<<<>>> Trend Micro Incorporated September 13, 2016 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Worry-Free(TM) Business Security 9.0 Service Pack 3 Patch 1 - Build 4287 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates. GM release documentation: http://docs.trendmicro.com Patch/Service Pack release documentation: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ========================================================== 1. About Worry-Free Business Security 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement ========================================================== 1. About Worry-Free Business Security ======================================================================= Worry-Free Business Security protects small business users and assets from data theft, identity theft, risky web sites, and spam. 1.1 Overview of this Release ==================================================================== This Patch contains solutions to issues resolved since the release of Worry-Free Business Security 9.0 Service Pack 3. 1.2 Who Should Install this Release ==================================================================== Install this Patch if you are running any build of Worry-Free Business Security 9.0 Service Pack 3. 2. What's New ======================================================================= This Patch addresses the following issues and includes the following enhancement: 2.1 Enhancements =================================================================== The following enhancements are included in this release: Enhancement 1: Microsoft(TM) Windows(TM) Platform Compatibility - This Patch adds new core modules in Worry-Free Business Security 9.0 Service Pack 3 that ensures Security Agent to work well with Windows 10 Red Stone 1 (Windows 10 Anniversary Update). Enhancement 2: Ransomware Detection - This Patch enables users to manage Ransomware Detection logs and reports. Enhancement 3: Ransomware Detection - This Patch improves the ransomware detection feature and reduces false- positive detections. Enhancement 4: Behavior Monitoring - This Patch enlarge the effectiveness scope of Behavior Monitoring exclusion list. 2.2 Resolved Known Issues ==================================================================== This release resolves the following issues: Issue 1: The Worry-Free Business Security 9.0 Service Pack 3 Agent program may be vulnerable to "Path Traversal" and "HTTP-Header-Injection" attacks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Critical Patch 4060, Critical Patch 4254] This patch improves the checking mechanism of the Worry-Free Business Security 9.0 Service Pack 3 Security Agent program to protect it against "Path Traversal" and "HTTP-Header-Injection" attacks. Issue 2: The permission for the Security Agent folder automatically switches to "FULL PERMISSION" after the Security Agent or computer restarts. This may cause a folder permission issue when users attempt to enable the Self-Protect feature. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 4190] This patch ensures that the folder permission of Security Agent folder is configured correctly and does not change unexpectedly. Issue 3: Users may not be able to configure the scan schedule for the Messaging Security Agent (MSA) through the Worry-Free Business Security console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 4266] This patch ensures that users can set the scan schedule for MSAs through the Worry-Free Business Security console. Issue 4: The status of the integrated Smart Scan Server cannot be displayed on the Worry-Free Business Security server console if the corresponding path name contains a space. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 4267] This patch ensures that the Worry-Free Business Security server console displays the correct Smart Scan Server status. Issue 5: Users might experience system and application issues when enabling the "Enabled document protection against unauthorized or modification" feature. These issues include high CPU usage consumption and errors when editing files using standard or normal applications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hotfix 4270] This patch ensures that the CPU usage remain within normal levels and that application operations run smoothly. Issue 6: Users may encounter errors while editing files using standard and normal applications when both the "Enabled document protection against unauthorized or modification" and "Auto backup files changed by suspicious programs" features are enabled. For example, users may not be able to open Microsoft Excel(TM) macro files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hotfix 4271] This patch ensures that application operations work normally when both features are enabled on protected computers. Issue 7: Users may encounter "Unknown Software Exception" issue while installing the Trend Micro Security Agent on Windows 8 or Windows 10 platform. When this happens, the Trend Micro Security Agent Listener service stops and restarts unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Hotfix 4282] This patch ensures that Trend Micro Security Agent Listener service works normally without encountering "Unknown Software Exception" issue. Issue 8: After manually installing the Remote Manager Agent, users may find duplicate Worry-Free Business Security node entries on the Trend Micro Remote Manager console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [RMAgent 3.5 Hotfix 1068] This patch removes and prevents duplicate Worry-Free Business Security node entries in the Trend Micro Remote Manager console. 3. Documentation Set ======================================================================= To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 4. System Requirements ======================================================================= Install this Patch only on computers protected by Worry-Free Business Security 9.0 Service Pack 3. Size of Deployment Package for Security Agent ----------------------------------- 32-bit operating systems = 33.4 MB 64-bit operating systems = 44.9 MB 5. Installation ======================================================================= This section explains key steps for installing this patch. 5.1 Installing ==================================================================== To install: 1. Copy the patch executable file to a temporary folder on the Security Server computer, for example, "C:\temp". 2. Double-click the file. All patch modules are automatically copied to the correct destination. After the time stamps on the Security Server files change, the Security Server will automatically notify Security Agents to download the updated files. This Patch installation package automatically rolls back the Security Server if it encounters problems during installation. If you encounter problems after installation, manually roll back the Security Server and Security Agents to their original configuration. 5.2 Uninstalling ==================================================================== To manually roll back to the previous build: 1. Locate the backup folder that the patch package created in the "\PCCSRV\Backup\Patch_1_B4284" directory. 2. Copy any file that you want to roll back to the correct folder. 3. Run the "TmTouch.exe" tool to trigger the critical patch mechanism. To run "TmTouch.exe": a. Open a command prompt on the server. b. At the command prompt, browse to "PCCSRV\admin\utility\touch". c. Use the following syntax to run the touch tool: TmTouch.exe {filename} Note: {filename} is the file that you want to roll back. "TmTouch.exe" changes the file creation date to the current system time. 6. Post-installation Configuration ======================================================================= After installing this patch, clear the Microsoft Internet Explorer(TM) browser cache before accessing the Security Server web console. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ======================================================================= There are no known issues in this release. 8. Release History ======================================================================= For more information about updates to this product, go to: http://www.trendmicro.com/download 9. Files Included in this Release ======================================================================= Security Server Filename Last write date Build No. -------------------------------------------------------------------- BMdriver_x32_2-974-1135.zip 09/12/2016 BMdriver_x64_2-974-1135.zip 09/12/2016 bmservice_x32_2-974-1135.zip 09/07/2016 bmservice_x64_2-974-1135.zip 09/07/2016 tmufe_32_3-6-1024.zip 09/06/2016 tmufe_64_3-6-1024.zip 09/06/2016 cgiLog.exe 09/08/2016 19.0.0.4287 cgiRecvFile.exe 09/08/2016 19.0.0.4287 CGIResUTF8.dll 09/08/2016 19.0.0.4287 cgiRqINI.exe 09/08/2016 19.0.0.4287 cgiRqSetting.exe 09/08/2016 19.0.0.4287 cgiShowLogs.exe 09/08/2016 19.0.0.4287 cgiShowSummary.exe 09/08/2016 19.0.0.4287 ClnPack.exe 09/08/2016 19.0.0.4287 CmdHLClient.dll 09/08/2016 19.0.0.4287 CmdHOConsole.dll 09/08/2016 19.0.0.4287 CmdHPmc.dll 09/08/2016 19.0.0.4287 DBServer.exe 09/08/2016 19.0.0.4287 isapiClient.dll 09/08/2016 19.0.0.4287 isapiClientX64.dll 09/08/2016 19.0.0.4287 isapiClientX86.dll 09/08/2016 19.0.0.4287 LogCache.dll 09/08/2016 19.0.0.4287 ofcPurgeLog.dll 09/08/2016 19.0.0.4287 OfcService.exe 09/08/2016 19.0.0.4287 SA_Uninstall.exe 09/08/2016 4.1.100.1332 TMRMAgentforWFBS.exe 08/24/2016 3.5.1071 TMNotify.dll 02/01/2016 1.5.0.1038 behavior_monitoring.htm 09/08/2016 behavior_monitoring.xml 05/26/2016 common.js 07/19/2016 DashboardOSCERansom.htm 09/08/2016 icon_devices_32.png 05/23/2016 icon_ransomware_32.png 05/23/2016 l10n.ransomware.js 08/31/2016 Live_status.css 08/31/2016 live_status.js 08/09/2016 live_status.html 09/08/2016 Log.js 07/29/2016 Log_query.htm 09/08/2016 Maintenance.htm 09/08/2016 Ran_AegisLog_detail.htm 09/08/2016 Ran_VirusLog_detail.htm 09/08/2016 Ran_WRSLog_detail.htm 09/08/2016 RansomwareKey.ini 08/09/2016 resources 09/07/2016 settings.js 11/04/2013 Security Agent Filename Last write date Build No. -------------------------------------------------------------------- CCSF_WIN32.zip 09/08/2016 CCSF_X64.zip 09/08/2016 NTRmv.exe 09/07/2016 19.0.0.4179 NTRtScan.exe 09/07/2016 19.0.0.4179 PccNTMon.exe 09/07/2016 19.0.0.4179 tmactmon.cat 08/04/2016 tmactmon.inf 08/04/2016 tmactmon.sys 09/07/2016 2.974.0.1135 TmAegisSysEvt.dll 09/07/2016 2.974.0.1135 TMBMCLI.dll 09/07/2016 2.974.0.1135 TMBMSRV.exe 09/07/2016 2.974.0.1135 tmcomeng.dll 09/07/2016 2.974.0.1135 tmcomm.cat 08/22/2016 tmcomm.inf 08/22/2016 tmcomm.sys 08/22/2016 6.60.0.1056 TmEngDrv.dll 09/07/2016 2.974.0.1135 tmevtmgr.cat 08/04/2016 tmevtmgr.inf 08/04/2016 tmevtmgr.sys 09/07/2016 2.974.0.1135 TmListen.dll 09/07/2016 19.0.0.4179 TmListen.exe 09/07/2016 19.0.0.4179 TmListen_64x.dll 09/07/2016 19.0.0.4179 TmListenShare.dll 09/07/2016 19.0.0.4179 TmListenShare_64x.dll 09/07/2016 19.0.0.4179 TMNotify.dll 02/01/2016 1.5.0.1038 TmopPlgAdp.dll 08/09/2016 2.0.0.1092 TMPEM.dll 09/07/2016 2.974.0.1135 TMPerfTool.exe 09/07/2016 2.974.0.1135 tmtap.dll 07/03/2015 6.0.0.1074 tmufeng.dll 09/06/2016 3.6.0.1024 tmwlutil.dll 09/07/2016 2.974.0.1135 Upgrade.exe 09/07/2016 19.0.0.4179 11. About Trend Micro ======================================================================= Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2016, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, and Worry-Free are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================= View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide