Trellix Endpoint Security (ENS)10.7.0 introduces enhancements and addresses known issues. It also addresses product rebranding changes.
Every update release is cumulative and includes all features and fixes from the previous release. We recommend that you always upgrade to the most current update.
Rating
The rating defines the urgency for installing this update. This release is recommended for all environments. Apply this update at the earliest convenience.New features and changes
- Rebranding changes
This is solely for informational purpose, there is no action needed. You can continue to secure your organisation withTrellix Endpoint Security (ENS). You will notice the following changes in the software:
- Product Name- McAfee Endpoint Security is renamed to Trellix Endpoint Security (ENS). All features, default policies, and options prefixed with product name are renamed with the new product name.
- Brand logo- McAfee logo is replaced with Trellix logo.
- User interface- Color and typeface are updated and provides better user experience.
- Copyright- Copyright is updated according to legal requirements.
- Domain name- The domain name for GTI functionality used in Trellix ENS modules has been updated. For more information about the changes to URLs and the schedule for further URL changes planned via AMCore content, see KB93324.
As part of rebranding, the certificates used to sign our software have been updated. If your enterprise automatically updates root certificates, the software update/installation does not require any additional effort. However, if your enterprise manages root certificate updates manually, you need to install the new intermediate and root certificates.
- Multiple instance policies
Ability to apply multiple instance policies for Exploit Prevention Rules. You can assign one or more instances of the policy to a group or system in the System Tree. This provides single policy multi-purpose protection. For more information, see Assigning multiple instances of Exploit Prevention policy in Trellix Endpoint Security (ENS) 10.7.x Product Guide.
- Exploit Prevention exclusion
You can now apply exclusions for multiple directories, files, or processes. For more details, see Add Exclusion or Edit Exclusion in Trellix Endpoint Security (ENS)10.7.x Product Guide.
Updated platform, environment, or operating system supports
This release supports Microsoft Windows 10 22H2 and Microsoft Windows 11 22H2. You can get the latest information about supported platforms, environments, and operating systems for Trellix Endpoint Security (ENS)10.7.x from KB82761.Release Details
This release includes the following build numbers:| Component | Version |
|---|---|
| Trellix Endpoint Security (ENS)Platform | 10.7.0.5149 |
| Trellix Endpoint Security (ENS)Platform extension | 10.7.0.5113 |
| Trellix Endpoint Security (ENS) Threat Prevention | 10.7.0.5140 |
| Trellix Endpoint Security (ENS) Threat Prevention extension | 10.7.0.5102 |
| Trellix Endpoint Security (ENS) Firewall | 10.7.0.5117 |
| Trellix Endpoint Security (ENS) Firewall extension | 10.7.0.5093 |
| Trellix Endpoint Security (ENS) Web Control | 10.7.0.5146 |
| Trellix Endpoint Security (ENS) Web Control extension | 10.7.0.5087 |
| Trellix Endpoint Security (ENS) Adaptive Threat Protection | 10.7.0.5172 |
| Trellix Endpoint Security (ENS) Adaptive Threat Protection extension | 10.7.0.5081 |
| Trellix Endpoint Security (ENS)Migration extension | 10.7.0.5088 |
| Trellix Endpoint Security (ENS)Threat Detection Reporting extension | 1.0.0.5067 |
| Trellix Agent(Standalone Installer) | 5.7.7.378 |
For more details about the product versions listed in Control Panel, see KB92355.
For information regarding the latest Security Bulletin updates, see Security Bulletin.
Resolved issues
This release resolves known issues.
Platform
| Category | Reference | Resolution |
|---|---|---|
| Feature fix | ENSW-117188 | Resolves an issue of application GUIs not displaying after an upgrade fromVirusScan Enterprise to Trellix Endpoint Security (ENS)despite the process running in the background. |
| Feature fix | ENSW-117272 | After Endpoint Security Migration task failure,Trellix ENS existing customised policies did not reset toMcAfee Default. |
| Feature fix | ENSW-117574 | Fixed an issue that caused Trellix Agent to stop communicating with McAfee ePO with CURL error 28. |
| Interoperability | ENSW-113745 | Resolves an issue where Trellix ENS upgrade fails in the presence of Sophos Safeguard encryption application. |
| User Interface | ENSW-115155 | Resolves an issue where theQueries & Report section fails to load or times out when loading theEndpoint Security: Threat Behavior dashboard in MVISION ePO. |
| User Interface | ENSW-116661 | The automated response emails on virus detection now display user name and host name successfully. |
| Performance | ENSW-116669 | Resolves an issue of sporadic system unresponsiveness in the presence of Trellix ENS. |
| Performance | ENSW-115561 | Resolves an issue of system freeze caused by Mfehidk.sys driver. |
| Performance | ENSW-115251 | Resolves an issue of high CPU usage due to mfehidk.sys and mfencbdc.sys. |
| Performance | ENSW-115262 | Resolves an issue of Bug Check 0xC2: BAD_POOL_CALLER. |
| Performance | ENSW-117440 | Resolves an issue where throughput on Hyper-V hosts is negatively impacted while On-Access Scan is enabled. |
| Performance | ENSW-115922 | Resolves the Blue screen of death (BSoD) error caused by mfehidk.sys. |
Threat Prevention
| Category | Reference | Resolution |
|---|---|---|
| Feature fix | ENSW-117493 | Added Microsoft Edge browser as an option for the following two Access Protection rules:
|
| Feature fix | ENSW-116051 | The Threat Prevention On-Access Scan policy now prevents users from adding file/path exclusions when process type is Low Risk and Do not scan when reading from or writing to disk is selected. |
| User Interface | ENSW-115930 | Resolves an issue where an exclusion type ofLinux File - Process under Exploit Prevention is not retained after successfully saving it. |
| User Interface | ENSW-116910 | Multi-byte strings are now supported for Expert Rules in the Exploit Prevention policy. |
| User Interface | ENSW-117120 | Resolves the dissimilarity between McAfee ePO and MVISION ePO Exploit Prevention rules. |
| Performance | ENSW-115798 | Resolves a delay to save changes after adjusting configurations in the Exploit Prevention policy. |
| Feature fix | ENSW-116187 | After a reboot,Trellix Agent and Trellix ENS synch happens successfully and now the status of the custom on-demand scans (scheduled/ non-scheduled) are communicated properly. |
| Feature fix | ENSW-114584 | Resolves delay in batch process execution when On-Access Scan is enabled inThreat Prevention. |
Firewall
| Category | Reference | Resolution |
|---|---|---|
| User Interface | ENSW-117391 | Fixed an issue where the wrong trusted network was deleted when two catalog items from the same network are defined as local and remote and shared name. |
| Feature fix | ENSW-115127 | Resolves an issue where Firewall Log reports multiple matching locations leading to performance degradation. |
Adaptive Threat Protection
| Category | Reference | Resolution |
|---|---|---|
| Feature fix | ENSW-117221 | Resolves an issue of Adaptive Threat Protection Action Enforcement policy not syncing with registry. |
| Feature fix | ENSW-115942 | Resolves an issue of Trellix ENS ATP reporting multiple events against a rule ID 503 even after disabling the rule in Trellix ENS ATP server setting for balanced posture. |
| Performance | ENSW-117248 | Resolves an issue of mfeatp crash on libuv.dll. |
| User Interface | ENSW-116258 | Roll up data task for Trellix ENS ATP systems no longer fails after adding AAR version column in roll up table for upgrade scenarios. |
| Feature fix | ENSW-115082 | Resolves an issue where blocking and allowing operations were not applied correctly with Trellix ENS ATP rule 500 enabled or disabled. |
Web Control
| Category | Reference | Resolution |
|---|---|---|
| User Interface | ENSW-114810 | Resolves an issue of multiple validation marks (green checkmarks) on Chrome. |
| Rebranding | ENSW-117441 | Web Control extension is now available again in the Chrome Store. |
| Rebranding | ENSW-117351 | Web Control site report now redirects to the right Trellix Endpoint Security (ENS) lookup site. |
For a list of known issues in this product release, see Trellix Endpoint Security (ENS) 10.x Known Issues (KB82450).