McAfee Gold Technical Support
5
Product updates
McAfee Avert
®
Labs is the top-ranked anti-virus research center in the world, and employs researchers in 16 countries. The
primary responsibility of Avert Labs is to support the computing public and McAfee customers. We help users work securely
by researching new threats and proactively identifying threats that may arise in the future.
As part of McAfee’s commitment to minimizing the threat of attack to its customers, Avert Labs produce daily updates
covering the latest virus outbreaks. With widespread outbreaks, emergency DAT files are created and posted to provide
rapid protection from these threats.
Sign up for daily DAT notifications at
http://vil.nai.com/vil/signup_dat_notification.aspx
Automatic updates with McAfee ePolicy Orchestrator or McAfee ProtectionPilot
For large network deployments, McAfee ePolicy Orchestrator
®
(ePO
™
) or McAfee ProtectionPilot
™
enable distribution of
applications and virus signatures to multiple nodes on the network. These centralized applications are simple to configure
and provide an automated solution to updating software.
The instructions for obtaining the latest DAT files and copying them to the Master Repository can be found in the
KnowledgeBase at
http://knowledge.mcafee.com/SupportSite/search.do?cmd=displayKC&docType=kc&externalId=NAI31632&
sliceId=SAL_Public&dialogID=1077249
Once the DAT files have been downloaded to ePO, the updates can then be deployed to the end nodes, with the
instructions provided in the following KnowledgeBase article at
http://knowledge.mcafee.com/SupportSite/search.do?cmd=di
splayKC&docType=kc&externalId=NAI31705&sliceId=SAL_Public&dialogID=1465160
Manual updates
There are three types of updates for virus definition files; they can be found in the download section of the ServicePortal at
http://www.mcafee.com/apps/downloads/security_updates/dat.asp
SuperDat files
The SuperDat file automates the process of loading the latest virus definitions and scan engines, and is the quickest way
to update your system’s protection against threats. (The scan engine is the software that is used to analyze application
behavior and search for abnormal activity.)
After execution, the SuperDat stops the services, updates the virus definitions, and upgrades the scan engine to the latest
version, if needed. After completion, it then restarts the services.
Manual extraction of a DAT file from a SuperDat file can be achieved by creating a new directory and running the SuperDAT
file using the /e switch (for example, SuperDat.exe /e).
Daily DAT files
These signature files contain only the latest virus information (with no scan engine) and are updated on a daily basis.
Extra DAT files
If a virus outbreak of a medium or higher risk is detected, then an extra DAT will be generated to rapidly protect customers
from the threat. This file will contain just the DAT and no scan engine files.
Definitions of risk levels can be found on the Avert Labs web site at
http://www.mcafee.com/us/threat_center/outbreaks/
