<> Trend Micro Incorporated April 14, 2017 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) OfficeScan(TM) 11.0 Patch 1 Critical Patch - Server Build 6325 and Agent Module Build 6152 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ========================================================== 1. Overview of This Critical Patch Release 1.1 Issues 1.2 Enhancements 1.3 Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ========================================================== 1. Overview of this Critical Patch Release ====================================================================== This critical patch updates the OfficeScan agent program to resolve several vulnerabilities and ensures that encrypted passwords are secure during web console operations. 1.1 Issues =================================================================== This critical patch resolves the following issues: (VRTS-283) Issue 1: When the Web Reputation Service (WRS) of the OfficeScan agent program blocks access to a certain webpage, it displays the "Website blocked by Trend Micro OfficeScan" alert page instead. This alert page may be affected by XSS vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch updates the OfficeScan agent program to resolve the XSS vulnerabilities. (VRTS-393) Issue 2: Encrypted account passwords may leak out during web console operations. Unauthorized users could use the leaked encrypted password to log on to the OfficeScan server console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This critical patch ensures that encrypted passwords are secure during web console operations. 1.2 Enhancements =================================================================== This critical patch provides the following enhancement: (VRTS-615) Enhancement: This critical patch updates the OfficeScan agent program to improve its self-protection mechanism to protect against a local attacker to inject malicious code. 1.3 Files Included in this Release =================================================================== Installation Path and Filename Build Number ------------------------------ ------------ OfficeScan\PCCSRV\Pccnt\ ------------------------------------------------------------------- NTRtScan.exe 12.0.0.6152 OfficeScan\PCCSRV\Pccnt\Common\ ------------------------------------------------------------------- TmListen.exe 12.0.0.6152 fcWofieUI.dll 12.0.0.6152 PccNTMon.exe 12.0.0.6152 NTRmv.exe 12.0.0.6152 OfficeScan\PCCSRV\Pccnt\Win64\X64\ ------------------------------------------------------------------- TmListen.exe 12.0.0.6152 fcWofieUI.dll 12.0.0.6152 PccNTMon.exe 12.0.0.6152 NTRmv.exe 12.0.0.6152 Ntrtscan.exe 12.0.0.6152 OfficeScan\PCCSRV\Web_OSCE\Web_console\CGI\ ------------------------------------------------------------------- cgiAuthManagement.exe 11.0.0.6325 OfficeScan\PCCSRV\Web_OSCE\Web_console\HTML\Auth\ ------------------------------------------------------------------- admin_account_info.htm B. Files for Previous Issues ------------------------------------------------------------------- Not applicable. C. Network Traffic Required for Deployment ------------------------------------------------------------------- Estimated size (in terms of bandwidth) of deployed agent files in this critical patch. - 32-bit agent total = 12.6 MB - 64-bit agent total = 18.4 MB 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ====================================================================== Trend Micro recommends installing OfficeScan 11.0 Service Pack 1 with Patch 1 before installing this critical patch. 4. Installation ====================================================================== This section explains key steps for installing the critical patch. 4.1 Installing =================================================================== To install this critical patch: 1. Copy the critical patch executable file to a temporary folder, for example, "C:\temp". 2. Double-click the file. The modules are automatically copied to the correct destination. This critical patch installation package automatically rolls back the OfficeScan server to its previous configuration if there are problems during installation. If you encounter problems after installation, do a manual rollback. 4.2 Uninstalling =================================================================== To manually roll back to its previous configuration: 1. Locate the backup folder that the Critical Patch package created in the "\PCCSRV\Backup\CriticalPatch_B6325" directory. 2. Stop the OfficeScan Master Service. 3. Copy the backup modules to the original folders. 4. Start the OfficeScan Master Service. 5. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this critical patch release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2017, Trend Micro Incorporated. All rights reserved. Trend Micro, OfficeScan, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide