ePolicy Orchestrator update fixes multiple Oracle Java vulnerabilities - July 2016

ePO is vulnerable to the following CVEs reported in Oracle's July 2016 Java SE update.

Collectively, these vulnerabilities affect integrity and availability of the server.

AFFECTED SOFTWARE
ePO 5.1.3 and earlier
ePO 5.3.2 and earlier

REMEDIATED/PATCHED VERSIONS

Oracle Java 7.0 officially reached End of Life (EOL) status in April of 2015. The Java version currently supported in ePO 5.1.x and 5.3.x has been upgraded to Java 8.0. This issue is remediated with ePO 5.x Hotfix 1151890. These fixes will be included in the next ePO patch when scheduled.

ePO 5.1.3 + Hotfix 1151890 (EPO5xHF1151890.zip)
ePO 5.3.1 + Hotfix 1151890 (EPO5xHF1151890.zip)
ePO 5.3.2 + Hotfix 1151890 (EPO5xHF1151890.zip)

McAfee recommends that all customers verify that they have applied the latest updates. Impacted users should install the relevant patches or hotfixes. For full instructions and information, see McAfee Knowledge Base article SB10166.