<> Trend Micro Incorporated April 7, 2021 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ScanMail(TM) for IBM(TM) Domino(TM) for Microsoft(TM) Windows(TM) 5.8 64-bit Patch 1 - Build 1090 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates. GM release documentation: http://docs.trendmicro.com Patch/Service Pack release documentation: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ========================================================== 1. About ScanMail for IBM Domino for Windows 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 6.1 Post-Installation Configuration (from Previous Versions) 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement ========================================================== 1. About ScanMail for IBM Domino for Windows ======================================================================== Trend Micro ScanMail for IBM Domino works in real time to prevent viruses, malicious code, and unwanted content from entering your Domino environment via email, replication, or infected documents. Malware scanning is performed in memory, which significantly increases the scanning speed. ScanMail offers flexible, scalable configuration and remote management through the Notes workspace, as well as Web access of ScanMail databases. ScanMail is fully compatible with Trend Micro Control Manager(TM), Trend Micro centralized management console that lets you consolidate antivirus and content security protection into a cohesive solution. 1.1 Overview of This Release ===================================================================== This Patch consolidates all previous hotfix releases of ScanMail for IBM Domino for Windows 5.8 64-bit. 1.2 Who Should Install This Release ===================================================================== Install this release if you are running ScanMail for IBM Domino for Windows 5.8 64-bit version. 2. What's New ======================================================================== NOTE: Please install the Patch before completing any procedures in this section (see "Installation"). This Patch addresses the following issues and includes the following enhancement: 2.1 Enhancements ==================================================================== The following enhancements are included in this release: [No Hotfix](Jira-seg-82179) Enhancement 1: True File Types - This Patch enables ScanMail for IBM Domino to support the "VSDT_MSI" and "VSDT_LNK" true file types. [No Hotfix](No Case) Enhancement 2: Scheduled Updates/Scans – This Patch updates the procedure for scheduled updates and scans. 2.2 Resolved Known Issues ===================================================================== This release resolves the following issues: VRTS-3871 SMID5.8 Win EN Hotfix 1059 ISSUE 1 Issue 1: ScanMail for IBM Domino 5.8 is affected by an OpenSSL/curl Code Injection vulnerability (CVE-2019-5443). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Patch upgrades the MCP AgentSDK module to version 5.0.2363 and the PR module to version 1.2.0.1158 to resolve the vulnerability. Jira-seg-64756 SMID5.8 Win EN Hotfix 1061 ISSUE 1 Issue 2: When the Advanced Threat Scan Engine (ATSE) and the "APT Prevention Filter > Scan Settings > Select attachments to scan > Microsoft Office file with micros" option are enabled while the "Security Risk Scan > Advanced Options > Macros in Microsoft Office files" is disabled, a Microsoft Office file attachment containing micros that does not meet all criteria for Trend Micro Deep Discovery Analyzer will be treated as "HEUR_HAS_MACRO" and will be scanned by ATSE. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Patch ensures that ATSE does not process Office file attachments that contain micros as "HEUR_HAS_MACRO" files under the scenario described above. Jira-seg-72216 SMID5.8 Win EN Hotfix 1064 ISSUE 1 Issue 3: SMDreal may stop unexpectedly while scanning certain file attachments. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Patch fixes this issue by updating the eManager(TM) module to build 7.6.0.1283. Jira-seg-68509 SMID5.8 Win EN Hotfix 1066 ISSUE 1 Issue 4: The nSMDdbs task may stop unexpectedly during a scheduled database scan. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Patch resolves the issue by allowing users to prevent ScanMail from automatically setting the locale. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To prevent ScanMail from automatically setting a locale: 1. Install this Patch (see "Installation"). 2. Open "notes.ini" using a text editor. 3. Add the following hidden key. SMD_WITHOUT_SETLOCALE=1 4. Save the changes and close the file. VRTS-4873 SMID5.8 Win EN Critical Patch 1070 ISSUE 1 Issue 5: A directory traversal vulnerability occurs when ScanMail downloads engine files or pattern files from the local ActiveUpdate (AU) server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Patch updates the Trend Micro ActiveUpdate modules to resolve this issue. Jira-seg-44837 SMID5.8 Linux EN Hotfix 1026 ISSUE 1 Issue 6: When the APT filter is enabled, it may take several minutes before any action is done after the "smddtas.nsf" file indicates that a sample is ready to be reprocessed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This Patch resolves the issue by making sure that ScanMail wakes up the reprocess thread as soon as the "smddtas.nsf" file indicates that a sample is ready to be reprocessed. Jira-seg-79358 SMID5.8 Linux EN Hotfix 1067 ISSUE 1 Issue 7: The nSMDreal task may stop unexpectedly during pattern updates. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This Patch updates the ScanMail program to prevent the issue. Jira-seg-79914 SMID5.8 Linux EN Hotfix 1071 ISSUE 1 Issue 8: An email message that contains only embedded objects may be held in the quarantine database (smddtas.nsf) longer than the configured maximum wait time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This Patch updates ScanMail to ensure that email messages that contain only embedded objects are not held up in the quarantine database. Jira-seg-48296 SMID5.8 Win EN Hotfix ISSUE 1 Issue 9: If smdreal runs without the "SMD_SPLITMAIL_RECALL_ENABLED=1" in "notes.ini", the Domino server stops unexpectedly after users run the following commands on the Domino console: set conf SMD_SPLITMAIL_RECALL_ENABLED=1 tel smdreal quit ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This Patch updates the ScanMail program to prevent the issue. Jira-seg-67866 SMID5.6 Win EN Hotfix 4909 ISSUE 1 Issue 10: The nSMDcm task may stop unexpectedly when the Domino server starts up. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This Patch prevents the issue by ensuring that only one configuration thread exists at any given time. Jira-seg-86942 ISLD5.0 AIX64-bit JP Hotfix 3558 ISSUE 1 Issue 11: VSAPI engine and pattern update events in ScanMail do not appear in the Control Manager server's event viewer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This Patch ensures that VSAPI engine and pattern update events in ScanMail appear in the Control Manager server's event viewer. Jira-seg-99366 SMID5.8 Win EN Hotfix ISSUE 1 Issue 12: smdreal may stop unexpectedly when the "SMDExtractMailWithNotesStyle=1" hidden key is set and and the TMASE filter is enabled in TMASE engine 7.6.1015 and any higher version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This Patch updates the ScanMail program to prevent the issue. VRTS-5099 SMID5.8 Win EN Hotfix ISSUE 1 Issue 13: There is vulnerability related to VSAPI/ATSE API (VSDecompress). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: This Patch replaces VSAPI/ATSE API (VSDecompress) with AFI. Jira-seg-50818 SMLD5.0 AIX64-bit EN Hotfix 3509 ISSUE 1 Issue 14: An email in rich text format will lose its mail history content when the following two conditions occur: - the "SMD_SPLITMAIL_RECALL_ENABLED" hidden key is enabled - the email message partially matches a ScanMail rule ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: This Patch resolves the issue by enabling ScanMail to open mail notes using the "OPEN_RAW_MIME" parameter. Jira-seg-40973 SMID5.8 Win EN Hotfix ISSUE 1 Issue 15: Sometimes an email message is put on hold when all of the following conditions are met: - the email message is routed to another email server by the "SMD_SPLITMAIL_RECALL_ENABLED=1" hidden key - the email message partially matches policies - the email message is split. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This Patch updates the ScanMail program to prevent the issue. VRTS-5554 SMID5.8 Win EN Critical Patch ISSUE 1 Issue 16: An issue related to the offset value validation task causes the VSAPI and ATSE engines to go into an infinite loop while parsing a crafted .chm file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: This Patch resolves the issue to ensure that the engines can parse crafted .chm files normally. NOTE: This solution requires that the VSAPI and ATSE engines are updated to version 12.500.1004 or any higher version. 3. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining ScanMail for IBM Domino for Windows. To access the Online Help, go to http://docs.trendmicro.com - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining ScanMail for IBM Domino for Windows. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to https://success.trendmicro.com 4. System Requirements ======================================================================== Before installing the patch, Trend Micro recommends: - installing the 64-bit version of ScanMail for IBM Domino for Linux 5.8 Build 1024. - upgrading the VSAPI and ATSE engines to version 12.500.1004 or any higher version. Refer to Section 2.2 Issue 16 for more information. 5. Installation ======================================================================== Refer to the "Administrator's Guide" for detailed information. 5.1 Installing ===================================================================== To install: 1. Update the VSAPI and ATSE engines to version 12.500.1004 or any higher version. 2. Log on to the IBM Domino server as an "Administrator". 3. Close all active IBM Notes clients and account sessions. If no IBM Notes clients are open at this time, proceed to the next step. 4. Clear the password for the Domino console. If the Domino console is not password-protected, proceed to the next step. 5. Copy the "smid_58_win64_en_patch1_b1090.exe" file to a local folder on the ScanMail for IBM Domino for Windows server. 6. Double-click "smid_58_win64_en_patch1_b1090.exe". ScanMail for IBM Domino for Windows displays a message confirming that the patch installation was successful. 7. Click "Finish". The "SMID: Build 5.8.0.1090" message appears on the Domino console after the system completes the installation. 5.2 Uninstalling ===================================================================== To roll back to the previous build: 1. Log on to the IBM Domino server as an "Administrator". 2. Close all active IBM Notes clients and account sessions. If no IBM Notes clients are open at this time, proceed to the next step. 3. Browse to the backup folder in ScanMail for IBM Domino for Windows installation folder. For example, "c:\Program Files\ Trend Micro\ScanMail for Domino\Hotfix\b1090". 4. Run "uninstall.bat". 5. Click "Finish". 6. Post-Installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ======================================================================== There are no known issues in this release. 8. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 9. Files Included in This Release ======================================================================== Filename Build No. ------------------------------------------------------------------- nSMDreal.dll 5.8.0.1090 nSMDdbs.dll 5.8.0.1090 nSMDcm.dll 5.8.0.1090 nSMDeuq.dll 5.8.0.1090 nSMDsch.dll 5.8.0.1090 nSmdDTAS.dll 5.8.0.1090 nSMDmon.dll 5.8.0.1090 nSMDext.dll 5.8.0.1090 nSMDemf.dll 5.8.0.1090 nSMDsupp.dll 5.8.0.1090 nupdsmd.dll 5.8.0.1090 nSMDupd.dll 5.8.0.1090 ProductLib.dll 5.8.0.1090 UnregCMLib.dll 5.8.0.1090 UnregCM.exe 5.8.0.1090 nBIFSender.exe 5.8.0.1090 nloader.exe 5.8.0.1090 smconf.ntf 5.8.0.1090 smdapproved.ntf 5.8.0.1090 smddtas.ntf 5.8.0.1090 smency.ntf 5.8.0.1090 smftypes.nsf 5.8.0.1090 smhelp.nsf 5.8.0.1090 smlists.nsf 5.8.0.1090 smmsg.nsf 5.8.0.1090 smquar.ntf 5.8.0.1090 smtime.ntf 5.8.0.1090 smvlog.ntf 5.8.0.1090 AU module Files ------------------------------------------------------------------ cert5.db 2.86.4002 ciuas64.dll 2.86.4002 ciussi64.dll 2.86.4002 patch64.exe 2.86.4002 patchw64.dll 2.86.4002 TmUpdate64.dll 2.86.4002 x500.db 2.86.4002 MCP AgentSDK Files ------------------------------------------------------------------ En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 5.0.0.2363 libcurl.dll 5.0.0.2363 libeay32.dll 5.0.0.2363 ssleay32.dll 5.0.0.2363 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlibwapi.dll 5.0.0.2363 PR Files ------------------------------------------------------------------ TmPrApi.dll 1.2.0.1158 TmPrApiD.dll 1.2.0.1158 TmPrApiT.dll 1.2.0.1158 TmPrApiTD.dll 1.2.0.1158 eManager module Files ------------------------------------------------------------------ adj.dat 7.6.0.1283 adj.idx 7.6.0.1283 adv.dat 7.6.0.1283 adv.idx 7.6.0.1283 american-name.txt 7.6.0.1283 cme.conf 7.6.0.1283 cme_dll.dll 7.6.0.1283 cme_vxe_dll.dll 7.6.0.1283 data_dna.dll 7.6.0.1283 DlpEngine.dll 7.6.0.1283 dtengine64.dll 7.6.0.1283 emDebug.dll 7.6.0.1283 em_expression.dll 7.6.0.1283 em_helpr.dll 7.6.0.1283 em_synonym.dll 7.6.0.1283 etyv 7.6.0.1283 icudt57.dll 7.6.0.1283 icuin57.dll 7.6.0.1283 icuuc57.dll 7.6.0.1283 BPMNT.dll 7.6.0.1283 vsapi64.dll 7.6.0.1283 noun.dat 7.6.0.1283 noun.idx 7.6.0.1283 Policy.xml 7.6.0.1283 pthreadVC2.dll 7.6.0.1283 spanish-name.txt 7.6.0.1283 tmpe.pol 7.6.0.1283 tmpeEnum.xml 7.6.0.1283 verb.dat 7.6.0.1283 verb.idx 7.6.0.1283 10. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. https://www.trendmicro.com/en_us/contact.html NOTE: This information is subject to change without notice. 11. About Trend Micro ======================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2021, Trend Micro Incorporated. All rights reserved. Trend Micro, ScanMail, Control Manager, Data Loss Prevention, eManager, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide