<<<>>> Trend Micro Incorporated February 27, 2017 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) InterScan(TM) Web Security Virtual Appliance 6.5 Service Pack 2 Critical Patch - Build 1746 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: Trend Micro developed this critical patch as a workaround or solution to a problem reported by customers. As such, this critical patch has received limited testing and has not been certified as an official product update. Consequently, THIS CRITICAL PATCH IS PROVIDED "AS IS". TREND MICRO MAKES NO WARRANTY OR PROMISE ABOUT THE OPERATION OR PERFORMANCE OF THIS CRITICAL PATCH NOR DOES TREND MICRO WARRANT THIS CRITICAL PATCH AS ERROR FREE. TO THE FULLEST EXTENT PERMITTED BY LAW, TREND MICRO DISCLAIMS ALL IMPLIED AND STATUTORY WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. Contents ========================================================== 1. Critical Patch Release Information 1.1 Resolved Known Issues 1.2 Enhancements 1.3 Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 7.1 Prior Hotfixes 8. Contact Information 9. About Trend Micro 10. License Agreement ========================================================== 1. Critical Patch Release Information ====================================================================== This critical patch resolves several issues in InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2. Refer to "Resolved Known Issues" for more information. 1.1 Resolved Known Issues =================================================================== This critical patch resolves the following issue: Issue 1: [Critical Patch 1746] (TT-358909, VRTS-219, VRTS-222, VRTS-224, VRTS-226, VRTS-227) The IWSVA web service process does not validate user permissions and input parameters, leading to Remote Code Execution vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch validates the user permissions and input parameters before applying the user's requested operations in the web service process. Issue 2: [Critical Patch 1746] (TT-353999) The svc monitor is forced to kill the IWSVA http daemon after configuration replication. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This critical patch ensures that the IWSVA http daemon works normally after configuration replication. 1.2 Enhancements =================================================================== There are no enhancements in this critical patch. 1.3 Files Included in this Release =================================================================== A. Files for Current Issue ------------------------------------------------------------------- Filename Build No. ------------------------------------------------------------------- libdaemon.so 1746 svcmonitor 1746 isdelvd 1746 Files for Issue 1 ------------------------------------------------------------------- Filename Build No. ------------------------------------------------------------------- left.jsp 1746 ha_proxy_active_active.jsp 1746 IWSSGui.jar 1746 upload_sample_sizing.jsp 1746 uihelper 1746 beuihelper 1746 cmd_check.json 1746 dw_cluster_setting.jsp 1746 dw_cluster_join.jsp 1746 top.jsp 1746 system_dashboard.jsp 1746 switchRole.jsp 1746 summary_hardware_status.jsp 1746 staticRoutes.jsp 1746 staticRouteEdit.jsp 1746 SSHConfig.jsp 1746 shutdown_progress.jsp 1746 restart_sw_progress.jsp 1746 replication_config.jsp 1746 reboot_progress.jsp 1746 modify_cluster_management.jsp 1746 mgmt_ipConfig.jsp 1746 mail_config_spam.jsp 1746 mail_config_scan.jsp 1746 mail_config_proxy.jsp 1746 http_config_captive_portal.jsp 1746 ha_proxy_active_standby.jsp 1746 data_ipConfig.jsp 1746 config_date_time.jsp 1746 cluster_management_change_weight.jsp 1746 cluster_management.jsp 1746 bandwidth_control_get_status.jsp 1746 admin_patch_mgmt2.jsp 1746 admin_patch_mgmt.jsp 1746 timezone.jsp 1746 ftp_clientip.jsp 1746 access_control_settings.jsp 1746 migration.sh 1746 migration.ini 1746 Files for Issue 2 ------------------------------------------------------------------- Filename Build No. ------------------------------------------------------------------- migration.sh 1746 B. Files for Previous Solutions ------------------------------------------------------------------- Filename Build No. ------------------------------------------------------------------- libdaemon.so 1709 ftp_config_action.jsp 1709 ftp_config_dlp.jsp 1709 ftp_config_exception.jsp 1709 ftp_config_spyware.jsp 1709 libProductLibrary.so 1709 IWSSPIDpi.so 1709 appd 1709 AutoSetupAlchemySettings 1709 northamerica 1709 config_backup_popup.jsp 1709 client.py 1709 urlblocking.jsp 1712 server.xml 1712 IWSSPIUrlFilter.so 1715 dtasagent 1721 IWSSGui.jar 1721 urlf_policy_list.jsp 1721 custom_defense.jsp 1721 support.jsp 1721 support_capture_packet.jsp 1721 support_diagnostic_tool.jsp 1721 support_verbose_log.jsp 1721 upload_sample_sizing.jsp 1721 risk_level.jsp 1721 IWSSPIScanVsapi.so 1721 query_blacklist.py 1721 query_ddi_blacklist.py 1721 S99ISdtasd 1721 test_connection.py 1721 get_sandbox_feedback_blacklists.xml 1721 libicap.so 1726 IWSSGui.jar 1728 libhttpproxy.so 1729 LDAPTest 1730 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ====================================================================== Trend Micro recommends installing IWSVA 6.5 Service Pack 2 Patch 1 Build 1707 before installing this critical patch. 4. Installation ====================================================================== This section explains key steps for installing the critical patch. 4.1 Installing =================================================================== To install: 1. Download the "iwsva_65_sp2_ar64_en_cpb1746.tgz" critical patch file to your local hard disk. 2. Log on to the IWSVA admin console GUI. 3. Go to the "Administration > System Updates" page. 4. Click "Browse". 5. Browse your local hard disk for the "iwsva_65_sp2_ar64_en_cpb1746.tgz" critical patch file and click "Open". 6. Click "Upload". Your browser uploads the critical patch file to IWSVA which validates if the file is a legitimate critical patch. 7. Click "Install" to apply the critical patch and update IWSVA to build 1746. The HTTP and FTP services in IWSVA restart automatically. NOTE: Applying this critical patch interrupts the HTTP and FTP services for several minutes. Plan appropriately for this downtime. 8. Clear the browser cache. 4.2 Uninstalling =================================================================== To roll back to the previous build: 1. Log on to the IWSVA admin console GUI. 2. Go to the "Administration > System Updates" page. 3. Click "Uninstall" next to "cpb1746" and verify the critical patch ID and description in the confirmation page that appears. 4. Click "Uninstall" to remove critical patch 1746 and rollback IWSVA to the previous build. The HTTP and FTP services in IWSVA restart automatically. NOTE: Removing this critical patch interrupts the HTTP and FTP services for several minutes. Plan appropriately for this downtime. 5. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this critical patch release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 7.1 Prior Hotfixes =================================================================== NOTE: Only this hotfix was tested for this release. Prior hotfixes were tested at the time of their release. Hotfix 1710 Issue: [Hotfix 1710] (TT-349268) When HTTPS decryption is enabled, IWSVA cannot load an HTTPS webpage if the HTTP header does not contain a "Content-length" or "Transfer-Encoding" heading. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that users can access HTTPS websites successfully while HTTPS decryption is enabled. Hotfix 1712 Issue: [Hotfix 1712] (TT-348926) Microsoft(TM) Internet Explorer(TM) stops responding when users import the list of blocked URLs to IWSVA and the list has more than 7000 entries. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix updates the parsing algorithm to improve the parsing speed to enable Internet Explorer to handle large blocked URL lists. Hotfix 1714 Issue: [Hotfix 1714] (TT-351297) When a client uploads files to a server through an application server and IWSVA scans the files through ICAP, IWSVA does not allow the acknowledgment traffic (0-byte file) to pass and sends an error code 100 instead. This happens because IWSVA checks the "Encapsulated:" ICAP header only which does not have a "null-body". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix enables IWSVA to check both the "Encapsulated:" ICAP header and the "Content-length" HTTP header so that if the "Content-length" is "0", it will also treat it as a "null-body". This ensures that IWSVA allows the acknowledgment traffic (0-byte file) to pass. Hotfix 1715 Issue: [Hotfix 1715] (TT-351297) IWSVA stops unexpectedly when it calls the strncpy function and the length of the char pointer is "0". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves the issue by enabling IWSVA to check the length of the char pointer before calling the strncpy function. Hotfix 1716 Issue: [Hotfix 1716] (TT-352892) IWSVA cannot save changes to the priority setting of a URL filtering policy if the current policy priority is lower than 2498. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that IWSVA can save changes to the priority setting of a URL filtering policy. Hotfix 1717 Issue: [Hotfix 1717] (TT-352982) The URL filtering feature of IWSVA 6.5 Service Pack 2 may block the wrong domains. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that IWSVA can correctly match URLs with the filtering policy so that it blocks the correct domains. Hotfix 1721 Enhancement: This hotfix integrates the Trend Micro Deep Discovery Inspector and Trend Micro Control Manager(TM) SO acquirement interface into the IWSVA web console. This enables IWSVA to retrieve the SO list from both products, to block SO's on the list including IPs, URLs, domains, and files, and perform Advanced Threat Protection scanning. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure: To enable the feature: a. Open the "intscan.ini" file in the "/etc/iscan" folder. b. Locate or add the "so_integration_enabled" key and set its value to "1". Note: To disable the feature, set "so_integration_enabled=0". c. Save the changes and close the file. d. Refresh the "HTTP > Advanced Threat Protection > Custom Defense > Custom Defense Settings" page. Hotfix 1726 Issue 1: [Hotfix 1726] (TT-350383) After updating to IWSVA Service Pack 2 Build 1707, users may not be able to browse HTTPS websites properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves the issue by ensuring that IWSVA can correctly handle the TCP FIN, so that when this is killed in the webserver, the corresponding HTTP header will keep it alive. Issue 2: [Hotfix 1726] (TT-351297) When a client uploads files to a server through an application server and IWSVA scans the files through ICAP, IWSVA does not allow the acknowledgment traffic (0-byte file) to pass and sends an error code 100 instead. This happens because IWSVA checks the "Encapsulated:" ICAP header only which does not have a "null-body". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix enables IWSVA to check both the "Encapsulated:" ICAP header and the "Content-length" HTTP header so that if the "Content-length" is "0", it will also treat it as a "null-body". This ensures that IWSVA allows the acknowledgment traffic (0-byte file) to pass. Issue 3: [Hotfix 1726] (TT-352011) Websites do not load properly when HTTPS decryption is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix resolves the issue by enabling IWSVA to properly handle zero length data from a webserver, such as in the website "https://www.it.nrw.de". Issue 4: [Hotfix 1726] (TT-352635) the isftpd process triggers a 100% CPU usage issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix adds the isftpd process to the approved list in IWSVA to prevent the high CPU usage issue. Hotfix 1728 Issue: [Hotfix 1728] (TT-352510) An issue may prevent source IWSVA devices from sending chunked data to registered child IWSVA devices. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves the issue by allowing the source IWSVA device to choose between chunked mode or content- length mode response to child IWSVA devices. Hotfix 1729 Issue: [Hotfix 1729] (TT-355847) Dropbox cannot sync in bridge mode after users add "dropbox.com" to the global trusted list. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves the issue by enabling IWSVA to run through the list of global trusted domains before it attempts to connect to websites. Hotfix 1730 Issue 1: [Hotfix 1730] (TT-357017) The LDAP server diagnostic tool returns a "failed" result even when the LDAP server has connected normally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix ensures that the diagnostic tool returns the correct LDAP server connection results. Issue 2: [Hotfix 1730] (TT-355574) HTTPS request authentication may fail when IWSVA is deployed in bridge mode between a client and the upstream proxy and the upstream proxy uses Kerberos authentication. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix ensures that HTTPS request authentication can run successfully under the scenario described above. Critical Patch 1731 Issue 1: [Hotfix 1731] (TT-351773) End users cannot see the shared remote desktop using Skype in Web Cache Communication Protocol (WCCP) mode. This issue occurs because the OpenSSL module sends an alert message when it comes across Skype HTTPS traffic. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix handles this issue to channel Skype HTTPS traffic. Issue 2: [Hotfix 1731] (TT-355725) Non-administrator users are able to go beyond their access permissions and apply administrator operations. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix validates the user's permissions before applying administrator operations in the web service process. Hotfix 1732 Issue: [Hotfix 1732] (TT-357304) In some situations, the InterScan(TM) Web Security Virtual Appliance (IWSVA) FTP daemon may cause high CPU usage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves the high CPU issue for the FTP daemon. Hotfix 1733 Issue 1: [Hotfix 1733] (TT-355470) If the IWSVA user information sync fails from the trust domain of the Global Catalog, even if the user authenticates successfully through Global Catalog, the connection still fails. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves this issue by letting the connection pass when the user authentication is successful, even if the user information sync failed from the Global Catalog. To enable the function: 1. In [/etc/iscan/intscan.ini]: In section of [http], set the value of the key [pass_auth_not_in_ldapcache] to "yes". 2. In [/etc/iscan/intscan.ini]: In section of [LDAP-Setting], set the value of the key [Prefer-sAMA] to "yes". 3. Log on into IWSVA with SSH, and restart http proxy with the follow command: /etc/iscan/S99ISproxy stop;/etc/iscan/S99ISproxy start Hotfix 1735 Issue 1: [Hotfix 1735] (TT-352640) InterScan Web Security Virtual Appliance (IWSVA) cannot tunnel the failed extract file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix ensures IWSVA can tunnel the failed extract file by enabling a hidden key. To enable this function: 1. In [/etc/iscan/intscan.ini]: In the [Scan-configuration] section, set the value of the [failed_extract] key to "pass". If the key [failed_extract] does not exist, add the key. 2. In [/etc/iscan/intscan.ini]: In section of [Scan-configuration], add the value "Failed_Extract_File" to the key [skipSpecificVirus]. 3. Log on to IWSVA with SSH, and restart the HTTP proxy with the follow command: /etc/iscan/S99ISproxy stop;/etc/iscan/ S99ISproxy start Issue 2: [Hotfix 1735] (TT-357285) The "*.co/*" should not match the "*.com:443" value when IWSVA performs URL matching. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix ensures that IWSVA can perform URL matching normally. Issue 3: [Hotfix 1735] (TT-350271) The IWSVA cannot send the correct event time to Control Manager when the system time zone in a daylight. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix ensures IWSVA could not send the correct event time to Control Manager when the system time zone in a daylight. Issue 4: [Hotfix 1735] (TT-357018) In some situations, the InterScan(TM) Web Security Virtual Appliance (IWSVA) may cause a slowness browsing issue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix resolves the slowness browsing issue. Hotfix 1736 Issue 1: [Hotfix 1736] (TT-357135) HTTPS pages will not load when the UA string is Microsoft Internet Explorer 11. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix handles the SSL alert message, which the HTTPS server sends to IWSVA to resolve the decryption issue. Critical Patch 1737 Issue 1: [Critical Patch 1737] (TT-333456) A vulnerability in the InterScan Web Security Virtual Appliance (IWSVA) 6.5 Service Pack 2 program may allow certain irregularly formatted virus in HTTP responses to bypass it. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix removes the vulnerability to enable IWSVA to catch these viruses in HTTP responses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To enable the solution: a. Install this hotfix (see "Installation"). b. Open the "intscan.ini" file in the "/etc/iscan/" folder. c. Locate or add the "scan_trunk_deep" key and set its value to "yes". NOTE: The default value is "no" which disables the solution. d. Save the changes and close the file. e. Restart HTTP daemon with the command: /etc/iscan/S99ISproxy stop;/etc/iscan/S99ISproxy start Hotfix 1738 Issue 1: [Hotfix 1738] (TT-358779) InterScan Web Security Virtual Appliance (IWSVA) still cannot generate the RSA 4096 key certificate for HTTPS decryption. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix ensures that IWSVA can generate the RSA 4096 key certificate for HTTPS decryption by enabling a hidden key. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To enable the solution: 1. In [/etc/iscan/intscan.ini]: In [https-scanning] section of, add the [rsa_length] key and set the value to "4096" 2. Log on into IWSVA with SSH, and restart the HTTP proxy and FTP with the follow command: /etc/iscan/S99ISproxy stop;/etc/iscan/S99ISproxy start /etc/iscan/S99ISftp stop;/etc/iscan/S99ISftp start Critical Patch 1739 Issue 1: [Critical Patch 1739] (TT-358217, 358168, 358215, 358213, 358214, 358216, 358218, 358219, 358208, 358209, 358210, 358211, 358212, 358304, 358412) The IWSVA web service process does not validate user permissions and input parameters, leading to Remote Code Execution vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch validates the user permissions and input parameters before applying the user's requested operations in the web service process. Hotfix 1740 Issue: [Hotfix 1740](TT-357473) IWSVA does not properly handle an abnormal incoming request, which causes a memory exception and crashes the system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix checks the parameter of the incoming request to avoid memory usage exceptions. Hotfix 1741 Issue: [Hotfix 1741](TT-355124) Formatting errors in a user's HTTPS decryption exception list trigger a Java exception which will make the IWSVA web console inaccessible. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix enables IWSVA to handle these format errors to ensure that the access to the IWSVA web console is not interrupted. Critical Patch 1742 Issue 1: [Critical Patch 1742] (TT-358220, 358221, 358413, 358412, 358746, VRTS-16, VRTS-91) The IWSVA web service process does not validate user permissions and input parameters, leading to Remote Code Execution vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch validates the user permissions and input parameters before applying the user's requested operations in the web service process. 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2017, Trend Micro Incorporated. All rights reserved. Trend Micro, InterScan, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide