Doc ID                : ADV264
Version              : 2.0 
Status                : Published
Published date : 08/18/2016
Categories  : Security Issue

I/A Series

Foxboro Evo
Last Modified date : 08/18/2016

Customer Advisory

Updates to the file scanning configuration settings for McAfee Products
August 18, 2016

Schneider Electric is committed to ensuring that our customers and employees are kept current on issues that might affect or improve product, system or process operation. We are dedicated to providing product and application reliability, and exceptional client service.   

Customer Advisories are intended to inform you of the possibility of a situation occurring at system installations, and the identified resolution. Schneider Electric recommends that our customers consider taking action to help prevent occurrence of the identified situation during your production process.

Potential Security Vulnerability:

It is recognized that the global threat environment is constantly changing and we are committed to helping our customers protect the security of their installations.  We have reviewed the issue described in this Customer Advisory and determined that, if no action is taken, there is potential security vulnerability that could allow an attacker to compromise the integrity, availability, or confidentiality of a product.  We strongly advise customers to take note of the actions recommended, to test such actions or patches on non-production systems as able, prior to deployment into production environments. This approach is recommended in order to minimize risk and exposure to announced vulnerabilities.


This advisory applies to all McAfee MOVE AV 3.5.1 and McAfee VirusScan Enterprise (VSE) 8.8 users.


McAfee recently released Technical Article KB87375 advising users about the potential for the EICAR/malware test strings not being properly detected within MOVE AV when the test string was contained within a text file (.txt). This was the result of a default configuration change within the McAfee MOVE AV product. In light of this announcement, Schneider-Electric has reviewed the recommended settings for McAfee products deployed within our systems. 

We have identified that our McAfee® MOVE Antivirus Product Installation and Configuration Guide Documentation B0700GP Rev B was missing the required configuration instructions as detailed in McAfee KB87375. Without the recomended changes to the MOVE AV policy contained within McAfee ePO, antivirus protection will not be provided for all file types.

Additionally  we have identified an issue with the instructions provided in B0700EQ Rev E for McAfee VirusScan Enterprise 8.8. The default McAfee VSE settings do not provide antivirus protection scanning for all File types.


The McAfee default configuration does not provide scanning for all files and may not provide antivirus protections against all file types.


Updated instructions have been provided in the McAfee® MOVE Antivirus Product Installation and Configuration Guide Documentation B0700GP Rev C  to adequately reflect the requirement to scan ALL file types. Customers should follow the updated instructions to modify the current ePO policy for MOVE AV and apply the changes. 

The instructions in the McAfee VirusScan Enterprise 8.8 B0700EQ Rev F document have been updated as well to adequately scan ALL file types. Customers should follow the updated instructions and update the Scan file configuration settings. 


If you have any questions regarding this article, please contact your local Service Representative or a Schneider Electric Support Center at:  
GCS Center America's GCS Asia Pacific GCS EMEA GCS
Location Foxboro MA USA Shanghai Baarn NL
Phone +1-866-746-6477 +86 21 37180086  +31-3554-84125
Internationally +1-508-549-2424    
Fax +1-508-549-4999 +86 21 37180196 +31-3554-84230
Email America's GCS Asia Pacific GCS EMEA GCS


John Petty
Global Customer Support

Distribution to Schneider Electric Customers and Internal Personnel Only
All trademarks are registered to their respective owners.
All brand names are property of their respective owners.

Advisory #: 2016035ABI

©Schneider Electric. All rights reserved