<> Trend Micro Incorporated October 26, 2016 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) InterScan(TM) Messaging Security Virtual Appliance 9.1 Critical Patch - Build 1625 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents =================================================================== 1. Overview of this Critical Patch Release 1.1 Issues 1.2 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-Installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreements =================================================================== 1. Overview of this Critical Patch Release ====================================================================== This critical patch upgrades the Linux(TM) kernel in InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 to resolve a vulnerability. 1.1 Issues =================================================================== This critical patch resolves the following issue: Issue: A race condition occurs when the Linux kernel's memory subsystem handles copy-on-write (COW) breakage of private read-only memory mappings. An attacker could use this to gain write access to read-only memory mappings. Anyone who has created an unprivileged root account can be vulnerable to this issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This critical patch upgrades the Linux kernel to remove the vulnerability. NOTE: You must restart all IMSVA's as scheduled after applying this critical patch. 1.2 Files Included in this Release =================================================================== A. Files for Current Issues ------------------------------------------------------------------- Files for Issue ------------------------------------------------------------------- Filename Build No. ------------------------------------------------------------------- dracut-004-409.el6_8.2.noarch.rpm 9.1.0.1625 dracut-kernel-004-409.el6_8.2.noarch.rpm 9.1.0.1625 kernel-2.6.32-642.6.2.el6.x86_64.rpm 9.1.0.1625 kernel-firmware-2.6.32-642.6.2.el6.noarch.rpm 9.1.0.1625 B. Files for Previous Issues ------------------------------------------------------------------- Not applicable. 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com. In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining IMSVA. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying IMSVA. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining IMSVA. 3. System Requirements ====================================================================== Trend Micro recommends installing IMSVA 9.1 before installing this critical patch, otherwise, the installation will fail. 4. Installation ====================================================================== This section explains key steps for installing the critical patch. NOTE: You must install this critical patch on all computers running IMSVA 9.1. 4.1 Installing =================================================================== To install: 1. Upload the installation package (.tar.gz) to IMSVA using any tool, for example, winscp. 2. Connect to IMSVA through Secure Shell Interface (SSH) using any tool, for example, putty, and log in using the root user account. 3. Change to the folder where you uploaded the installation package in step 1. 4. Extract the contents of the file using the following command: tar -zxvf imsva_91_en_criticalpatch1625.tar.gz 5. Once the files have been extracted, run the following command to go to the installation directory. cd ./imsva_91_criticalpatch1625 6. Run the "./imssinst" command and follow the screen prompts to complete installation. The following message appears when the system completes the installation: "Installation is complete. The system must be rebooted for this update to take effect." 7. Restart the computer. 4.2 Uninstalling =================================================================== No uninstallation steps are provided. NOTE: Trend Micro does not recommend rolling back the kernel to the previous version. If you encounter issues after installing this critical patch, boot from the previous kernel as a workaround. To boot from the old kernel: 1. Restart the computer. 2. Press any key to access the boot menu. 3. Choose the old kernel. Press "Enter" to start the selected kernel. 5. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2016, Trend Micro Incorporated. All rights reserved. Trend Micro, InterScan, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreements ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide