d. Append ":/tmp" to the value:

NOTE: Removing ":/tmp" removes the restriction. e. Save the changes and close the file. Issue 6: Users can set or add any path for the backup directory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Critical Patch 1519] This patch resolves this vulnerability by restricting the backup directory path to specific paths only. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 6: To set or add the "/tmp" folder for the backup directory: a. Install this patch (see "Installation"). b. Open the "tmsplx.xml" file under the "/opt/TrendMicro/SProtectLinux" folder using a text editor. c. In the "Scan" group of "tmsplx.xml", locate the "SaveToWhiteList" string, the default string is as follows:

d. Append ":/tmp" to the value:

NOTE: Removing ":/tmp" removes the restriction. e. Save the changes and close the file. Issue 7: The ServerProtect for Linux 3.0 web console is affected by a CSRF vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Critical Patch 1531] This patch resolves the CSRF vulnerability by adding a secure random token for the web console. Issue 8: Some feedback data are generated in duplicate. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [Critical Patch 1536] This patch removes the duplicate feedback data. Issue 9: The "Entity" process may trigger a high CPU usage issue when users attempt to view Virus, Spyware, Scan, or System logs on the web console and it encounters an unexpected string in any of the logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: [Hotfix 1540] This patch resolves the issue by adding a mechanism to handle unexpected strings and help ensure that the "Entity" process runs normally. Issue 10: The TLS 1.0 protocol used in the web console is affected by the weak CBC-Mode vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: [Critical Patch 1541] This patch resolves the issue by disabling TLS 1.0 in the web console by default. NOTE: After applying this patch, if you cannot login to the web console through a browser or Single Sign-On (SSO) to it from Trend Micro Control Manager(TM), upgrade your browser or apply the latest Control Manger patch to enable it to support newer TLS protocols. Issue 11: A potential interoperability issue between the splx service and other services, such as autofs, may trigger the kernel to stop responding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: [Hotfix 1548] This patch resolves the issue by ensuring that the splx service is the last service to start during startup. Issue 12: Sometimes, the ServerProtect for Linux web console shows an update complete message even though the manual update has failed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: [Hotfix 1560] This patch resolves the issue by ensuring that the web console receives the update failed results correctly. Issue 13: The "Logs > Log Directory" page name changes to "Automatic Delete" after users click on the "Save" button. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: [Hotfix 1560]This patch ensures that the page name remains the same after users click on the "Save" button. Issue 14: The "Scan Now" button appears in the log results on the "Logs > Virus Logs" and "Logs > Spyware Logs" pages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: [Hotfix 1560]This patch updates the log display logic of both pages to ensure that the "Scan Now" button does not appear in the log results. Issue 15: SSO does not work after Control Manager 7.0 switches from default mode to multi-session mode. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: [Hotfix 1568] This patch resolves the issue by adding the "Set-Cookie" method in the response header to send the "SessionID" to Control Manager 7.0 in multi-session mode. Issue 16: The memory usage rises unexpectedly during a manual or scheduled scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: [Hotfix 1569] This patch resolves the issue by enabling users to configure a manual or scheduled scan to sleep for a few milliseconds before scanning the next file. This can help reduce the memory usage during scans. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 16: To configure the time interval: a. Install this patch (see "Installation"). b. Open the "tmsplx.xml" file in the "/opt/TrendMicro/SProtectLinux" folder. c. Add the following keys and set each to the preferred value in milliseconds. For example, to set both manual and scheduled scan to sleep for one millisecond between files, set:

NOTE: Trend Micro recommends setting these to "1" and observing the CPU usage. Increase the values as needed. d. Save the changes and close the file. e. Restart the splx service by running the following command: #./service splx restart Issue 17: ServerProtect for Linux cannot apply engine and pattern updates from Control Manager 7.0 because the PatchAgent component cannot be downloaded successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: [Hotfix 1571] This patch resolves the issue by adding the PatchAgent information into the product profile that ServerProtect for Linux sends to Control Manager. This helps ensure that PatchAgent can be downloaded from Control Manager so that engine and pattern updates can be applied successfully. 3. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining ServerProtect for Linux. To access the Online Help, go to http://docs.trendmicro.com - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining ServerProtect for Linux. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get "up and running". - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 4. System Requirements ======================================================================== Install this patch only on computers running ServerProtect for Linux 3.0 or higher versions released before this Patch. NOTE: Refer to the ServerProtect readme file for detailed system requirements for installing the product. 5. Installation ======================================================================== This section explains key steps for installing the patch. Refer to the "Administrator's Guide" (AG) for detailed information. 5.1 Installing ===================================================================== To install: 1. If you have registered or are going to register ServerProtect for Linux to Control Manager, make sure the latest Control Manager patch has been applied. 2. Log on as a root user. 3. Copy "splx_30_lx_en_sp1_patch8.tar.gz" to a working directory such as "/tmp/workdir". 4. Type the following commands: # cd /tmp/workdir # tar zxvf splx_30_lx_en_sp1_patch8.tar.gz # chmod u+x splx_30_lx_en_sp1_patch8.bin #./splx_30_lx_en_sp1_patch8.bin NOTES: - The last command stops the ServerProtect services before installing this patch. - ServerProtect services automatically start after the system completes the installation process. 5.2 Uninstalling ===================================================================== To roll back to the previous ServerProtect for Linux build: 1. Run the following command: #rpm -e splx-3.0-sp1-patch8 NOTE: As the configuration file, "tmsplx.xml", used by Patch 8 may not be compatible with the one used by the previous ServerProtect for Linux release version, the configuration file will be saved as "tmsplx.xml.p8.rpmsave" when you uninstall this patch. ServerProtect for Linux will use the configuration file previously backed up when installing this patch. 2. Manually compare and synchronize the settings between the backed-up configuration file and the configuration file used by Patch 8 to apply the same custom settings to ServerProtect for Linux. NOTE: You can retrieve the ServerProtect for Linux 3.0 RPM information from the "Version.ini" file in the "/opt/TrendMicro/SProtectLinux/" information folder. Refer to Section 7.1 for more information. 6. Post-Installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ======================================================================== Known issues in this release: 7.1 Installation Issue ===================================================================== Patch 8 must remove the previous ServerProtect for Linux 3.0 Patch RPM information from the RPM database to prevent inconsistencies. Due to the limitation of RPM, the previous ServerProtect for Linux 3.0 Patch information could not be restored to the RPM database. Instead, it is stored in "/opt/TrendMicro/SProtectLinux/Version.ini". 7.2 Unable to export logs in Microsoft(TM) Internet Explorer(TM) 9 when accessing the web console using the HTTPS protocol. ===================================================================== To resolve this known issue: 1. On Internet Explorer 9, click the settings icon, or the "Tools" menu, and then click "Internet Options". 2. On the "Advanced" tab, clear the "Do not save encrypted pages to disk" option. 3. Click "OK" to save the settings. 7.3 On Internet Explorer, the progress bar animation does not work while ServerProtect for Linux registers or unregisters from Control Manager. ===================================================================== To resolve this known issue: 1. On Internet Explorer, click the settings icon, or the "Tools" menu, and then click "Internet Options". 2. On the "Advanced" tab, select the "Play animations in webpages" option. 3. Click "OK" to save the settings. 4. Restart Internet Explorer and access the ServerProtect for Linux web console again. 8. Release History ======================================================================== 8.1 Patch 1 ===================================================================== 8.1.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: Internal HTTP Server - The internal HTTP server for ServerProtect has been updated to resolve some security issues. Enhancement 2: KHM Source Code - The KHM source code in the latest KHM packages has been updated. Enhancement 3: Kernel Debug Log - A dynamic enabling feature has been added to the kernel debug log. 8.1.2 Resolved Known Issues ===================================================================== The following known issues are resolved in this release: Issue 1: ServerProtect for Linux does not send event logs to Control Manager if only the engine or spyware pattern is updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Hotfix 1222] ServerProtect for Linux now sends event logs to Control Manager for engine or spyware pattern only updates. This enables Control Manager to send out email notifications for the status of the events, if configured to do so. Issue 2: When ServerProtect for Linux registers to Control Manager using Fully Qualified Domain Name (FQDN), the registration process may fail during the Linux system startup if the network environment is not ready. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 1224] ServerProtect for Linux now attempts to register several times within a specified period of time if the Control Manager registration fails. Issue 3: When stopping ServerProtect for Linux services, ServerProtect for Linux cannot terminate the scheduled scanning process if the real-time scanning function is not working. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 1234] ServerProtect for Linux now stops the scheduled scanning process normally when executing the "/etc/init.d/splx stop" command to stop the ServerProtect for Linux services. Issue 4: Even when the pattern file or scan engine is updated successfully, ServerProtect for Linux may generate a system log "ActiveUpdate not completed" with the reason "ActiveUpdate successfully downloaded the patch files. Patch update is now in progress". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 1241] The "WaitingTime" parameter has been added in the "ActiveUpdate" section of the "tmsplx.xml" file. The default value for the "WaitingTime" parameter is "60" seconds which is adequate for most applications. Users can reconfigure this value as needed. Issue 5: ServerProtect for Linux cannot register to Control Manager if the domain information in "/etc/resolve.conf" is too long. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hotfix 1246] Trend Micro has changed the way ServerProtect retrieves the host machine domain name to resolve the issue. Issue 6: When ServerProtect for Linux performs an update and all components are still up-to-date, the event log displays incorrect information. This prompts Control Manager to send an email notification stating "Update unsuccessful". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hotfix 1247] ServerProtect for Linux now records this update as a successful update; Control Manager notes that there is no update needed and does not send out an "Update unsuccessful" notification. Issue 7: ServerProtect for Linux does not send email notifications when it detects a security risk by manual scan or scheduled scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Hotfix 1250] The "AlertInfectionFoundByMS" hidden key has been added to the "tmsplx.xml" file. When enabled, this key prompts ServerProtect for Linux to send email notifications for a detected security risk after a manual scan or scheduled scan. Issue 8: The PR page displays a grace expiry date that is one month earlier than the real grace expiry date. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: The PR page now displays the correct grace expiry date. Issue 9: The "splxhttpd" service does not stop properly if the process ID of a newly-created "splxhttpd" process is higher than the one created before it. The same issue affects the "entity" process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: ServerProtect for Linux now uses a new method to stop the "splxhttpd" and "entity" processes in the "splxhttpd" and "splxcore" script. This enables ServerProtect for Linux to stop the two processes properly. 8.2 Patch 2 ===================================================================== 8.2.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: KHM Source Code - the KHM source code has been updated. Refer to the following website for more information about the latest KHM source code: http://www.trendmicro.com/download/ kernel.asp?prodid=20 Enhancement 2: ServerProtect for Linux Web Console - The ServerProtect for Linux web console to accept square brackets ("[" and "]"). Enhancement 3: Legacy Pattern Release Files- ServerProtect for Linux can now be configured to use legacy pattern release files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 3: To enable the option: a. Open the "tmsplx.xml" file using a text editor. b. Change the value for "PatternType" to "PATTERN_VSAPI_LEGACY". c. Restart ServerProtect for Linux using the following command: /etc/init.d/splx restart Note: When a higher pattern version is available, the key will take effect only after a successful pattern update. Enhancement 4: Registration Timeout - Users can now set the timeout value when ServerProtect registers to Control Manager. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To set the timeout value: a. Open the "tmsplx.xml" file using a text editor. b. Add the "CMRegistrationTimeout" option under the "Configuration" section and set the value to the timeout duration in seconds.

c. Restart "splx" using the following command: /etc/init.d/splx restart Enhancement 5: KHM now supports the following kernels of Red Hat(TM) 4/5 and SUSE Linux Enterprise 10: Red Hat Enterprise Linux Server/Desktop 4 (i686 and x86_64) - 2.6.9-89.0.20.ELsmp i686 - 2.6.9-89.0.20.EL i686 - 2.6.9-89.0.20.ELsmp x86_64 - 2.6.9-89.0.20.EL x86_64 Red Hat Enterprise Linux Server/Desktop 5 (i686 and x86_64) - 2.6.18-164.11.1.el5PAE i686 - 2.6.18-164.11.1.el5xen i686 - 2.6.18-164.11.1.el5 i686 - 2.6.18-164.11.1.el5 x86_64 - 2.6.18-164.11.1.el5xen x86_64 SUSE Linux Enterprise 10 (Server or Desktop) (i686 and x86_64) - 2.6.16.60-0.59.1-xen i686 - 2.6.16.60-0.59.1-smp i686 - 2.6.16.60-0.59.1-bigsmp i686 - 2.6.16.60-0.59.1-smp x86_64 - 2.6.16.60-0.59.1-xen x86_64 - 2.6.16.60-0.59.1-default x86_64 8.2.2 Resolved Known Issues ===================================================================== The following known issues are resolved in this release: Issue 1: If the debug log is enabled and users start a manual or scheduled update while an update process is running, the following message appears in the debug log: "Find the previous manual/schedule scan." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: The log has been changed to: "Find the previous manual/schedule update." Issue 2: When users register ServerProtect for Linux to Control Manager in text mode and the registration fails, the ActiveUpdate server still changes to "TMCM update server". This prompts ServerProtect for Linux to ask the user to unregister from Control Manager first the next time the user attempts to register to Control Manager in text mode. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This issue has been resolved. Issue 3: When users make changes to the manual scan options, some changes may not take effect when users start a manual scan by clicking "Scan now" from the "Summary" page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This issue has been resolved. 8.3 Patch 3 ===================================================================== 8.3.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: KHM Source Code - The KHM source code has been updated. Refer go to the following website for more information about the latest KHM source code: http://downloadcenter.trendmicro.com/ index.php?clk=tbl&clkval=111®s=NABU&lang_loc =1#undefined Enhancement 2: Users can now set the maximum size of files for scans. This improves the ServerProtect for Linux performance while scanning a large number of compressed files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To configure the option: a. Open "tmsplx.xml" file using a text editor. b. Add the "RealtimeNotScanSize" and "OnDemandNotScanSize" keys under the "Scan" section and set the value to a positive integer in megabytes.

c. Restart the ServerProtect for Linux service. Note: The key does not take effect if the value is set to "0". "RealtimeNotScanSize" is for real-time scans; "OnDemandNotScanSize" is for manual and scheduled scans. Enhancement 3: Users can now prevent ServerProtect from deleting the old "TmuDump.txt" ActiveUpdate log and append new ActiveUpdate logs to the existing log file instead. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 3: To enable the option: a. Open the "tmsplx.xml" file using a text editor. b. Add the "KeepAULog" option under the "ActiveUpdate" section and set its value to "1".

c. Restart the ServerProtect for Linux service. To control the total size of "TmuDump.txt": a. Open the "aucfg.ini" file under the "/opt/TrendMicro/SProtectLinux/" folder using a text editor. b. Add the "log_size" key under the "debug" section of the "aucfg.ini" file and set its value to the size limit in megabytes. For example, to set the size limit of the "TmuDump.txt" file to 1 MB, set: [debug] log_size = 1 c. Save the changes to the "aucfg.ini" file. Enhancement 4: Users can now create a list of approved process names. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To create/edit the list of approved processes: a. Open the "tmsplx.xml" file using a text editor. b. Add the "RealtimeExcludeCommand" key under the "Scan" section and specify the approved processes separating multiple commands using a colon (:). For example:

NOTE: The feature can only take effect after you apply KHM version above 3.0.0.0005. This feature supports only the asterisk (*) and question mark (?) as wild card characters and behaves similarly to the real-time scan exclusion list setting. Enhancement 5: KHM now supports the use of the asterisk (*) and question mark (?) as wild card characters in the "Exclude these locations" and "Exclude the specified files" fields of the real-time scan exclusion list. 8.3.2 Resolved Known Issues ===================================================================== The following known issues are resolved in this release: Issue 1: While establishing an SMTP session with the email server to send email notifications from ServerProtect for Linux, ServerProtect for Linux sends a "HELO" command to the email server before the email server's greeting message arrives. As a result, ServerProtect for Linux treats the greeting message as the email server's response to the "HELO" command. This causes an error that prevents ServerProtect for Linux from establishing the SMTP session and sending out the email notification. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Hotfix 1301] ServerProtect for Linux now sends out email notifications without issues. Issue 2: After applying ServerProtect for Linux 3.0 Service Pack 1 Patch 2, the ServerProtect real-time scan may take an unusually long amount of time to scan compressed files containing a large number of files even when the current real-time scan setting is set to skip most of the files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 1307] An unnecessary delay operation added in Patch 2 has been deleted to resolve the issue. Issue 3: ServerProtect for Linux CDT tools do not collect some important information such as log messages, KHM information and the AU log. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 1310] ServerProtect for Linux CDT tools now collect "/var/log/messages", AU logs, and KHM information. Issue 4: ServerProtect for Linux does not automatically register to Control Manager if Control Manager starts after ServerProtect for Linux. When registration fails, ServerProtect for Linux will not show the registration information that was previously entered on the Web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 1311] An auto-register process has been added in ServerProtect for Linux to resolve this issue. Issue 5: A vulnerability exists in the ServerProtect for Linux 3.0 "splxhttpd" binary file containing OpenSSL 0.9.8i. Remote attackers can exploit this vulnerability and use malformed records in a HTTPS connection with ServerProtect for Linux to cause ServerProtect for Linux to stop unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: The OpenSSL module in "splxhttpd" has been upgraded to resolve this issue. 8.4 Patch 4 ===================================================================== 8.4.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: KHM Source Code - The KHM source code has been updated. Refer to the following website for more information about the latest KHM source code: http://downloadcenter.trendmicro.com/ index.php?clk=tbl&clkval=111®s=NABU&lang_loc =1#undefined Enhancement 2: Apache Server - The Apache server and the OpenSSL module in the Apache server have been updated. 8.4.2 Resolved Known Issues ===================================================================== The following known issues are resolved in this release: Issue 1: ServerProtect for Linux sends the last VSAPI and virus pattern update time to Control Manager in the GMT time zone. This prevents Control Manager from displaying the update time in local time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Hotfix 1318] ServerProtect for Linux now sends Control Manager the last VSAPI and virus pattern update time in local time. Issue 2: During manual scans, ServerProtect for Linux displays "ERROR" and "-1" scanned files on the Web page if the total number of files for scanning has not been updated in a long time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 1321] This issue has been resolved. Issue 3: Under certain conditions, when the ServerProtect for Linux real-time scan detects a virus in a compressed file, the virus/spyware log for the compressed file does not display a virus name and action result. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 1322] The virus/spyware logs now display the correct virus name and action result. Issue 4: Error logs appear in "/var/log/messages" when some hidden keys introduced in Patch 3 are not configured. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 1340] Error logs now appear in "/var/log/messages" only when the debug log level is set to "5". Issue 5: ServerProtect for Linux uses an older version of the VSAPI engine on the Red Hat Enterprise Linux 6 platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: ServerProtect for Linux now uses the latest VSAPI engine for the Red Hat Enterprise Linux 6 platform. 8.5 Patch 5 ===================================================================== 8.5.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: KHM Source Code - KHM source code has been updated to version 3.0.1.0010. Refer to the following website for more information about the latest KHM source code: http://downloadcenter.trendmicro.com/ index.php?clk=tbl&clkval=111®s=NABU&lang_loc =1#undefined Enhancement 2: Apache Server - The Apache server has been upgraded to version 2.2.25, and the OpenSSL module in the Apache server to version 1.0.1e. Enhancement 3: ActiveUpdate Module - The ActiveUpdate (AU) module has been upgraded to version 2.85 and the following three folders: - "/opt/TrendMicro/SProtectLinux/AU_Cache" - "/opt/TrendMicro/SProtectLinux/AU_Temp" - "/opt/TrendMicro/SProtectLinux/AU_Log" have been moved to: - "/opt/TrendMicro/SProtectLinux/AU_Data/AU_Cache" - "/opt/TrendMicro/SProtectLinux/AU_Data/AU_Temp" - "/opt/TrendMicro/SProtectLinux/AU_Data/AU_Log" 8.5.2 Resolved Known Issues ===================================================================== The following known issues are resolved in this release: Issue 1: ServerProtect for Linux sends a notification for an outdated pattern file even when the pattern file is up-to-date. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Hotfix 1358] The way ServerProtect for Linux determines whether a pattern file is up-to-date or not has been enhanced to ensures that ServerProtect for Linux sends out an outdated pattern file notification only when a pattern file is outdated. Issue 2: Users do not receive any notifications after ServerProtect for Linux disables the Real-time Scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 1359] An option has been added to ensure that users receive notifications even after ServerProtect for Linux disables the Real-time Scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: To enable this feature: a. Stop ServerProtect for Linux. b. Open the "tmsplx.xml" file under the "/opt/TrendMicro/SProtectLinux/" folder. c. Locate the "AlertRealtimeScanStatus" key under the "Scan" section and set it to the following:

d. Save the changes and close the "tmsplx.xml" file. e. Start ServerProtect for Linux. Issue 3: When users choose to update multiple components and one or more components, but not all, update successfully, the last update time of all selected components will be updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 1363] Now, only the last update time of successfully updated components are changed in this case. Issue 4: Control Manager does not support the display of any information about the new engine for the Common Internet File System (CIFS) in ServerProtect for Linux. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Critical Patch 1366] Control Manager now displays the necessary information about the new engine for CIFS in ServerProtect for Linux. Issue 5: The warning message that appears during an update to warn users that the product license has expired contains a typographical error. In the message, "perion" was used instead of "period". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hotfix 1371] The typographical error in the notification has been corrected. Issue 6: The cron job setting is not updated with all the rest of the ServerProtect for Linux settings during configuration replication from one computer to another through the Control Manager console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hotfix 1372] The cron job setting is now always updated with the rest of the ServerProtect for Linux settings during configuration replication from one computer to another through the Control Manager console. Issue 7: By default, Scheduled Scan and Manual Scan modify the last access time of files after scans. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Hotfix 1383] An option has been added to prevent Scheduled Scan and Manual Scan from modifying a file's last access time if the file is not infected. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 7: To enable this feature: a. Stop ServerProtect for Linux. b. Open the "tmsplx.xml" file. c. Locate the "DisableAtimeNoChange" key under the "Scan" section and set it to the following:

d. Save the changes and close the file. f. Start ServerProtect for Linux. Issue 8: During a scheduled update, ServerProtect for Linux may use the wrong working directory when it tries to update again. This triggers a "PATCH_ERROR" message in "TmuDump.txt". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: ServerProtect for Linux now always uses the correct working directory during scheduled updates. 8.6 Patch 6 ===================================================================== 8.6.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: Kernel Hooking Module Source Code - KHM source code has been updated to version 3.0.1.0013. Refer to the following website for more information about the latest KHM source code: http://downloadcenter.trendmicro.com/ index.php?clk=tbl&clkval=111®s=NABU&lang_loc =1#undefined Enhancement 2: Apache(TM) Server - The Apache server has been upgraded to version 2.2.29, and the OpenSSL module in the Apache server to version 1.0.1m. Enhancement 3: Common Log Module - The Common Log Module has been upgraded to version 1.1.1.1177 to support leap second. Enhancement 4: World Virus Tracking Program - The World Virus Tracking feature has been removed from ServerProtect for Linux 3.0 because the Trend Micro's World Virus Tracking Center is no longer available. The following configuration items in the tmsplx.xml file are out of date:

Enhancement 5: TMNotify Module - The TMNotify module has been upgraded to version 1.3.0.1075 to use different OID to send SNMP trap messages. The following mib file will be added to ServerProtect for Linux: "/opt/TrendMicro/SProtectLinux/SPLX.MIB" Note: If the SNMP manager uses a version of the mib file that is older than the one specified above, you should replace the old version with the file above. Enhancement 6: License Deployment Feature - The CMAgent SDK has been upgraded to version 5.0.0.2165 to support license deployment from Control Manager. You can now deploy a new Activation Code or renew an existing Activation Code from Control Manager. Enhancement 7: Fixed Web UI Security Vulnerabilities - All the high and medium Web console security vulnerabilities found by Nessus, Acunetix Web Vulnerability Scanner, and IBM Rational AppScan have been fixed. Enhancement 8: HTTP Redirect - HTTP is not a safe protocol. This enhancement enables ServerProtect to switch from HTTP to HTTPS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 8: To enable HTTP access: a. Open the "splxhttpd.conf" file in the "/opt/TrendMicro/SProtectLinux/SPLX.httpd/conf" folder. b. Comment out the four lines. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ #RewriteEngine on #RewriteCond %{HTTPS} !=on #RewriteRule ^(.*)$ https://%{HTTP_HOST}/ [C] #RewriteRule //(.*): https://$1:14943/ [R=301,L] +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ c. Save the changes and close the file. d. Restart the splxhttpd service using the following command： service splxhttpd restart 8.6.2 Resolved Known Issues ===================================================================== The following known issues are resolved in this release: Issue 1: The Java applet component of ServerProtect for Linux 3.0 is blocked after users update the Java Runtime Environment (JRE) module to 7u51. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Critical Patch 1403] The Java applet component of ServerProtect for Linux 3.0 has been rebuilt according to Oracle's notes at the following website: https://blogs.oracle.com/java-platform-group/entry/ new_security_requirements_for_rias. Issue 2: On some platform versions of Linux, the AU module may not be able to merge pattern files or may stop unexpectedly during an update while using up a large amount of CPU resources. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix AU 2.85 1086] A memory management function in RTPatch ("libpatch.so") has been updated to ensure that AU can merge pattern files and perform updates successfully. Issue 3: ServerProtect for Linux 3.0 may not be able to send the correct operating system language information to Control Manager when it is installed on the Red Hat 6 or CentOS 6 platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 1421] ServerProtect for Linux 3.0 now sends the correct operating system information to Control Manager. Issue 4: Sometimes, the "Some errors were found while stopping the splx kernel module." message appears while ServerProtect for Linux 3.0 closes because the ServerProtect script does not wait long enough for the kernel module to finish unloading. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 1425] The ServerProtect script now gives the kernel module more time to unload while ServerProtect for Linux 3.0 closes. This helps prevent the error message from appearing. Issue 5: ServerProtect for Linux 3.0 converts file names in virus logs to "UCS-4" before sending these logs to Control Manager. Sometimes, ServerProtect for Linux 3.0 encounters an exception error while converting file names that are not in "UTF-8" format, which can trigger the process "entity" to stop unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hotfix 1428] ServerProtect for Linux 3.0 can now catch the exception, then convert the file name to "ASCII" and replace non-ASCII characters with question marks. ServerProtect for Linux 3.0 then converts the "ASCII" file name to "UCS-4". Issue 6: Sometimes, ServerProtect for Linux 3.0 cannot open a file during a manual scan or scheduled scan. This triggers an error that can cause the scan to take unusually long time to complete. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hotfix 1431] ServerProtect for Linux 3.0 can now correctly handle the error so that a manual or scheduled scan runs normally when ServerProtect for Linux 3.0 fails to open a file during the scan. Issue 7: ServerProtect for Linux 3.0 does not accept public IP addresses or public domain names, but these appear as examples on the SMTP settings page of the Web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Hotfix 1436] The public IP addresses and public domain names have been deleted from the SMTP settings page. Issue 8: Sometimes, ServerProtect for Linux stops unexpectedly when ServerProtect for Linux tries to erase a cookie or tries to get the string value from the configuration file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This known issue has been resolved. Issue 9: Sometimes, logs may be deleted unexpectedly after users change the log directory even when the logs are not older than the number of days specified in "MaxLogDay"s. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: ServerProtect for Linux now deletes only logs that are older than the number of days specified in "MaxLogDay". Issue 10: Sometimes, if ServerProtect for Linux accesses Control Manager through a secure protocol using a proxy, it may not be able to connect to Control Manager through Single Sign-On (SSO). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: ServerProtect for Linux can now connect to Control Manager through SSO under the scenario above. Issue 11: Sometimes, if the permission for the "SSO_PKI_PublicKey.pem" file generated by ServerProtect for Linux is incorrect, it may not be able to connect to Control Manager through SSO. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: ServerProtect for Linux can now connect to Control Manager through SSO under the scenario above. 8.7 Patch 7 ===================================================================== 8.7.1 Enhancements ===================================================================== The following enhancements are included in this release: Enhancement 1: Kernel Hooking Module Source Code - The Kernel Hooking Module (KHM) source code to version 3.0.1.0016. Refer to the following website for more information about the latest KHM source code: http://downloadcenter.trendmicro.com/ index.php?clk=tbl&clkval=111®s=NABU&lang_loc =1#undefined Enhancement 2: Apache(TM) Server - The Apache server has been updated to version 2.2.31, and the OpenSSL module in the Apache server to version 1.0.2j. Enhancement 3: Control Manager Agent SDK – The CMAgent SDK of 32-bit ServerProtect has been upgraded to version 5.0.0.2188 and the CMAgent SDK of 64-bit ServerProtect to version 5.0.0.2179. Enhancement 4: Web Server Certificate - A new certificate has been generated with SHA 256 signature algorithm. Enhancement 5: Encryption Components - The JAVA Applet Encryption components of the web console has been replaced with the AES 256 encryption algorithm of Crypto-JS. The passwords of the email account, proxy account, and Control Manager registration account will be encrypted using AES 256 encryption algorithm. Enhancement 6: Logon Protection - ServerProtect now automatically locks an account for 30 minutes if the user fails to type the correct logon password five times within 15 minutes. Enhancement 7: Password Management – New passwords must now be a combination of at least three types of the following: uppercase letters, lowercase letters, numbers and special characters. Any of the ten most recent passwords cannot be reused. Enhancement 8: TMNotify Module – The TMNotify module has been updated to version 1.3.0.1077 to ensure that it sends email notifications using the correct time zones. 8.7.2 Resolved Known Issues ===================================================================== This release resolves the following issues: Issue 1: The Linux system stops responding when ServerProtect for Linux 3.0 stops unexpectedly due to deadlock issues in the kernel space. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [Hotfix 1062/1464] The Linux system now runs normally when ServerProtect for Linux 3.0 stops unexpectedly. Issue 2: Sometimes, the strtok function triggers ServerProtect for Linux 3.0 to stop unexpectedly. This occurs because this function is not thread-safe. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [Hotfix 1063/1464] This issue has bee resolved by enabling ServerProtect for Linux 3.0 to switch to a thread-safe function. Issue 3: When the manual scan and scheduled scan processes detect a virus, ServerProtect for Linux sends a Simple Network Management Protocol (SNMP) message with the "tpNormalEvent" type. This is the same message type used for unsuccessful pattern file updates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [Hotfix 1063/1465] ServerProtect for Linux now sends a "tpVirusEvent" message when the manual scan and scheduled scan processes detect a virus, and to send a "tpUpdateEvent" message for unsuccessful pattern file updates. Issue 4: ServerProtect for Linux 3.0 converts file names in virus logs to "UCS-4" before sending these logs to Control Manager. Sometimes, ServerProtect for Linux 3.0 encounters an exception error that can trigger the process "entity" to stop unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: [Hotfix 1063/1466] ServerProtect for Linux 3.0 can now catch the exception. Issue 5: When Real-Time Scan is enabled in ServerProtect for Linux, the operating system (OS) may stop responding when accessing files in a shared folder through a mounted network drive (NFS). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: [Hotfix 1063/1467] The operating system can now access files in a shared folder through a mounted network drive when Real-Time scan is enabled. Issue 6: ServerProtect for Linux 3.0 may not be able to verify the certificate of the AU Server. When this happens, it cannot update pattern and engine files with AU. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: [Hotfix 1478] The AU module has been updated to enable it to verify the certificate of the AU Server successfully. Issue 7: The "viewlog.cgi" file in ServerProtect for Linux 3.0 is affected by an XSS vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: [Critical Patch 1064/1473] The XSS vulnerability has been resolved by adding a checking mechanism to ensure that the data for the HTTP GET/POST method is in the correct format. Issue 8: The "vsapiapp" process of ServerProtect for Linux 3.0 may stop unexpectedly while calling the "pthread_kill" process using a thread that has already exited. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: [Hotfix 1067/1485] The "vsapiapp" process now calls the "pthread_kill" API using an active thread. Issue 9: ServerProtect is affected by CVE-2016-5387: The Apache Server does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server using a crafted proxy header in an HTTP request, aka an "httpoxy" issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: The Apache Server now ignores the "Proxy" HTTP header, because this header is not used in ServerProtect. Issue 10: ServerProtect is affected by CVE-2016-2183: The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data through a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode or a "Sweet32" attack. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: The DES and Triple DES ciphers of the Apache Server have been disabled. 9. Files Included in this Release ======================================================================== --------------------------------------------------------------------- Filename Build No. --------------------------------------------------------------------- For both 32-bit and 64-bit ServerProtect: splx 3.0.1575 splxcore 3.0.1575 splxhttpd 3.0.1575 splx.service 3.0.1575 splxcore.service 3.0.1575 splxhttpd.service 3.0.1575 vsapiapp 3.0.1575 splxmain 3.0.1575 SetTMDefaultExt 3.0.1575 splx_manual_scan 3.0.1575 splx_schedule_scan 3.0.1575 virus_type_finder 3.0.1575 entity 3.0.1575 libi18n.so.1 1.1.1.1177 liblogmgt.so.1 1.1.1.1177 liblogrdr.so.1 1.1.1.1177 liblogshr.so.1 1.1.1.1177 liblogwtr.so.1 1.1.1.1177 liblowlib.so.1 1.1.1.1177 libTMNotifymt.so.1 1.3.0.1078 libsplxcommon.so 3.0.1575 libsplxcxml.so 3.0.1575 libProductLibrary.so 3.0.1575 DiagnosticTool 3.0.1575 CMconfig 3.0.1575 EncryptAgentPassword 3.0.1575 splxcomp 3.0.1575 splxport 3.0.1575 upcfg 3.0.1575 xmlvalidator 3.0.1575 checkBrowser.sh 3.0.1575 splxhttpd.conf 3.0.1575 libapr-1.so.0.6.3 3.0.1575 libaprutil-1.so.0.6.1 3.0.1575 libexpat.so.1.6.7 3.0.1575 splxhttpd 3.0.1575 server.crt 3.0.1575 server.key 3.0.1575 splxmain.8.gz 3.0.1575 tmsplx.xml.5.gz 3.0.1575 cmoption.cgi 3.0.1575 log_management.cgi 3.0.1575 login_and_register.cgi 3.0.1575 notification.cgi 3.0.1575 proption.cgi 3.0.1575 scanoption.cgi 3.0.1575 scanoption_set.cgi 3.0.1575 showpage.cgi 3.0.1575 srv_admin.cgi 3.0.1575 summary.cgi 3.0.1575 tmcm_sso.cgi 3.0.1575 viewlog.cgi 3.0.1575 summary.htm 3.0.1575 Specifying_the_Download_Source.htm 3.0.1575 Alerts.htm 3.0.1575 charset.htm 3.0.1575 Recipients.htm 3.0.1575 cmsettings_no_reg.htm 3.0.1575 cmsettings_reged.htm 3.0.1575 password.htm 3.0.1575 proxy_settings.htm 3.0.1575 proxy_settings_update.htm 3.0.1575 menu_1.htm 3.0.1575 loginpage_registered_splx.htm 3.0.1575 logoff_splx.htm 3.0.1575 backup_directory.htm 3.0.1575 customer_register.htm 3.0.1575 quarantine_directory.htm 3.0.1575 registration.htm 3.0.1575 pr_activate.htm 3.0.1575 pr_activate_rej.htm 3.0.1575 pr_licenseinfo_no_ac.htm 3.0.1575 pr_licenseinfo_full_ac_end.htm 3.0.1575 pr_licenseinfo_full_ac.htm 3.0.1575 pr_licenseinfo_full_ac_progress.htm 3.0.1575 setting_on.htm 3.0.1575 banner.htm 3.0.1575 banner_cm.htm 3.0.1575 password_wrong.htm 3.0.1575 TmCube_Common.js 3.0.1575 client_cfg.js 3.0.1575 calendar.js 3.0.1575 Update_Scheduled.htm 3.0.1575 update_progress.htm 3.0.1575 Update_Manual.htm 3.0.1575 update_fail.htm 3.0.1575 Scheduled.htm 3.0.1575 scan_progress0.htm 3.0.1575 scan_progress2.htm 3.0.1575 scan_progress.htm 3.0.1575 Real-time.htm 3.0.1575 Manual.htm 3.0.1575 Response_success.htm 3.0.1575 virus_logs.htm 3.0.1575 system_logs.htm 3.0.1575 spyware_logs.htm 3.0.1575 scan_logs.htm 3.0.1575 purge_now.htm 3.0.1575 logs_on_disk.htm 3.0.1575 log_directory.htm 3.0.1575 log_directory_response 3.0.1575 exclusion_scheduled.htm 3.0.1575 exclusion_real.htm 3.0.1575 exclusion_manual.htm 3.0.1575 exclusion_manual_response.htm 3.0.1575 exclusion_real_response.htm 3.0.1575 localization.js 3.0.1575 script1.js 3.0.1575 script_splx.js 3.0.1575 Manual.htm 3.0.1575 TMBIF 3.0.1575 SPLX.MIB 3.0.1575 Agent.ini.template 3.0.1575 Product.ini.template 3.0.1575 help 3.0.1575 CryptoJS 3.0.1575 AuPatch 3.0.1551 libpatch.so 3.0.1551 libtmactupdate.so 3.0.1551 cert5.db n/a x500.db n/a SPLX_CM_UI.zip n/a For both 32-bit ServerProtect: cgiCmdNotify 5.0.0.2188 libProductLibrary.so 5.0.0.2188 libEn_Utility.so.1.0.0 5.0.0.2188 libSSO_PKIHelper.so.1.0.0 5.0.0.2188 libTrendAprWrapper.so.1.0.0 5.0.0.2188 libapr-1.so.0.1.1 5.0.0.2188 libcrypto.so.1.0.0 5.0.0.2188 libcurl.so.4.0.0 5.0.0.2188 libssl.so.1.0.0 5.0.0.2188 For 64-bit ServerProtect: cgiCmdNotify 5.0.0.2179 libProductLibrary.so 5.0.0.2179 libEn_Utility.so.1.0.0 5.0.0.2179 libSSO_PKIHelper.so.1.0.0 5.0.0.2179 libTrendAprWrapper.so.1.0.0 5.0.0.2179 libapr-1.so.0.1.1 5.0.0.2179 libcrypto.so.1.0.0 5.0.0.2179 libcurl.so.4.0.0 5.0.0.2179 libssl.so.1.0.0 5.0.0.2179 10. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2018, Trend Micro Incorporated. All rights reserved. Trend Micro, Smart Protection Network, ServerProtect, Control Manager, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide