<<<>>> Trend Micro, Inc. September 26, 2014 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ScanMail(TM) (for Microsoft(TM) Exchange(TM)) 11.0 Patch 2 - Build 1284 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Note: This readme file was current as of the date above. However, all customers are advised to check Trend Micro's Web site for documentation updates at: http://docs.trendmicro.com/ Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro Web site. Register during installation or online at: http://olr.trendmicro.com/ Contents =================================================================== 1. About ScanMail (for Microsoft Exchange) 11.0 1.1 Overview of this Release 1.2 Who Should Install this Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Uninstallation 5.1 Installation Notes 5.2 Installation 5.3 Uninstallation 6. Post-installation Configuration 7. Known Issues 8. Release History 9. Files Included in this Release 10. Contact Information 11. About Trend Micro 12. License Agreement =================================================================== 1. About ScanMail (for Microsoft Exchange) 11.0 ====================================================================== ScanMail protects Exchange Server 2013, Exchange Server 2010, and Exchange Server 2007. Use the ScanMail installation program to quickly install ScanMail to one or more, local or remote, Exchange servers. Once installed, ScanMail can protect your servers in real time against viruses/malware, Trojans, worms, and spyware/grayware. ScanMail sustains business and network integrity by screening out spam messages and messages containing undesirable or unwanted content. ScanMail monitors and protects sensitive information that is travelling across your network. 1.1 Overview of this Release =================================================================== ScanMail (for Microsoft Exchange) 11.0 Patch 2 consolidates all solutions to issues resolved after the release of ScanMail (for Microsoft Exchange) 11.0 GM build. 1.2 Who Should Install this Release =================================================================== You should install this Patch if you are currently running ScanMail (for Microsoft Exchange) 11.0 GM build. 2. What's New ====================================================================== Note: Please install this Patch before completing any procedures in this section (see "Installation"). This Patch addresses the following issues and includes the following enhancements: 2.1 Enhancements =================================================================== ScanMail (for Microsoft Exchange) 11.0 Patch 2 adds the following enhancements: Enhancement 1: [Hot Fix 1252] Spam Prevention Content Scanning Filter - This Patch enables the ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter to take the "Quarantine message to user's spam folder" action for phishing messages when users enable the option on the ScanMail (for Microsoft Exchange) web console. Enhancement 2: [Hot Fix 1252] Customized Tags for Quarantined Email Messages - This Patch enables users to specify the tag which will be added to the subject of messages that are detected as "Spam" or "Phishing" and have been quarantined through the "Quarantine message to user's spam folder" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To customize the tag for quarantined "Spam" or "Phishing" email messages: a. Install this Patch (see "Installation"). b. Open the Registry Editor. c. Locate the following keys and set your preferred value for each: * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: SpamTagOnSubject * Type: REG_SZ * Data value: Tag for Spam message. The default value is "Spam:". * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: PhishingTagOnSubject * Type: REG_SZ * Data value: Tag for Phishing message. The default value is "Phishing:". Note: To disable this feature, remove the value of the keys above or delete the keys. Enhancement 3: Customized Tags for Quarantined Email Messages - ScanMail (for Microsoft Exchange) 11.0 adds the hard-coded "Suspicious URL:" tag to the subject of messages that contain suspicious URLs and that were quarantined through the "Quarantine message to user's spam folder" action. This Patch allows users to customize the tag for these messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 3: To customize the tag for messages that contain suspicious URLs and that have been quarantined to a user's spam folder: a. Install this Patch (see "Installation"). b. Open the Registry Editor. c. Locate the following key and set its value to the preferred tag: * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: SuspiciousURLTagOnSubject * Type: REG_SZ * Data value: Tag for messages that contain suspicious URLs and that were quarantined to a user's spam folder. The default tag is "Suspicious URL:". d. Restart the ScanMail (for Microsoft Exchange) Master Service. Enhancement 4: Spam Prevention Content Scanning Filter and Web Reputation Filter - This Patch enables ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter and Web Reputation filter to take the "Pass entire message" action when users enable the "tag and deliver" action on the user interface. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To configure the feature: a. Install this Patch (see "Installation"). b. Open the Registry Editor. c. Locate the following key and set the appropriate value: * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: SpamWTPPassAction * Type: REG_DWORD * Data value: "0" = the ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter and Web Reputation filter take the "tag and deliver" action when users choose the "tag and deliver" action on the user interface "1" = the ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter and Web Reputation filter take the "Pass entire message" action when users choose the "tag and deliver" action on the user interface d. Restart the "Microsoft Exchange Transport" services. Note: The new setting will take effect only after the service restarts. Enhancement 5: [Hot Fix 1256] Attachment-blocking Feature - This Patch enables the "Block attachment types or names within compressed files" option of the ScanMail (for Microsoft Exchange) 11.0 attachment-blocking feature to support the ".7z" compressed file type. Enhancement 6: [Hot Fix 1274] Trend Micro Data Loss Prevention(TM) Filter Policy - This Patch enables users to allow the Data Loss Prevention filter policy in ScanMail (for Microsoft Exchange) 11.0 to treat the header, subject, body, and attachment of each email message as one target during transport level scanning. Note: When this option is enabled: - the Data Loss Prevention filter policy supports only actions for entire messages. - the Data Loss Prevention filter policy will not trigger rules for attachment names. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 6: To enable the Data Loss Prevention filter policy to treat the header, subject, body, and attachment of each email message as one target during transport level scanning: a. Install this Patch (see "Installation"). b. Open the Registry Editor. c. Locate the following key and set its value to "1". * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: DlpForEntireEmail * Type: REG_DWORD * Data value: "1" = enables the option "0" = (default) disables the option d. Restart "ScanMail Master" service. Enhancement 7: [Hot Fix 1266] Exchange Intermittent RPC - This Patch resolves a latency issue that affect the Exchange Intermittent RPC when the ScanMail (for Microsoft Exchange) scan results queue is full. This Patch also provides a way to configure the maximum size of the scan queue. The default maximum size of the scan result queue is 51200 bytes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 7: To change the maximum size of the scan results queue: a. Install this Patch (see "Installation"). b. Open Registry Editor (regedit.exe). c. Locate the following key and set the preferred value: * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: ScanResultQueueSize * Type: REG_DWORD * Data value: (1000 ~ 65535) in bytes Enhancement 8: [Hot Fix 1271] Email Reputation Services - This Patch adds new return code categories to the IP reputation service of Email Reputation Services (ERS) and adjusts the actions that ScanMail (for Microsoft Exchange) 11.0 takes against new return codes based on the recommendations of ERS. Enhancement 9: This Patch allows users to add tags in the subject header of notification email messages. After applying this patch, the subject header of notification email messages will be able to support all tags supported in the body of notification email messages. Enhancement 10:This Patch enables the replacement settings including the replace file name and replace content settings of each scan filter in ScanMail (for Microsoft Exchange) 11.0 to support the [Server Name], [Date], and [Time] tags. 2.2 Resolved Known Issues =================================================================== ScanMail (for Microsoft Exchange) 11.0 Patch 2 resolves the following issues: Issue 1: When users run manual or scheduled scan engine and pattern file updates, ScanMail (for Microsoft Exchange) 11.0 downloads unnecessary engine and pattern file updates even when the corresponding engine or pattern is up-to-date. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Patch ensures that manual and scheduled updates do not download engine and pattern files unnecessarily. Issue 2: ScanMail (for Microsoft Exchange) 11.0 does not send samples of some special messages to the Trend Micro Deep Discovery Advisor server for analysis. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hot Fix 1243] This Patch enables ScanMail (for Microsoft Exchange) 11.0 to send samples of special messages to the Deep Discovery Advisor server for analysis. Note: The Exchange Replay Directory must be enabled before Deep Discovery Advisor integration. Refer to "Post-installation Configuration" for the steps to check if the Exchange Replay Directory is enabled and the steps for enabling it if it is currently disabled. Issue 3: ScanMail (for Microsoft Exchange) 11.0 cannot send out notification email messages that contain invalid characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hot Fix 1255] This Patch enables ScanMail (for Microsoft Exchange) 11.0 to remove invalid characters from the body of notification email messages to ensure that it can send out these notifications successfully. Issue 4: ScanMail (for Microsoft Exchange) 11.0 manual scans do not scan deleted items by default and requires users to configure a hidden key to scan deleted items. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Patch enables users to configure ScanMail (for Microsoft Exchange) 11.0 to scan deleted files during manual scans by default. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To configure ScanMail (for Microsoft Exchange) 11.0 to scan deleted files during manual scans by default: a. Install this Patch (see "Installation"). b. Open the Registry Editor. c. Locate the following key and set its value to "0": * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: SkipScanDeletedRecoverableFolder * Type: REG_DWORD * Data value: "0" = the ScanMail (for Microsoft Exchange) manual scans scan deleted items "1" = the ScanMail (for Microsoft Exchange) manual scans do not scan deleted items Issue 5: Sometimes, the ScanMail (for Microsoft Exchange) 11.0 Email Reputation feature returns incorrect error codes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Patch enables the ScanMail (for Microsoft Exchange) 11.0 Email Reputation feature to return the correct error codes. Issue 6: The list of approved and blocked senders on the "Spam Prevention > Content Scanning" page of the ScanMail (for Microsoft Exchange) 11.0 web console, do not accept addresses that contain wildcard(*) characters, for example, "trendmicro.*". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hot Fix 1258] This Patch enables the approved and blocked senders lists to support email messages that contain wildcard (*)characters. Issue 7: Sometimes, a Control Manager server sends out unexpected notifications because it receives the wrong event logs from ScanMail (for Microsoft Exchange) 11.0. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This Patch ensures that ScanMail (for Microsoft Exchange) 11.0 always sends the correct event logs to the Control Manager server. This can help prevent Control Manager from sending out unexpected notifications for ScanMail (for Microsoft Exchange) 11.0. Issue 8: It may take a long time for ActiveUpdate tasks to complete while ScanMail (for Microsoft Exchange) 11.0 receives and scans a large number of messages. When this happens, some messages may pile up in the Exchange Server queue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [Hot Fix 1260] This Patch improves the performance of ScanMail (for Microsoft Exchange) 11.0 in handling a large number of messages to ensure that ActiveUpdate tasks run normally and that messages do not pile up in the Exchange Server queue. Issue 9: Opaque-signed email messages may become corrupted after passing through the ScanMail (for Microsoft Exchange) 11.0 Spam Prevention filter. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: [Hot Fix 1262] This Patch resolves the issue by enabling ScanMail (for Microsoft Exchange) 11.0 to add a necessary CRLF character to opaque-signed email messages that pass through the Spam Prevention filter. Issue 10: A memory issue in the CMAgent module can cause the "SMEX_CmAgentHost.exe" process to stop unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This Patch updates the CMAgent module to resolve the memory issue and prevent it from triggering the "SMEX_CmAgentHost.exe" process to stop unexpectedly. Issue 11: When the "Specific databases" option is selected for a scheduled scan task and this task is replicated to another server, the option is automatically unselected in the new scheduled scan task. This leaves the database selection field empty, however, instead of preventing the new task from scanning any database, this triggers the task to scan all Exchange databases in the server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: [Hot Fix 1263] This Patch ensures that when the database selection field of a scheduled scan task is empty, the task does not scan any database on the server. Issue 12: The EUQ Monitor Services stop unexpectedly when the name of the MAPI rules table is set to "NULL". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: [Hot Fix 1264] This Patch enables the EUQ Monitor Services to work normally under this scenario. Issue 13: After Trend Micro Control Manager(TM) deploys updates to ScanMail (for Microsoft Exchange) 11.0, ScanMail always updates files from the Control Manager ActiveUpdate server when users run manual updates on the ScanMail console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: [Hot Fix 1265] This Patch ensures that ScanMail (for Microsoft Exchange) 11.0 does not change its "Download Source" configuration after Control Manager deploys updates to ScanMail. Note: You need to reset the "Download Source" configuration after installing this Patch. To do this, go to "Updates > Download Source". Issue 14: The "ScanMail_Master" service stops unexpectedly due to a memory access violation when it scans some email HTML entity. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: [Hot Fix 1270] This Patch resolves the memory access violation issue. Issue 15: By design, ScanMail 11.0 does not retrieve information from the "BCC" field of email messages. As a result, ScanMail cannot send notifications to recipients in the "BCC" field when the "Notify recipient(s)" option is enabled. When ScanMail detects a security risk or content violation during a store level scan, it retrieves the folder name where the issue is found. This may cause recipients in the "BCC" field of email messages to appear in the "To" or "Found in" fields of the corresponding notification messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This Patch enables ScanMail 11.0 to retrieve information from an email message's "BCC" field so it can send notifications to the recipients specified in this field when the "Notify recipient(s)" option is enabled. This Patch also ensures that the recipients in the "BCC" field do not appear in notification messages. Note: Senders may not be able to receive email notifications for messages detected by ScanMail. After applying this Patch, when the "Notify recipient(s)" is enabled on the ScanMail console and a sender sends an email to himself, the sender will not receive the corresponding notification if the message is detected by ScanMail. To work around this issue, enable the "Notify Sender" option for the filter from the ScanMail web console. Issue 16: When ScanMail (for Microsoft Exchange) 11.0 is installed through a remote SQL server in a cluster environment, and it loses its connection to the SQL server, it cannot re-connect to the SQL server after the server status returns to normal. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: [Hot Fix 1272] This Patch enables ScanMail to re-connect to the SQL server under the scenario described above. Issue 17: The ScanMail Attachment Blocking filter cannot detect the true file type of files if compressed in a ".7z" file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: This Patch enables the ScanMail Attachment Blocking filter to detect a file's true file type when it is compressed in a ".7z" file. Issue 18: Users cannot enable the Search & Destroy feature after upgrading to Microsoft Exchange 2013 CU3 or any later version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: This Patch ensures that users can enable the Search & Destroy feature after upgrading to Microsoft Exchange 2013 CU3 or any later version. Issue 19: The ScanMail content filter may not work and may also slow down if its regular expression exceeds the maximum number of nodes defined in the eManager(TM) module. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: This Patch updates the eManager module to help prevent this issue. Issue 20: The environment variable "TZ" in the ScanMail (for Microsoft Exchange) mail queue may prevent the ScanMail (for Microsoft Exchange) Master Service from stopping properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: This patch resolves the issue by enabling ScanMail (for Microsoft Exchange) to handle the "TZ" environment variable correctly. 3. Documentation Set ====================================================================== In addition to this readme.txt, the documentation set for this product includes the following: o Installation Guide (IG) -- Provides product overview, deployment plan, installation steps and basic information intended to help you deploy ScanMail (for Microsoft Exchange) smoothly. o Administrator's Guide (AG) -- Provides post-installation instructions on how to configure the settings to help you get ScanMail (for Microsoft Exchange) "up and running". Also includes instructions on performing other administrative tasks for the day-to-day maintenance of ScanMail (for Microsoft Exchange). o Readme.txt files -- version enhancements, basic installation, known issues, and release history. o Electronic versions of the printed manuals are available at: http://docs.trendmicro.com/ o Online help -- Context-sensitive help screens that provide guidance for performing a task. o TrendEdge is a program for Trend Micro employees, partners, and other interested parties that provides information on unsupported, innovative techniques, tools, and best practices for Trend Micro products. The TrendEdge database contains numerous documents covering a wide range of topics. http://trendedge.trendmicro.com o Knowledge Base -- a searchable database of known product issues, including specific problem-solving and troubleshooting topics. http://esupport.trendmicro.com 4. System Requirements ====================================================================== There are no changes to the system requirements in the ScanMail (for Microsoft Exchange) 11.0 readme file. 5. Installation/Uninstallation ====================================================================== 5.1 Installation Notes =================================================================== - This Patch supports remote and multi-server deployment. - This Patch automatically restarts the following services on both Normal and Cluster Servers: - ScanMail (for Microsoft Exchange) Master Service - ScanMail (for Microsoft Exchange) Remote Configuration Server - ScanMail (for Microsoft Exchange) System Watcher - ScanMail EUQ Monitor - Microsoft Exchange Transport - MOM service - HealthService service - To install or uninstall this Patch, you must have at least local administrator and domain user privileges. - Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro web site. Register during installation or online at: http://olr.trendmicro.com/ 5.2 Installation =================================================================== To install this Patch, run "smex_110_win_en_patch2_b1284.exe" and select "Install". The framework automatically installs the Patch to the appropriate directory, replaces the outdated files, and updates the database. The "Successfully completed" count increases upon the completion of the installation. 5.3 Uninstallation =================================================================== To uninstall this Patch, you can either: - run "smex_110_win_en_patch2_b1284.exe" and select "uninstall"; or - run "uninstall.bat" in the following hot fix folder: {SMEX_HOME}\HotFix\patch2\Uninstall The framework automatically rolls back to the previous build and a confirmation message indicating a successful uninstallation is displayed on the setup screen. 6. Post-installation Configuration ====================================================================== 6.1 To check if the Exchange Replay Directory is enabled or not, run the following cmdlet command to display the current Replay Directory attributes. - For Exchange 2013 Get-TransportService | Format-List Replay* - For Exchange 2007 and Exchange 2010 Get-TransportServer | Format-List Replay* If the "ReplayDirectoryPath" attribute is "NULL", then the Exchange administrator has disabled the Replay Directory in which case the Exchange administrator must enable the Exchange Replay Directory again using the following cmdlet command. - For Exchange 2013 Set-TransportService -ReplayDirectoryPath - For Exchange 2007 and Exchange 2010 Set-TransportServer -ReplayDirectoryPath Please refer to the applicable Microsoft Exchange documents for the cmdlet details. Note: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing this Patch. 7. Known Issues ====================================================================== There are no known issues for this Patch. 8. Release History ====================================================================== - ScanMail (for Microsoft Exchange) 11.0 Patch 1, January 20, 2014 - ScanMail (for Microsoft Exchange) 11.0, May 20, 2013 See the following web site for a more information about updates to this product: http://docs.trendmicro.com/ 8.1 ScanMail (for Microsoft Exchange) 11.0 Patch 1 =================================================================== 8.1.1 Enhancements =================================================================== ScanMail (for Microsoft Exchange) 11.0 Patch 1 provides the following enhancements: Enhancement 1: Data Loss Prevention Filter - A validator has been added in the Data Loss Prevention filter to enable it to detect Taiwan Mega Bank account numbers, except for "00000000000". Enhancement 2: [Hot Fix 1217] Product Information Updates - ScanMail (for Microsoft Exchange) 11.0 now regularly sends product information updates to the BIF server. These updates contain product information from the ScanMail database and Control Manager activation keys and follow the "template.xml" file. Enhancement 3: Scans on Exchange System Email Notifications - Users can now configure ScanMail (for Microsoft Exchange) 11.0 to scan Exchange system email notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 3: To configure this feature: a. Open the Registry Editor. b. Locate the following key and set the appropriate value: * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: SkipScanSystemEmail * Type: REG_DWORD * Data value: "0" = ScanMail (for Microsoft Exchange) 11.0 scans Exchange system email notifications "1" = ScanMail (for Microsoft Exchange) 11.0 does not scan Exchange system email notifications c. Restart the "Microsoft Exchange Transport" services. Notes: - The new setting will take effect only after the service restarts. - This feature is available only when Exchange is in transport level and not when it is in store level. - This feature works on Exchange 2007 and Exchange 2010 only. Enhancement 4: Spam Prevention Content Scanning Filter and Web Reputation Filter - This Patch enables ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter and Web Reputation filter to take the "Pass entire message" action when users enable the "tag and deliver" action on the user interface. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To configure the feature: a. Open the Registry Editor. b. Locate the following key and set the appropriate value: * Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion * Key: SpamWTPPassAction * Type: REG_DWORD * Data value: "0" = the ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter and Web Reputation filter take the "tag and deliver" action when users choose the "tag and deliver" action on the user interface "1" = the ScanMail (for Microsoft Exchange) Spam Prevention Content Scanning filter and Web Reputation filter take the "Pass entire message" action when users choose the "tag and deliver" action on the user interface c. Restart the "Microsoft Exchange Transport" services. Note: The new setting will take effect only after the service restarts. Enhancement 5: Media File Type Recognition - ScanMail (for Microsoft Exchange) 11.0 can now detect Microsoft Office(TM) Visio(TM) 2013 and Macromedia(R) Flash(TM) media file types. 2.2 Resolved Known Issues =================================================================== ScanMail (for Microsoft Exchange) 11 Patch 1 resolves the following issues: Issue 1: The "hookCommon.dll" may cause the Microsoft Exchange Information Store service (store.exe) or the ScanMail (for Microsoft Exchange) 11.0 Master Service to stop unexpectedly when the size of the memory map file is not set correctly in ScanMail (for Microsoft Exchange) 11.0. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Critical Patch 1] The size of the memory map file is now set to the correct value in ScanMail (for Microsoft Exchange) 11.0. Issue 2: When ScanMail (for Microsoft Exchange) 11.0 attaches files classified as advanced persistent threats (APT) to notification email messages with Korean characters in the corresponding subject header and sends these to the Trend Micro Deep Discovery Advisor server, these files do not appear in the Deep Discovery Advisor server console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hot Fix 1200] The Deep Discovery Agent server can now receive the email messages and display the APTs in the Deep Discovery Advisor console. Issue 3: ScanMail (for Microsoft Exchange) 11.0 always displays an "Invalid date range and format" warning message while processing queries on computers that use the "dd.MM.yyyy." time format. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hot Fix 1220] ScanMail (for Microsoft Exchange) 11.0 can now parse special date formats such as "dd.MM.yyyy." which ensures that it can properly process queries on computers that use these time formats. Issue 4: An issue with the TMNotify module prevents the SNMP server from parsing the OID of SNMP messages that ScanMail (for Microsoft Exchange) 11.0 sends out using TMNotify. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hot Fix 1224] TMNotify has been updated to resolve the issue and ensure that the SNMP server can successfully parse the OID of SNMP messages from ScanMail (for Microsoft Exchange) 11.0. Issue 5: A high CPU usage issue occurs when the third-party module "dtSearch" stops unexpectedly while attempting to extract the contents of some specific PDF files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hot Fix 1225] The "dtSearch" third-party module has been updated to enable it to successfully extract the contents of PDF files. Issue 6: When the domain DNS name is different from the domain NetBIOS name and users log on to the ScanMail (for Microsoft Exchange) 11.0 web console using domain credentials, they will not be able to use the ScanMail (for Microsoft Exchange) 11.0 server management feature in the current log on session. When users activate the "Search & Destroy" function using the service account which already resides in the Discovery Management group, ScanMail (for Microsoft Exchange) 11.0 displays the following error message: "The account provided does not reside in the Discovery Management group..." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hot Fix 1227] ScanMail (for Microsoft Exchange) 11.0 now translates the two distinguished names into the same type which enables it to correctly compare, search for, and verify domain accounts. This ensures that users who log on using the correct credentials can access the server management feature and can enable the "Search & Destroy" function successfully. Issue 7: ScanMail (for Microsoft Exchange) 11.0 uses the new Microsoft API to get the "Connection IP Address" for ERS. However, sometimes, it retrieves IP ports that are not supported by ERS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Hot Fix 1237] ScanMail (for Microsoft Exchange) 11.0 now always retrieves the correct "Connection IP Address" information for ERS. Issue 8: Sometimes, a Control Manager server sends out unexpected notifications because it receives the wrong event logs from ScanMail (for Microsoft Exchange) 11.0. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [Hot Fix 1240] ScanMail (for Microsoft Exchange) 11.0 now always sends the correct event logs to the Control Manager server. This helps prevent Control Manager from sending out unexpected notifications. Issue 9: ScanMail (for Microsoft Exchange) 11.0 does not send samples of some special messages to the Deep Discovery Advisor server for analysis. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: [Hot Fix 1243] ScanMail (for Microsoft Exchange) 11.0 now sends samples of special messages to the Deep Discovery Advisor server for analysis. Note: The Exchange Replay Directory must be enabled before Deep Discovery Advisor integration. Refer to "Post-installation Configuration" for the steps to check if the Exchange Replay Directory is enabled and the steps for enabling it if it is currently disabled. Issue 10: If a Security Risk Scan filter backs up an unscannable part of a message, ScanMail (for Microsoft Exchange) 11.0 cannot delete the backup file during log maintenance. Deleting the backup file using the "Backup for security risk scan" option does not work either. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: ScanMail (for Microsoft Exchange) 11.0 can now delete backup files for unscannable parts of email messages while running log maintenance. Issue 11: If the "Allow other servers to download updates from this server" option is enabled in the ScanMail (for Microsoft Exchange) console, ScanMail (for Microsoft Exchange) may still download the latest engine and pattern files during manual and scheduled updates even when both the engine and pattern files are up-to-date. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: ScanMail (for Microsoft Exchange) no longer downloads the engine or pattern file during manual or scheduled updates when the engine or pattern file is already up-to-date. Issue 12: The ScanMail (for Microsoft Exchange) Web Reputation filter may not be able to recognize some URLs that contain non-ASCII characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: The ScanMail (for Microsoft Exchange) Web Reputation filter can now correctly recognize URLs that contain non-ASCII characters. Issue 13: DLP templates imported by Data Loss Prevention that contain characters from the double-byte characters set (DBCS) cannot be displayed correctly in ScanMail (for Microsoft Exchange). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: A BOM header has been added in the DLP template export page to enable Data Loss Prevention to successfully export templates with DBCS characters. This ensures that such templates can be displayed properly in ScanMail (for Microsoft Exchange). 9. Files Included in this Release ====================================================================== Filename Build No. ------------------------------------------------------------------- [SMEX_Root]\ adapterCfgSetting.dll 11.0.0.1284 adapterSMTP.dll 11.0.0.1284 adapterVSAPI25.dll 11.0.0.1284 cfgInstanceCreator.dll 11.0.0.1284 cfgSmexInstanceCreator.dll 11.0.0.1284 cfgSmexSettings.dll 11.0.0.1284 clusRDLL.dll 11.0.0.1284 clusRDLLEx.dll 11.0.0.1284 cmdCfgReplication.dll 11.0.0.1284 cmdEUQHouseKeeping.dll 11.0.0.1284 cmdHookVsapi.dll 11.0.0.1284 cmdQuarantineManager.dll 11.0.0.1284 cmdStorageMaintenance.dll 11.0.0.1284 cmdUpdate.dll 11.0.0.1284 cme_vxe_dll.dll 7.1.0.1082 DBScanner.exe 11.0.0.1284 DlpEngine.dll 7.1.0.1082 DTASAgent.dll 11.0.0.1284 DTASProtocalHandler.dll 11.0.0.1284 dtengine64.dll 7.76.8193.1 E14EUQGetCAS.exe 11.0.0.1284 E14EUQGetMailboxList.exe 11.0.0.1284 ecCMAgentProcessor.dll 11.0.0.1284 em_expression.dll 7.1.0.1082 em_synonym.dll 7.1.0.1082 filterActiveMessageFilter.dll 11.0.0.1284 filterAntiSpam.dll 11.0.0.1284 filterAttachmentBlocking.dll 11.0.0.1284 filterCommon.dll 11.0.0.1284 filterContentDump.dll 11.0.0.1284 filterContentFilter.dll 11.0.0.1284 filterDLP.dll 11.0.0.1284 filterVirusScanning.dll 11.0.0.1284 filterWTP.dll 11.0.0.1284 hookCommon.dll 11.0.0.1284 hookContentProvider.dll 11.0.0.1284 hookE12ComInterop.dll 11.0.0.1284 hookE12TransportAgent.dll 11.0.0.1284 hookE15StoreCppProxy.dll 11.0.0.1284 hookSMTP.dll 11.0.0.1284 hookVsapi.dll 11.0.0.1284 hookVsapiLoader.dll 11.0.0.1284 instCustomActionLoader.dll 11.0.0.1284 instDeferredCustomAction.dll 11.0.0.1284 instDetectClusterType.exe 11.0.0.1284 instImmediateCustomAction.dll 11.0.0.1284 instISDeferredCustomAction.dll 11.0.0.1284 instISDeferredCustomActionStub.dll 11.0.0.1284 instISImmediateCustomAction.dll 11.0.0.1284 instSetupHelper.exe 11.0.0.1284 lnCommanderResultCollector.dll 11.0.0.1284 lnFilterNotification.dll 11.0.0.1284 lnLogSummary.dll 11.0.0.1284 lnRealtimeMonitor.dll 11.0.0.1284 lnScanTaskResultCollector.dll 11.0.0.1284 lnSWOutbreakAnalysis.dll 11.0.0.1284 lnSWServiceMonitor.dll 11.0.0.1284 perfSmexPerfMonMgr.dll 11.0.0.1284 resE12Hook.dll 11.0.0.1284 resSystem.dll 11.0.0.1284 RIFMFCApp.exe 11.0.0.1284 RIFRemoteInstallAgent.exe 11.0.0.1284 RIFResCommonDlg.dll 11.0.0.1284 rnLogStorage.dll 11.0.0.1284 schtskReport.dll 11.0.0.1284 schtskScheduleDownload.dll 11.0.0.1284 schtskScheduleScan.dll 11.0.0.1284 schtskStorageMaintenance.dll 11.0.0.1284 schtskWtcSendLog.dll 11.0.0.1284 scmSmexScanMediator.dll 11.0.0.1284 servCCR.dll 11.0.0.1284 servCfgReplicationController.dll 11.0.0.1284 servClusterProcessor.dll 11.0.0.1284 servCMAgentOPP.dll 11.0.0.1284 servCmAgentProductLibrary.dll 11.0.0.1284 servCommander.dll 11.0.0.1284 servConfigurationController.dll 11.0.0.1284 servDTAS.dll 11.0.0.1284 servExternalController.dll 11.0.0.1284 servLogger.dll 11.0.0.1284 servPolicyController.dll 11.0.0.1284 servPR.dll 11.0.0.1284 servReport.dll 11.0.0.1284 servRoleProcess.dll 11.0.0.1284 servScanExclusion.dll 11.0.0.1284 servScanProcessor.dll 11.0.0.1284 servScheduler.dll 11.0.0.1284 servSearchDestroy.dll 11.0.0.1284 servSearchDestroyActivation.dll 11.0.0.1284 servSmartScanProvider.dll 11.0.0.1284 servUILogicComposer.dll 11.0.0.1284 servWebUIProcessor.dll 11.0.0.1284 SetupLauncher.exe 11.0.0.1284 SMEX_CmAgentHost.exe 11.0.0.1284 SMEX_Master.exe 11.0.0.1284 SMEX_RemoteConfig.exe 11.0.0.1284 SMEX_SystemWatcher.exe 11.0.0.1284 SMEX70Install.dll 11.0.0.1284 svcGenericHost.exe 11.0.0.1284 swExchangeMonitor.dll 11.0.0.1284 swServConfiguration.dll 11.0.0.1284 swServiceMonitor.dll 11.0.0.1284 toolChangeRemoteDBPWD.exe 11.0.0.1284 toolManualUpdate.exe 11.0.0.1284 toolVeritasDBManager.exe 11.0.0.1284 TmMsg.dll 2.0.1.1312 TMNotify.dll 1.5.0.1025 trend_smex_v2.mib N/A uiLogicServerManagement.dll 11.0.0.1284 uiLogicUpdate.dll 11.0.0.1284 uiWebActiveUpdate.dll 11.0.0.1284 uiWebAdministration.dll 11.0.0.1284 uiWebAlert.dll 11.0.0.1284 uiWebDTASSetting.dll 11.0.0.1284 uiWebLog.dll 11.0.0.1284 uiWebManualScan.dll 11.0.0.1284 uiWebRealtimeMonitor.dll 11.0.0.1284 uiWebRealtimeScan.dll 11.0.0.1284 uiWebReporting.dll 11.0.0.1284 uiWebScheduleScan.dll 11.0.0.1284 uiWebSearchDestroy.dll 11.0.0.1284 uiWebServerManagement.dll 11.0.0.1284 uiWebService.dll 11.0.0.1284 uiWebSessionManager.dll 11.0.0.1284 uiWebSummary.dll 11.0.0.1284 utilAccessCheck.dll 11.0.0.1284 utilAccessControl.dll 11.0.0.1284 utilADExchange.dll 11.0.0.1284 utilAMF.dll 11.0.0.1284 utilAuditLog.dll 11.0.0.1284 utilccrreplication.dll 11.0.0.1284 utilChangeNotification.dll 11.0.0.1284 utilChartGenerator.dll 11.0.0.1284 utilChartGeneratorImpl.exe 11.0.0.1284 utilCluster.dll 11.0.0.1284 utilCmAgentCommon.dll 11.0.0.1284 utilCmAgentConfigReplication.dll 11.0.0.1284 utilCMAgentSMCFKeywordConv.dll 11.0.0.1284 utilCmConnectionTest.exe 11.0.0.1284 utilCmdletWrapper.dll 11.0.0.1284 utilCommand.dll 11.0.0.1284 utilCommon.dll 11.0.0.1284 utilConfigFileComparer.dll 11.0.0.1284 utilConfiguration.dll 11.0.0.1284 utilConfigurationEx.dll 11.0.0.1284 utilCSharpDebug.dll 11.0.0.1284 utilDataProvider.dll 11.0.0.1284 utilDebug.dll 11.0.0.1284 utilDirectory.dll 11.0.0.1284 utilDllMgr.dll 11.0.0.1284 utilE12HookConfig.dll 11.0.0.1284 utilEndUserSpamSolution.dll 11.0.0.1284 utilEUQActivation.dll 11.0.0.1284 utilExchangeServer.dll 11.0.0.1284 utilExternalControl.dll 11.0.0.1284 utilFilterPolicy.dll 11.0.0.1284 utilGenericDatabase.dll 11.0.0.1284 utilGenericMessage.dll 11.0.0.1284 utilGenericScheduler.dll 11.0.0.1284 utiliCRCHandler.dll 11.0.0.1284 utilImpersonateUser.dll 11.0.0.1284 utilInstSQL2005Expr.dll 11.0.0.1284 utilIPC.dll 11.0.0.1284 utilL10N.dll 11.0.0.1284 utilLogNotification.dll 11.0.0.1284 utilNetwork.dll 11.0.0.1284 utilNotification.dll 11.0.0.1284 utilNotificationEWS.dll 11.0.0.1284 utilParseDLP.dll 11.0.0.1284 utilPolicy.dll 11.0.0.1284 utilPR.dll 11.0.0.1284 utilReport.dll 11.0.0.1284 utilRPC.dll 11.0.0.1284 utilScanMediator.dll 11.0.0.1284 utilSchemaManager.dll 11.0.0.1284 utilSecurity.dll 11.0.0.1284 utilServerManagementActivation.dll 11.0.0.1284 utilShareResource.dll 11.0.0.1284 utilSmexAccessCheck2.dll 11.0.0.1284 utilSMEXRoutineStub.dll 11.0.0.1284 utilSmtpEventSink.dll 11.0.0.1284 utilSSO.dll 11.0.0.1284 utilSystem.dll 11.0.0.1284 utilThread.dll 11.0.0.1284 utilTMASEWrapper.dll 11.0.0.1284 utilTMEMWrapper.dll 11.0.0.1284 utilTMSSWrapper.dll 11.0.0.1284 utilTMVSWrapper.dll 11.0.0.1284 utilUpdate.dll 11.0.0.1284 