanner, return to the On-Access property
    page and revert the settings back to their
    original values.

    NOTE:
    To learn how to exclude and include selected
    mailboxes in an On-Demand scan operation,
    see the On-Demand property page online help.

    IMPORTANT:
    Note that this file is NOT A VIRUS. Delete
    the file when you have finished testing
    your installation to avoid alarming
    unsuspecting users.


REMOVING THIS PATCH

    NOTE:
    McAfee recommends that you do NOT remove the
    Patch files from your GroupShield Exchange
    installation once you install them. If you
    reinstall your McAfee GroupShield version 5.0
    Service Pack 2 for Microsoft Exchange 5.5
    software, McAfee recommends that you also 
    re-apply this Patch.


_________________________________________________
CONTACTING MCAFEE AND NETWORK ASSOCIATES


Technical Support
      http://knowledge.nai.com

McAfee Beta Program
   Beta Web Site
      www.mcafeeb2b.com/beta/

   E-mail
      avbeta@nai.com

AVERT Anti-Virus Emergency Response Team
      www.mcafeeb2b.com/naicommon/avert/default.asp

Download Site
      www.mcafeeb2b.com/naicommon/download/

   DAT File Updates
      www.mcafeeb2b.com/naicommon/download/dats/find.asp

      ftp://ftp.nai.com/pub/antivirus/datfiles/4.x

   Product Upgrades
      www.mcafeeb2b.com/naicommon/download/upgrade/login.asp
 
      Valid grant number required.
      Contact Network Associates Customer
      Service

On-Site Training Information
      www.mcafeeb2b.com/services/mcafee-training/default.asp

Network Associates Customer Service
   US, Canada, and Latin America toll-free:
   Phone:   +1-888-VIRUS NO or +1-888-847-8766
            Monday - Friday, 8 a.m. - 8 p.m.,
            Central Time

   E-mail:  services_corporate_division@nai.com
   Web:     www.nai.com
            www.mcafeeb2b.com

For additional information on contacting
Network Associates and McAfee  including
toll-free numbers for other geographic areas 
see the documentation that accompanied your
original product release.


_______________________________________________
COPYRIGHT AND TRADEMARK ATTRIBUTIONS

 2003 Networks Associates Technology, Inc.
All Rights Reserved. No part of this
publication may be reproduced, transmitted,
transcribed, stored in a retrieval system, or
translated into any language in any form or by
any means without the written permission of
Networks Associates Technology, Inc., or its
suppliers or affiliate companies. To obtain
this permission, write to the attention of the
Network Associates legal department at: 5000
Headquarters Drive, Plano, Texas 75024, or call
+1-972- 963-8000.


TRADEMARKS

Active Firewall, Active Security, Active
Security (in Katakana), ActiveHelp,
ActiveShield, AntiVirus Anyware and design,
Appera, AVERT, Bomb Shelter, Certified Network
Expert, Clean-Up, CleanUp Wizard, ClickNet,
CNX, CNX Certification Certified Network Expert
and design, Covert, Design (stylized N), Disk
Minder, Distributed Sniffer System, Distributed
Sniffer System (in Katakana), Dr Solomons, Dr
Solomons label, E and Design, Entercept,
Enterprise SecureCast, Enterprise SecureCast
(in Katakana), ePolicy Orchestrator, Event
Orchestrator (in Katakana), EZ SetUp, First
Aid, ForceField, GMT, GroupShield, GroupShield
(in Katakana), Guard Dog, HelpDesk, HelpDesk
IQ, HomeGuard, Hunter, Impermia, InfiniStream,
Intrusion Prevention Through Innovation,
IntruShield, IntruVert Networks, LANGuru,
LANGuru (in Katakana), M and design, Magic
Solutions, Magic Solutions (in Katakana), Magic
University, MagicSpy, MagicTree, McAfee, McAfee
(in Katakana), McAfee and design, McAfee.com,
MultiMedia Cloaking, NA Network Associates, Net
Tools, Net Tools (in Katakana), NetAsyst,
NetCrypto, NetOctopus, NetScan, NetShield,
NetStalker, Network Associates, Network
Performance Orchestrator, Network Policy
Orchestrator, NetXray, NotesGuard, nPO, Nuts &
Bolts, Oil Change, PC Medic, PCNotary,
PortalShield, Powered by SpamAssassin,
PrimeSupport, Recoverkey, Recoverkey 
International, Registry Wizard, Remote Desktop,
ReportMagic, RingFence, Router PM, Safe &
Sound, SalesMagic, SecureCast, SecureSelect,
Service Level Manager, ServiceMagic, SmartDesk,
Sniffer, Sniffer (in Hangul), SpamKiller,
SpamAssassin, Stalker, SupportMagic,
ThreatScan, TIS, TMEG, Total Network Security,
Total Network Visibility, Total Network
Visibility (in Katakana), Total Service Desk,
Total Virus Defense, Trusted Mail, UnInstaller,
VIDS, Virex, Virus Forum, ViruScan, VirusScan,
WebScan, WebShield, WebShield (in Katakana),
WebSniffer, WebStalker, WebWall, What's The
State Of Your IDS?, Whos Watching Your
Network, WinGauge, Your E-Business Defender,
ZAC 2000, Zip Manager are registered trademarks
or trademarks of Network Associates, Inc.
and/or its affiliates in the US and/or other
countries. Sniffer brand products are made
only by Network Associates, Inc. All other
registered and unregistered trademarks in this
document are the sole property of their
respective owners.


LICENSE INFORMATION

License Agreement

NOTICE TO ALL USERS: CAREFULLY READ THE
APPROPRIATE LEGAL AGREEMENT CORRESPONDING TO
THE LICENSE YOU PURCHASED, WHICH SETS FORTH THE
GENERAL TERMS AND CONDITIONS FOR THE USE OF THE
LICENSED SOFTWARE. IF YOU DO NOT KNOW WHICH
TYPE OF LICENSE YOU HAVE ACQUIRED, PLEASE
CONSULT THE SALES AND OTHER RELATED LICENSE
GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU
HAVE RECEIVED SEPARATELY AS PART OF THE
PURCHASE (AS A BOOKLET, A FILE ON THE PRODUCT
CD, OR A FILE AVAILABLE ON THE WEB SITE FROM
WHICH YOU DOWNLOADED THE SOFTWARE PACKAGE). IF
YOU DO NOT AGREE TO ALL OF THE TERMS SET FORTH
IN THE AGREEMENT, DO NOT INSTALL THE SOFTWARE.
IF APPLICABLE, YOU MAY RETURN THE PRODUCT TO
NETWORK ASSOCIATES, INC. OR THE PLACE OF
PURCHASE FOR A FULL REFUND.


Attributions

This product includes or may include:

-  Software developed by the OpenSSL Project
   for use in the OpenSSL Toolkit
   (http://www.openssl.org/).

-  Cryptographic software written by Eric Young
   (eay@cryptsoft.com) and software written by
   Tim J. Hudson (tjh@cryptsoft.com).

-  Some software programs that are licensed (or
   sublicensed) to the user under the GNU
   General Public License (GPL) or other
   similar Free Software licenses which, among
   other rights, permit the user to copy,
   modify and redistribute certain programs, or
   portions thereof, and have access to the
   source code.  The GPL requires that for any
   software covered under the GPL which is
   distributed to someone in an executable
   binary format, that the source code also be
   made available to those users.  For any such
   software covered under the GPL, the source
   code is made available on this CD.  If any
   Free Software licenses require that Network
   Associates provide rights to use, copy or
   modify a software program that are broader
   than the rights granted in this agreement,
   then such rights shall take precedence over
   the rights and restrictions herein.

-  Software originally written by Henry
   Spencer, Copyright 1992, 1993, 1994, 1997
   Henry Spencer.

-  Software originally written by Robert
   Nordier, Copyright  1996-7 Robert Nordier.
   All rights reserved.

-  Software written by Douglas W. Sauder.

-  Software developed by the Apache Software
   Foundation (http://www.apache.org/).

-  International Components for Unicode ("ICU")
   Copyright  1995-2002 International Business
   Machines Corporation and others. All rights
   reserved.

-  Software developed by CrystalClear Software,
   Inc., Copyright  2000 CrystalClear
   Software, Inc.

-  FEAD Optimizer technology, Copyright
   Netopsystems AG, Berlin, Germany.





