admin<> Trend Micro Incorporated January 5, 2017 ====================================================================== Trend Micro(TM) Control Manager(TM) 6.0 Hotfix - Build 3444 ====================================================================== NOTICE: Trend Micro developed this hotfix as a workaround or solution to a problem reported by customers. As such, this hotfix has received limited testing and has not been certified as an official product update. Consequently, THIS HOTFIX IS PROVIDED "AS IS". TREND MICRO MAKES NO WARRANTY OR PROMISE ABOUT THE OPERATION OR PERFORMANCE OF THIS HOTFIX NOR DOES TREND MICRO WARRANT THIS HOTFIX AS ERROR FREE. TO THE FULLEST EXTENT PERMITTED BY LAW, TREND MICRO DISCLAIMS ALL IMPLIED AND STATUTORY WARRANTIES, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY, NONINFRINGEMENT AND FITNESS FOR A PARTICULAR PURPOSE. Contents ========================================================== 1. Hotfix Release Information 1.1 Resolved Known Issues 1.2 Enhancements 1.3 Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 7.1 Prior Hotfixes 8. Contact Information 9. About Trend Micro 10. License Agreement ========================================================== 1. Hotfix Release Information ====================================================================== After installing this hotfix, Control Manager adds PML-related engines onto ActiveUpdate (AU). 1.1 Resolved Known Issues =================================================================== This hot fix resolves the following issue: Issue: An authentication bypass issue exists in the Control Manager dashboard. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that requests require authentication in Control Manager. 1.2 Enhancements =================================================================== This hot fix adds the following enhancement: There are no enhancements for this hot fix release. 1.3 Files Included in this Release =================================================================== A. Files for Current Issue ------------------------------------------------------------------- Module Filename Build No. ================ ========= \FileGroup31\ WebUI\WebApp\ WF_SessionCheck.aspx.cs n/a \FileGroup516\ sCloudProcessor.NET.exe 6.0.0.3465 WebUI\WebApp\widget\repository\widgetPool\wp0000\inc\ product_auth.php n/a B. Files for Previous Issues ------------------------------------------------------------------- Module Filename Build No. ================ ========= \FileGroup1\ MSSQL\ sp_WSI_UpdateServerStatus.sql n/a \FileGroup2\ WebUI\WebApp\Administration\ adim_LogMaintainenceItemCtrl.ascx n/a adim_LogMaintainenceItemCtrl.ascx.cs n/a admin_LogMaintainence.aspx n/a admin_LogMaintainence.aspx.cs n/a WebUI\WebApp\Administration\App_LocalResources\ admin_LogMaintainence.aspx.resx n/a WebUI\WebApp\App_Data\ LogMaintainenseCfg.xml n/a WebUI\WebApp\Bin\ LogMaintainenceCfgWrapper.NET.dll 6.0.0.3404 \FileGroup3\ MSSQL\ v_BehaviorMonitor.sql n/a \FileGroup4\ WebUI\WebApp\AdHocQuery\ AdHocQuery_Result.aspx n/a \FileGroup5\ MSSQL\ fn_TMCMWF_PolicyResult.sql n/a sp_Policy_GetPolicyList.sql n/a V_PolicyInfo.sql n/a \FileGroup6\ UI\en\script\ cm_utility.js n/a \FileGroup7\ MSSQL\ sp_RecognizeUserGuid.sql n/a \FileGroup8\ DMServer.exe 6.0.0.3413 \FileGroup9\ WFReporting.NET.dll 6.0.0.3416 \FileGroup10\ MSSQL\ fn_UI_SummaryToExport.sql n/a \FileGroup11\ PolicyDatabaseWrapper.dll 6.0.0.3424 WebUI\cgi-bin\ cgiReverseProxy.dll 6.0.0.3424 WebUI\WebApp\ProductTree\ ProductTree.aspx.cs n/a \FileGroup12\ MSSQL\ fn_RansomwareRuleTable.sql n/a WebUI\WebApp\ProductTree\ ProductTree_SSO_Intermediate.htm n/a \FileGroup13\ WebUI\WebApp\Bin\ ReportFactory.dll 6.0.0.3424 \FileGroup14\ LogForwarder.exe 6.0.0.3427 LogForwarder.exe.config n/a LogForwarder\ events.ini n/a LogForwarder\scripts\ Predictive_Machine_Learning.sql n/a \FileGroup15\ IISCfg.exe 6.0.0.3424 Certificate\ openssl.cnf n/a openssl_ca.bat n/a \FileGroup16\ MSSQL\ fn_DDEI_Report_SuspiciousObjURL.sql n/a \FileGroup17\ WebUI\WebApp\ProductTree\ ProductTree_SSO_Intermediate.htm n/a \FileGroup18\ WebUI\WebApp\App_Code\ CasLogDirectInsertHandler.cs n/a WebUI\WebApp\App_Code\RestfulHandler\ DigitalSignatureController.cs n/a \FileGroup19\ casHandlerChildCMStatus.dll 6.0.0.3436 ccgiEventNotificationSetting.dll 6.0.0.3436 cmdHandlerEventFilter.dll 6.0.0.3436 cmdHandlerOutbreak.dll 6.0.0.3436 cmdHandlerRedAlertNotify.dll 6.0.0.3436 cmdHandlerSpecialVirus.dll 6.0.0.3436 ProcessManager.exe 6.0.0.3436 Schema_60_3431_HF.xml n/a MSSQL\ sp_CasInsertAlertNtfJobList.sql n/a sp_CnC_ContactAlertNotification.sql n/a sp_CnC_ContactOutbreakAlertNotification.sql n/a sp_DDEI_ThreatEmailMessageNotification.sql n/a sp_DDEI_ThreatSentToWatchlistNotification.sql n/a sp_DDI_CorrelatedIncidentsNotification.sql n/a sp_DDI_HighRiskDetectionNotification.sql n/a sp_DDI_KnownAttackDetectionNotification.sql n/a sp_DDI_PotentialExploitFoundNotification.sql n/a sp_DDI_SHA1DenyDetectionNotification.sql n/a sp_DDI_StealthProgramsFoundNotification.sql n/a sp_DDI_WormsVirusPropagationFoundNotification.sql n/a sp_InsertAlertNtfJob.sql n/a sp_NetworkVirusAlertProcessing.sql n/a sp_SecurityLogNotification.sql n/a sp_SpecialSpywareAlertProcessing.sql n/a sp_SpecialVirusAlertProcessing.sql n/a sp_SpywareFurtherActionNotification.sql n/a sp_VirusAlert_1stFailure.sql n/a sp_VirusAlert_1stSuccess.sql n/a sp_VirusAlert_2ndFailure.sql n/a sp_VirusAlert_2ndSuccess.sql n/a sp_VirusOutbreakAlertProcessing.sql n/a sp_WebSecurityNotification.sql n/a \FileGroup20\ ActiveUpdateInfo.xml n/a MSSQL\ fn_UI_GetPatternVersionFormat.sql n/a ProductClass\SLF_PRODUCT_TVCS\ IDMapping.xml n/a StringTable.xml n/a \FileGroup21\ RestfulServiceUtility.NET.dll 6.0.0.3438 Schema_60_3433_HF.xml n/a MSSQL\ fn_CheckUpperBound_Exception.sql n/a fn_IsURLMatchSOWildcardUrl.sql n/a fn_SOGetMatchingWildcardExceptions.sql n/a fn_UI_QueryBlacklistInfo.sql n/a sp_AddNewSODefinition.sql n/a sp_CleanTempTable_ForWhitelistDist.sql n/a sp_DeleteSODefinition.sql n/a sp_GetSOExceptionList.sql n/a sp_GetSOExceptionList_ForWhitelistDist.sql n/a sp_MergeExceptionSO.sql n/a sp_SwitchView_ForWhitelistDist.sql n/a sp_UpdateBlacklist.sql n/a sp_UpdateBlackList_CheckAndPurgeAutoAddedExceptions.sql n/a sp_UpdateBlacklist_ForSoDist.sql n/a sp_UpdateBlackList_HandleSoFromHub.sql n/a sp_UpdateBlackList_MergeWhitelistFromHub.sql n/a sp_UpdateBlackList_RemoveNoLongerMatchingAutoAddedExceptions.sql n/a sp_UpdateBlackList_UpdateVASOAgainstWildcardExceptions.sql n/a stmt_ResetVASOWildcardExceptionRelatedColumns.sql n/a v_ExportBlacklistInfo.sql n/a v_WhitelistForSoDist_New.sql n/a v_WhitelistForSoDist_Old.sql n/a SuspiciousObjectExporter\ SuspiciousObjectExporter.exe 6.0.0.3438 WebUI\WebApp\AdHocQuery\ AdHocQueryExportProcessing.aspx.cs n/a WebUI\WebApp\bin\ RestfulServiceUtility.NET.dll 6.0.0.3438 WebUI\WebApp\html\suspiciousObjects\js\ suspiciousObjectList.js n/a \FileGroup22\ DbAccessWrapper.NET.dll 6.0.0.3438 DDMRestfulServiceUtility.NET.dll 6.0.0.3438 DnDns.dll 6.0.0.3438 IPAddressRange.dll 6.0.0.3438 LogProcessor.exe 6.0.0.3438 WhoIsClient.dll 6.0.0.3438 MSSQL\ sp_DDM_MailDetectionViewDetail.sql n/a sp_DDM_MailDetectionView_SmartSearchV2.sql n/a sp_DDM_QueryCustomizeColumnsSetting.sql n/a sp_DDM_QuerySNAPInfo.sql n/a sp_DDM_WebDetectionView_SmartSearchV2.sql n/a WebUI\WebApp\App_Code\RestfulHandler\DDM\ DDMResourceController.cs n/a WebUI\WebApp\App_Data\DDM\ emaildetectionview.json n/a webdetectionview.json n/a WebUI\WebApp\Bin\ DDMRestfulServiceUtility.NET.dll 6.0.0.3438 WebUI\WebApp\html\DDM\ emaildetectionview2.html n/a ignorerule.html n/a webdetectionview2.html n/a WebUI\WebApp\html\DDM\js\bundle\ edv2.js n/a es5-sham.min.js n/a es5-shim.min.js n/a ignorerule.js n/a vender.bundle.js n/a wdv2.js n/a \FileGroup23\ casHandlerLog.dll 6.0.0.3454 Schema_60_3436_HF.xml n/a WebUI\WebApp\App_Code\ CasLogDirectInsertHandler.cs n/a \FileGroup24\ DMServer.exe 6.0.0.3451 \FileGroup25\ MSSQL\ v_Virus_HTTPFTPDetail.sql n/a v_Virus_MailDetail.sql n/a v_Virus_NetworkDetail.sql n/a \FileGroup26\ MSSQL\ fn_RansomwareRuleTable.sql n/a \FileGroup27\ WebUI\WebApp\Bin\ WebAPICryptographyUtility.NET.dll 6.0.0.3456 \FileGroup28\ LogForwarder.exe.config n/a LogForwarder\scripts\ Predictive_Machine_Learning.sql n/a MSSQL\ v_MachineLearning_Detail.sql n/a \FileGroup29\ ProductClass\SLF_PRODUCT_TVCS\ StringTable.xml n/a WebUI\WebApp\App_Data\ UIMeta.xml n/a \FileGroup30\ ActiveUpdateInfo.xml n/a ProductClass\SLF_PRODUCT_TVCS\ IDMapping.xml n/a StringTable.xml n/a WebUI\WebApp\App_Data\ ActiveUpdateInfo.xml n/a \FileGroup501\ PolicyDatabaseWrapper.dll 6.0.0.3403 WebUI\WebApp\Bin\ PolicyDatabaseWrapper.dll 6.0.0.3403 WebUI\WebApp\widget\repository\widgetPool\wp0000\proxy\modEndpointEncryption\ psRestApi.php n/a \FileGroup502\ WebUI\webApp\AdHocQuery\ AdHocQuery_Processor.aspx.cs n/a WebUI\webApp\App_Code\ sCloudService.cs n/a WebUI\webApp\Bin\ WFReporting.NET.dll 6.0.0.3407 WebUI\webApp\widget\repository\widgetpool\wp0000\widget\modPolicyList\ modPolicyList.css n/a module-min.js n/a module.js n/a WebUI\webApp\widget\repository\widgetpool\wp0000\widget\modPolicyList\lang\ en_US.xml n/a WebUI\webApp\widget\repository\widgetpool\wp0000\widget\modPolicyResultStatus\ modPolicyResultStatus.css n/a module-min.js n/a module.js n/a WebUI\webApp\widget\repository\widgetpool\wp0000\widget\modPolicyResultStatus\lang\ en_US.xml n/a \FileGroup503\ WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comDDIDtasSetting\lang\ en_US.xml n/a \FileGroup504\ stmt_AddCommandSupportForTMEAC.sql n/a TempProfiles\ TMEAC_2.0_1.1_en_US.zip n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\proxy\modTMEAC\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACNgEndpointConnectionStatus\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACNgKPI\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACNgRuleManagement\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACNgTopAggregations\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACTopAppliedPolicies\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACTopUsedApplications\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modACTopViolatingUsers\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetBase\modTMEAC\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMEACConnectionSettings\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMEACGeneralSettings\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMEACLogs\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMEACRules\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMEACUpdateSettings\*.* \FileGroup505\ WebUI\WebApp\Bin\ WFReporting.NET.dll 6.0.0.3416 \FileGroup506\ WebUI\WebApp\App_Code\ sCloudService.cs n/a WebUI\WebApp\Bin\ PolicyDatabaseWrapper.dll 6.0.0.3424 WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modOperationList\ module-min.js n/a module.js n/a \FileGroup507\ WebUI\WebApp\widget\repository\widgetPool\wp0000\proxy\modSCO\Handlers\ HandlerFactory.php n/a \FileGroup508\ WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comOSCEPOS\ component.js n/a component.xml n/a \FileGroup509\ webUI\WebApp\widget\repository\widgetPool\wp0000\proxy\modIMSVA\ imsva.php n/a \FileGroup510\ TempProfiles\ TMSM_3.0_1.0_en_US.zip n/a TMSM_3.0_1.0_fr_FR.zip n/a TMSM_3.0_1.0_ja_JP.zip n/a TMSM_3.0_1.0_zh_CN.zip n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\config\ serverlist.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\proxy\modTMSM\ KPIHelper.php n/a Proxy.php n/a StatusManager.php n/a TMSMDBUtility.php n/a TMSM_Constant.php n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widget\modTMSMKPI\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetBase\modProduct\lang\ en_US.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetBase\modTMSM\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMCSS\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMMSS\ component.js n/a component.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMMSS\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMMSS\lang\ en_US.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMRTSCAN\ component.js n/a component.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMRTSCAN\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMRTSCAN\lang\ en_US.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMSCANEXC\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMSCSCAN\ component.js n/a component.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMSCSCAN\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMSCSCAN\lang\ en_US.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMSM\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMSP\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMUS\ component.js n/a component.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMUS\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMUS\lang\ en_US.xml n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMWTP\help\en_US\*.* WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comTMSMWTP\lang\ en_US.xml n/a \FileGroup511\ WebUI\WebApp\App_Code\ sCloudService.cs n/a \FileGroup512\ sCloudProcessor.NET.exe 6.0.0.3438 \FileGroup513\ WebUI\WebApp\Bin\ WFReporting.NET.dll 6.0.0.3438 WebUI\WebApp\widget\repository\widgetPool\wp0000\proxy\modDDEI\ Proxy.php n/a \FileGroup514\ TempProfiles\ DDAN_5.8_1.0_en_US.zip n/a WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetBase\modProduct\lang\ en_US.xml n/a \FileGroup515\ WebUI\WebApp\widget\repository\widgetPool\wp0000\widgetComponent\comOSCEBMS\ component.js n/a component.xml n/a 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ====================================================================== Trend Micro recommends installing Control Manager 6.0 Service Pack 3 Patch 2 before installing this hotfix. 4. Installation ====================================================================== This section explains key steps for installing the hotfix. 4.1 Installing =================================================================== To install, run "tmcm_60_sp3_patch2_win_en_hfb3444.exe on the " Control Manager server. A confirmation dialog box displays "Installation successful!" after the system completes the installation. 4.2 Uninstalling =================================================================== To roll back to the previous build: 1. Obtain the hotfix backup path information from the registry key: \HKEY_Local_Machine\Software\TrendMicro\TVCS\Hotfix\B3444 \Backup Dir 2. Open the backup folder. For example: C:\Program files\Trend Micro\Control Manager\HotFix\Bxxxx-B3444 3. Double-click "Uninstall.bat". A confirmation dialog box displays "Uninstallation successful!" after the system completes the rollback process. Control Manager 6.0 service packs, patches, and hotfixes can be found on the Trend Micro web site or obtained from a technical support engineer. http://www.trendmicro.com/download/product.asp?productid=7 5. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this hotfix release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 7.1 Prior Hotfixes =================================================================== NOTE: Only this hotfix was tested for this release. Prior hotfixes were tested at the time of their release. Hotfix 3403 Issue 1: Control Manager 6.0 Service Pack 3 Patch 2 does not deploy the APIKey of a registered Deep Discovery Analyzer to the OfficeScan server, if the Deep Discovery Analyzer has registered to Control Manager before upgrading to version 6.0 Service Pack 3 Patch 2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix ensures that Control Manager deploys the APIKey of registered Deep Discovery Analyzers to the OfficeScan server. Issue 2: Endpoint Encryption cannot run the SOAPClient task after the PHP in Control Manager is upgraded to version 5.6 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix ensures that Endpoint Encryption can run the SOAPClient task with PHP 5.6. Hotfix 3404 Enhancement: This hotfix adds the "Log Entries" column in the "Log Maintenance" setting page. This new column displays the total number of logs. Hotfix 3405 Issue: Control Manager generates blank ad hoc query reports when users query the "Detailed Behavior Monitoring Information" for a specific OfficeScan server but do not select all the domains under the server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that Control Manager can generate "Detailed Behavior Monitoring Information" ad hoc query reports for selected domains or all domains under an OfficeScan server. Hotfix 3406 Issue: Garbled characters may appear in the Control Manager web console "Ad Hoc Query" page when users access the page in Chrome and Firefox. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that the "Ad Hoc Query" page displays normally in Chrome and Firefox. Hotfix 3407 Enhancement: This hotfix adds two new columns, "Offline" and "With Issues", in the "Policy Status" widget and "Policy Management" page to display offline agents and agents with other issues separately from other agents with "Pending" status. Hotfix 3408 Enhancement: This hotfix updates the VA setting information for Deep Discovery Inspector 3.8 Service Pack 3 on the Deep Discovery Inspector widget. From: - Isolated network - Specified network To: - No network / Isolated network - Custom network / Specified network Hotfix 3409 Issue: Sometimes, users cannot save changes to the Recipients settings of Event Notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that users can save the changes to the Recipients settings of Event Notifications. Hotfix 3410 Issue: The Ransomware Prevention widget on the Control Manager web console displays the total number of infected files but does not display the detailed information when users click on the number. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that the Ransomware Prevention widget displays the detailed information when users click on the number of infected files. Hotfix 3413 Issue: Products may not be able to register to Control Manager successfully if the AD Server responds slowly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves the issue by separating the AD Query process and Product Registration handle process. Hotfix 3414 Enhancement: This hotfix applies the following updates related to TMEAC 2.0 Service Pack 1. - Rule Management: This hotfix enables users to edit rules on all widgets that display a single rule column but users will only be able to create rules through the dedicated rule management widget. - SO Deployment: This hotfix enables Control Manager to support deployment of SO service credentials to a TMEAC 2.0 server. - SO Log: This hotfix enables Control Manager to supporting SO log collection (File Infect Log 1.0) for newly registered TMEAC 2.0 servers. Matches within the EAC inventory are reported as "Action: Log" and "Type: Scheduled Scan" while matches in the policy actions block log are reported as "Action: Block" and "Type: Realtime Scan". - Policy/Rules Selection: This hotfix enables Control Manager to support enabling SO blocking for SOs with "block" or "quarantine" action. - Policy/Log: This hotfix adds the "Reduce impact of log 'Any'" option which allows it to filter DLL accesses from "Policy action" logs when "Any" logs are selected (migrated from TMEAC 2.0-P1). - Policy/Deployment: This hotfix raises the default polling interval from two to 15 minutes and removes polling intervals that are less than five minutes. - Widgets: This hotfix updates the "Uncategorized Applications" template in KPI and the Application Event widgets to display applications correctly when the "Any" category is selected as log configuration with the "Reduce impact of 'Any'..." option enabled (migrated from TMEAC 2.0-P1). - Widgets: This hotfix resolves cross-site scripting (XSS) vulnerabilities in the widget names and chart labels. Hotfix 3416 Issue: The Dashboard page of the Control Manager web console is affected by an SQL injection vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves the vulnerability. Hotfix 3417 Issue: The time information in the "Directories > User/Endpoint > Security Threats" page of the Control Manager web console is in the wrong time zone. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that the time information in the "Security Threats" page is in local time. Hotfix 3418 Issue: An issue prevents users from logging onto multiple OfficeScan servers by SSO through the Control Manager console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that users can log on to multiple OfficeScan servers by SSO from the Control Manager console. Hotfix 3419 Enhancement: This hotfix enables the Cloud App Security, Hosted Email Security, and Worry-Free Business Security Services to support ransomware detection information on the Ransomware Prevention Widget. Hotfix 3420 Issue: Users cannot disable the "Display a notification when a C&C Callback is detected" setting of the OfficeScan agent policy on the "Privileges and other settings" page of the Control Manager web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that users can successfully enable or disable the "Display a notification when a C&C Callback is detected" setting of the OfficeScan agent policy. Hotfix 3421 Issue: "Product Status Information" reports generated in grid form display an extra column labelled "Color". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix removes the "Color" column from "Product Status Information" reports generated in grid form. Hotfix 3422 Enhancement: This hotfix enables the Control Manager LogForwarder tool to support Predictive Machine Learning logs. Hotfix 3423 Enhancement: This hotfix enables Control Manager to create new SHA2-based certificates for its web server and to replace the old SHA1-based certificates with these new certificates. Hotfix 3424 Issue: Control Manager does not support double-byte characters in URLs under the list of suspicious objects on Deep Discovery Email Inspector reports, as a result, the Control Manager web console displays these URLs as "?". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix enables Control Manager to support double-byte characters in URLs in Deep Discovery Email Inspector reports. Hotfix 3425 Enhancement: This hotfix helps ensure that Control Manager 6.0 can deploy policies to IMSVA 9.1 after it is upgraded to IMSVA 9.1 Patch 1. Hotfix 3429 Enhancement: This hotfix adds the following for Trend Micro Security (for Mac). - New policy settings - Scan Method - Agent Self-Protection - New scan settings for the policy settings - Manual Scan Settings - Real-time Scan Settings - Scheduled Scan Settings - New update settings for the policy setting - New Security (for Mac) Key Performance Indicators Widget Hotfix 3430 Issue: In a Control Manager cluster environment, the Deep Discovery Analyzer related schedules are not correctly implemented when registering a new Deep Discovery Analyzer server. This results in the clustered servers not receiving the Suspicious Object List from Deep Discovery Analyzer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: 1. If Control Manager is clustered, modify the following setting in SystemConfiguration.xml: - "m_strLookBackIP" Change to '127.0.0.1" in the Control Manager root directory after applying this hotfix. 2. If the public host name is different from the Control Manager server's actual host name (such as in the case of a cluster), "sCloudService" connects to the Control Manager server using the m_strLoopBackIP setting. The modification will prevent Control Manager from recognizing the request as being external. 3. When TMCM WebApp checks whether a request is a local request, it will check all IPs from all network cards, instead of only checking the default IP. Hotfix 3431 Issue 1: During DST, the wrong timestamps appear on email notifications and in syslogs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix ensures that Control Manager adds the correct timestamps to email notifications and syslogs when DST is enabled. Issue 2: The watermark for "tb_avviruslog_specialVirusNotif" increases significantly within a short period of time even when there are no new virus logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution2: This hotfix ensures the stored procedure that updates the watermark of "tb_avviruslog_specialVirusNotif" is not triggered when there are no new virus logs. Hotfix 3432 Enhancement: This hotfix enables Control Manager 6.0 to support Deep Discovery Email Inspector 2.6 and DDI 3.8 SP5 to use the new ActiveUpdate components. Hotfix 3433 Enhancement: This hotfix enables Control Manager to allow users to use wildcard characters in domains and URLs in the Virtual Analyzer Suspicious Objects Exception List. Hotfix 3434 Enhancement: This hotfix enables Control Manager to support SSO to multiple products simultaneously without overwriting sessions. This means that users can log on to several product servers and maintain each session in separate browser windows at the same time. Hotfix 3435 Issue: SQL injection vulnerabilities and XML External Entity injection vulnerabilities have been identified in the Control Manager 6.0 program. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix improves the way Control Manager filters input parameters to remove the vulnerabilities and protect against attacks. Hotfix 3436 Enhancement: This hotfix enables Deep Discovery Analyzer (DDAN) 5.8 to register to Control Manager. Hotfix 3437 Issue: There are no logs that appear in a one-time report when Control Manager removes the client (who sent the logs) from the product directory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hot fix ensures that one-time report display all logs even if the client does not exist in product directory. Hotfix 3438 Issue: Control Manager does not sort detections belonging to both command-and-control (C&C) callback and ransomware types onto the Ransomware Prevention widget. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix enables Control Manager to sort detections onto the Ransomware Prevention widget even if these detections belong to both the C&C callback and ransomware types. Hotfix 3439 Issue: If the impersonate function is enabled on Control Manager Web Server (IIS), and a Trend Micro OfficeScan X is registered on the same Control Manager server, the IIS working thread sometimes crashes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix prevents the crash from occurring when this situation occurs. Hotfix 3440 Issue: Users cannot save policy settings in the "Policies > Policy Management > OfficeScan Agent > Behavior Monitoring Settings > Enable Event Monitoring" function of the Control Manager web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that users can successfully save Event Monitoring settings of the OfficeScan agent policy. Hotfix 3441 Enhancement: This hotfix adds the following fields in the Predictive Machine Learning logs of the Control Manager Syslog: - CM Received Log Time - File SHA1 - Device External ID Hotfix 3442 Issue: When querying OfficeScan Behavior Monitoring data in Control Manager, some many columns display abnormally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix ensures that users can perform Ad Hoc Query of "Detailed Behavior Monitoring Information" and display the following columns correctly: - Policy - Event Type - Action - Operation Hotfix 3443 Enhancement: This hotfix adds the following PML-related engines onto the Control Manager AU: - Advanced Threat Scan Engine (32-bit) for Predictive Machine Learning - Advanced Threat Scan Engine (64-bit) for Predictive Machine Learning - Contextual Intelligence Engine (32-bit) - Contextual Intelligence Engine (64-bit) - Contextual Intelligence Query Handler (32-bit) - Contextual Intelligence Query Handler (64-bit) 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2016, Trend Micro Incorporated. All rights reserved. Trend Micro, Control Manager, OfficeScan, Data Loss Prevention, InterScan, ScanMail, Deep Security, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide