Deploy Patch 17 if you are forced to remain on VSE 8.8 due to legacy compatibility constraints. However, note the December 31, 2024 End of Support date – after this, no security updates or DAT compatibility is guaranteed.
Plan migration to Trellix ENS 10.7+ by Q3 2024 for continued security coverage. --- Mcafee Virusscan Enterprise 8.8 Patch 17
| CVE ID | Description | Severity |
|--------|-------------|----------|
| CVE-2020-7314 | Local privilege escalation via improper DACL on installation directory | Important |
| CVE-2021-23839 | OpenSSL 1.1.1g → 1.1.1j update (mitigates Bleichenbacher oracle) | Moderate |
| CVE-2021-23840 | Cryptographic weakness in McAfee Agent handshake (fixed via new NAI crypto module) | Important | Deploy Patch 17 if you are forced to remain on VSE 8
Even as a mature patch, users report specific quirks. | CVE ID | Description | Severity |