utilUpgrade.dll 11.0.0.1284 utilVirtualServerUtil.dll 11.0.0.1284 utilWebServer.dll 11.0.0.1284 utilWebUI.dll 11.0.0.1284 utilWindowsEvent.dll 11.0.0.1284 utilWTC.dll 11.0.0.1284 utilWTPWrapper.dll 11.0.0.1284 utilXMLParser.dll 11.0.0.1284 cgiCmdNotify.exe 5.0.0.2138 En_BlobConvertUtility.dll 5.0.0.2138 En_I18N.dll 5.0.0.2138 En_Utility.dll 5.0.0.2138 SSO_PKIHelper.dll 5.0.0.2138 TrendAprWrapperDll.dll 5.0.0.2138 [SMEX_Root]\engine\Emanager\ em_helpr.dll 7.1.0.1082 emDebug.dll N/A [SMEX_Root]\PSScript\ GetEWSInternalURL.ps1 N/A [SMEX_Root]\EUQ EUQMigrator.exe 11.0.0.1284 EUQMonitor.exe 11.0.0.1284 HouseKeepingTask.dll 11.0.0.1284 instSetupHelper.exe 11.0.0.1284 InstSupport.dll 11.0.0.1284 resSystem.dll 11.0.0.1284 SDDeleteMessage.exe 11.0.0.1284 toolEuqSpamFolderRes.exe 11.0.0.1284 utilAccessCheck.dll 11.0.0.1284 utilAccessControl.dll 11.0.0.1284 utilAuditLog.dll 11.0.0.1284 utilChangeNotification.dll 11.0.0.1284 utilCommon.dll 11.0.0.1284 utilConfigureProfile.dll 11.0.0.1284 utilDebug.dll 11.0.0.1284 utilDirectory.dll 11.0.0.1284 utilDllMgr.dll 11.0.0.1284 utilEndUserSpamSolution.dll 11.0.0.1284 utilEUQTask.dll 11.0.0.1284 utilExchangeRule.dll 11.0.0.1284 utilExchangeServer.dll 11.0.0.1284 utilImpersonateUser.dll 11.0.0.1284 utilInstEUQSetup.dll 11.0.0.1284 utilIPC.dll 11.0.0.1284 utilL10N.dll 11.0.0.1284 utilManipulateMBE2K.dll 11.0.0.1284 utilMapi.dll 11.0.0.1284 utilMapiForm.dll 11.0.0.1284 utilOptions.dll 11.0.0.1284 utilRPC.dll 11.0.0.1284 utilSecurity.dll 11.0.0.1284 utilServerManagementActivation.dll 11.0.0.1284 utilStringLoader.dll 11.0.0.1284 utilSystem.dll 11.0.0.1284 utilThread.dll 11.0.0.1284 utilVirtualServerUtil.dll 11.0.0.1284 utilWebServer.dll 11.0.0.1284 utilWindowsEvent.dll 11.0.0.1284 [SMEX_Root]\web\html\ top.htm N/A [SMEX_Root]\web\html\administration\ Admin_debugger.htm N/A InternalDomain_Setting.htm N/A Spam_Maintenance.htm N/A [SMEX_Root]\web\html\dtas\ Virtual_Analyzer.htm N/A [SMEX_Root]\web\html\reports\ Reporting_Frame.htm N/A [SMEX_Root]\web\html\scan\ Antispam.htm N/A DLP_Expression_Edit.htm N/A DLP_Templates_Export.htm N/A Email_Reputation_Service.htm N/A Manualscan.htm N/A Manualscan_Details.htm N/A [SMEX_Root]\web\html\searchdestroy\ Edit_Task.htm N/A New_Task.htm N/A [SMEX_Root]\web\javascripts\ localization.js N/A OLH_Mapping.js N/A Server_Role_Dependency.js N/A trend-common.js N/A trend-ui.js N/A trend-ui-new.js N/A [SMEX_Root]\web\javascript\L10N\administration Admin_Management.js N/A Maintainer_Management.js N/A [SMEX_Root]\web\javascripts\L10N\dtas\ Virtual_Analyzer.js N/A Virtual_Analyzer_Alert.js N/A [SMEX_Root]\web\javascripts\L10N\scan\ Antispam.js N/A Attachmentblocking_Add_Account.js N/A Attachmentblocking_Edit_Account.js N/A Contentfiltering_Add_Account.js N/A Contentfiltering_Edit_Account.js N/A DLP_Rule_Add.js N/A DLP_Rule_Edit.js N/A [SMEX_Root]\web\online_help\webhelp\ dda_settings_cfg.html N/A smex_bp_dda_prereq.html N/A [SMEX_Root]\web\online_help\webhelp\_wh\ search.js N/A [SMEX_Root]\web\xml\ action_descriptions.xml N/A file_type_table.xml N/A [SMEX_Root]\web\ cgiDispatcher.exe 11.0.0.1284 resSystem.dll 11.0.0.1284 utilAccessCheck.dll 11.0.0.1284 utilAccessControl.dll 11.0.0.1284 utilCommon.dll 11.0.0.1284 utilDebug.dll 11.0.0.1284 utilDllMgr.dll 11.0.0.1284 utilIPC.dll 11.0.0.1284 utilL10N.dll 11.0.0.1284 utilRPC.dll 11.0.0.1284 utilSystem.dll 11.0.0.1284 utilThread.dll 11.0.0.1284 cgiCmdNotify.exe 5.0.0.2138 En_BlobConvertUtility.dll 5.0.0.2138 En_I18N.dll 5.0.0.2138 En_Utility.dll 5.0.0.2138 SSO_PKIHelper.dll 5.0.0.2138 TrendAprWrapperDll.dll 5.0.0.2138 10. Contact Information ====================================================================== A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees. You can contact Trend Micro via fax, phone, and email, or visit us at: http://www.trendmicro.com Evaluation copies of Trend Micro products can be downloaded from our web site. Global Mailing Address/Telephone numbers ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ For global contact information in the Asia/Pacific region, Australia and New Zealand, Europe, Latin America, and Canada, refer to: http://www.trendmicro.com/en/about/overview.htm The Trend Micro "About Us" screen displays. Click the appropriate link in the "Contact Us" section of the screen. Note: This information is subject to change without notice. 11. About Trend Micro ====================================================================== Trend Micro Incorporated, a global leader in Internet content security and threat management, aims to create a world safe for the exchange of digital information for businesses and consumers. A pioneer in server-based antivirus with over 20 years experience, we deliver top-ranked security that fits our customers' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the Trend Micro Smart Protection Network(TM) infrastructure, our industry-leading cloud-computing security technology and products stop threats where they emerge, on the Internet, and are supported by 1,000+ threat intelligence experts around the globe. For additional information, visit www.trendmicro.com. Copyright 2014, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, Smart Protection Network, ScanMail, Control Manager, eManager, and Data Loss Prevention are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ====================================================================== Information about your license agreement with Trend Micro can be viewed at: http://us.trendmicro.com/us/about/company/user_license_agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Getting Started Guide or Administrator's Guide