A issue may prevent the system from updating Trend Micro Apex One Security Agents from Build 8378 to 12994.

Users may not be able to import file hash exceptions in a CSV file for Behavior Monitoring using the web console.

After configure the “Scan Exclusions” on Security Agent endpoints, some settings are changed unexpectedly.

This Critical Patch updates the import and export feature for firewall configuration settings in Trend Micro Apex One to enhance user experience.

This Critical Patch updates the related modules in Trend Micro Apex One to protect against the Damage Cleanup Engine Link Following Local Privilege Escalation Vulnerability (ZDI-CAN-23995)(CVSS 3.0, Score 7.8).

This Critical Patch updates the related modules in Trend Micro Apex One to protect against the Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability (ZDI-CAN-24557)(CVSS 3.0, Score 7.8).

Upgrade may fail if using an MSI package to upgrade an Apex One security agent that was originally installed also using an MSI package. Perform the following steps:

1. Ensure that the new MSI package has the same file name as the original package. If you do not know the file name of the original MSI package, check the following registry key: HKEY_CLASSES_ROOT\Installer\Products\1EFA14817AB44D447800A6FC68A0E81D\SourceList\PackageName
2. Install the new MSI package. Use command prompt to execute the package with the parameter "/fvo". For example, msiexec /fvo c:\temp\package.msi

The custom certificate is replaced with a self-signed certificate after upgrading to Apex One SP1. Perform the following steps to revert to using the original certificate:

1. Before upgrading to Apex One SP1, manually back up the certificate file.
2. After the upgrade process is complete, re-associate the backed-up certificate to Apex One

After upgrade to Sp1 , that Smart Protection Services for scheduled update setting back to default value(Every 15 minutes).

1. If when to change setting, please login Apex One Web console > "Administration" > "Smart Protection" > "Integrated Server" > "Update Settings" - "Update Schedule" - "Enable scheduled updates" - "Hourly" / "Every 15 minutes"

A time zone issue may cause the system to display different log generation time information in the web console. In the web console, the system displays the log generation time in the time zone of the Apex One server.

• The Apex One server stores the log generation time information in GMT+0.
• The Security Agent sends the log generation time information (GMT+0 or local time) to the Apex One server.

After upgrading to Build 14.0.12902, agent update may not be successful with the event message "Unable to connect to the Server".

Clicking the number on the notification pop-up screen may not display the related log information on Security Agent endpoints.

The system does not display the help content when clicking the help button in the Security Agent console.

The system does not display the related information when clicking a threat link on the Top Ransomware Detections widget.

An issue related to the Predictive Machine Learning feature may result in insufficient disk space on Security Agent endpoints.

An issue related to the Security Agent processes may cause the system to be unresponsive.

An issue related to the Data Loss Prevention feature may cause the system to display incorrect log information for detected email messages with an empty subject in the web console.

An issue related to special characters in the log content prevents the system from displaying Data Loss Prevention (DLP) logs properly in the web console.

After updating to build 12952 or later, the system is unable to deploy Anti Threat Toolkit (ATTK) using ToolBox.

After executing the command "pccntmon.exe -m", the system may not uninstall the Trend Micro Security Agent program on endpoints.

The Real-time Scan service may be stopped unexpectedly on Security Agent endpoints.

Depending on the "Scan network drives" setting for Manual Scan, the system may display different scan results (UNC path and mounted disk mode) in the web console.

An issue related to the the Program Inspection Engine may prevent the system from running a third-party program ( SS1) on Apex One Security Agent endpoints.

This Hotfix updates the Firewall Policy Exceptions screen in the web console to enhance user experience.

This Patch updates the UTN-USERFirst-Object certificate to enhance system task processing.

This Patch updates the Security Agent policy configuration to enhance Apex Central integration.

This Patch updates the related modules in Apex One to protect against the potential privilege escalation vulnerability (ZDI-CAN-24675)(CVSS 3.0, Score 7.8).

This Patch enhances the detection capabilities in Apex One by updating the Data Loss Prevention (DLP) templates to support WoW64 browsers.

This Patch updates the related modules in Apex One to protect against the LogServer Link Following Local Privilege Escalation Vulnerability (ZDI-CAN-24674)(CVSS 3.0, Score 7.8).

This Patch updates the related modules in Apex One to protect against the LogServer.exe Arbitrary File Creation Local Privilege Escalation Vulnerability (ZDI-CAN-24609)(CVSS 3.0, Score 7.8).

This Hotfix updates the Apex One Security Agent program to enable agent GUID synchronization with Endpoint Basecamp.

Note: For Security Agents whose GUIDs are updated during GUID synchronization, the system automatically removes related agent logs and set the Security Agents to use the default policy settings.

Trend Micro recommends you perform the following tasks:

• Before applying this Hotfix, back up agent logs.
• After applying this Hotfix, re-deploy policies to this kind of Security Agents.

An issue related signature files may cause an unsuccessful agent update.

An issue related the Data Loss Prevention file removal may cause multiple vulnerability detections for the 7-Zip component used in Apex One.

The Data Loss Prevention feature may not function properly in 32-bit Google Chrome web browser.

The Predefined Keyword Lists for Data Loss Prevention (DLP) in the web console do not match the description in the product documentation.

An unsuccessful SQL connection check prevents the system from installing Apex One Patch 12932.

Related Predictive Machine Learning logs do not display in log queries in the Apex Central web console.

Clicking the help link in some web console pages does not display the help content.

An issue related to tmcomm.sys may cause the Security Agent endpoint to stop responding.

An issue related to the Predictive Machine Learning feature may result in insufficient disk space on Security Agent endpoints.

This Critical Patch updates Data Loss Prevention (DLP) to support device control for USB tethering and Bluetooth hotspot.

This Critical Patch enhances the Security Agent update process to update Data Loss Prevention (DLP) templates from the Apex One server.

This Critical Patch updates OpenJDK to version 11.0.22+7-LTS to enhance product security.

After disabling and enabling the firewall on Security Agents, the firewall service may not function properly on Security Agent endpoints.

After configuring exceptions for Behavior Monitoring on the web console, the system may automatically remove one or more user-defined exceptions on the Security Agent console.

The system does not generate an event log for certificate import actions in the web console.

An issue related to the update process may prevent Security Agents from synchronizing suspicious object lists from Apex Central.

The system may not display the correct number of threat types on the Dashboard in the web console.

The system does not display the related log entries when users click the "Unknown threats detection" link for Behavior Monitoring on the Dashboard in the web console.

Users are unable to configure "Other update source" settings on the Server Update Source screen in the web console.

After the first successful detection, Apex One Security Agent is unable to detect EICAR test files stored on a CD on subsequent attempts.

This Critical Patch updates the Virus Scan Engine to protect against the Link Following Local Privilege Escalation security issue (ZDI-CAN-22693)(CVSS 3.0, Score 7.8).

This Critical Patch updates the Virus Scan Engine to protect against the Link Following Information Disclosure security issue (ZDI-CAN-22032)(CVSS 3.0, Score 4.7).

This Critical Patch adds support for Attack Surface Reduction (ASR) rules in Behavior Monitoring to enhance product security capabilities.

This Critical Patch updates Security Agent Plug-in User Interface Manager to protect against a potential security issue (CVSS 3.0, Score 7.3).

This Critical Patch updates the widget component to protect against the Local File Inclusion and Remote Code Execution security issue (ZDI-CAN-23401)(CVSS 3.0, Score 7.5).

This Critical Patch updates the widget component to protect against the SQL injection security issue.

After applying Apex One Critical Patch 12932 or 12942, users are unable to close the notification about the new Trend Vision One integration feature on the Apex One console.

The system does not save the configuration settings on the Smart Protection Network screen in the web console.

The system is unable to update the Apex One Security Agent program from 14.0.9113 to 14.0.12902 on Security Agent endpoints.

This Critical Patch updates the Apex One server program to protect against a potential Local Privilege Escalation security issue.

This Critical Patch updates the related modules in Apex One to protect against the Damage Cleanup Engine Link Following Denial-of-Service Vulnerability (ZDI-CAN-22038)(CVSS 6.1, Score 7.8).

This Critical Patch updates the Virus Scan Engine (VSAPI) to support file folder protection.

When the Securty Agent is switched to standalone mode, the change is not displayed on the Apex One server dashboard.

When the operating system starts, the Apex One NT firewall is not ready.

In the Apex One server console, agent management search results return unexpected results.

The Apex One server cannot use the message transfer agent (MTA) to send notifications.

The system does not change the agent status to "Unreachable/Offline" after the hearbeat timeout is reached.

This Critical Patch updates the Apex One Security Agent program to protect against a potential Local Privilege Escalation security issue (ZDI-CAN-22481)(CVSS 3.0, Score 7.8).

This Critical Patch enhances the Security Agent update process to update Data Loss Prevention (DLP) templates from the Apex One server.

A issue related to the network monitoring feature in Apex One Security Agent may affect network connections causing web browsers to become unresponsive on endpoints.

The system may not display the Last Updated information for components on the Security Agent console.

The system is unable to import the exception list properly for Predictive Machine Learning.

When Data Loss Prevention (DLP) is enabled, the system is unable to detect files copied to a USB drive using FileVisor on endpoints.

After updating to Apex One Service Pack 1 Patch 2, the Client Authentication Checksum (CAC) security setting cannot be enabled or disabled on the Global Agent Settings screen in the web console.

This Critical Patch updates the related modules in Apex One to protect against the Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability (ZDI-CAN-22667)(CVSS 3.0, Score 7.8).

This Critical Patch updates the PHP module in Apex One to protect against the stack buffer overflow vulnerability ( CVE-2023-3824).

Apex One Security Agent may not be able to scan and detect test samples using Predictive Machine Learning.

An issue related to the PccNTMon.exe process may result in an error and prevent the Security Agent from operating properly on endpoints.

When Data Loss Prevention (DLP) is enabled, the system may not apply policy settings properly on Security Agent endpoints.

Data Loss Prevention (DLP) is unable to block detected files that are bigger than 128 MB on Security Agent endpoints.

When Behavior Monitoring is enabled, an MSI activity maybe detected as an Unauthorized File Encryption event on Apex One Security Agent endpoints.

A system issue may cause Apex One to become unresponsive.

The Apex One Master Service may stop unexpectedly after a spyware detection.

An issue related to the Data Loss Prevention module in Apex One Security Agent may result in high CPU usage on Security Agent endpoints.

An issue related to the TMBMSRV.exe service in Apex One may cause Security Agent endpoints to be unresponsive.

This Patch updates the related modules in Apex One to protect against the Improper Access Control Local Privilege Escalation Vulnerability (ZDI-CAN-21599)(CVSS 3.0, Score 7.8).

This Patch updates the modules in Apex One to protect against the potential SOCKS5 heap buffer overflow vulnerability (CVE-2023-38545)(CVSS 3.0, Score 7.8).

This Patch enhances the environment checking process for Apex One server updates.

This Patch enables the Apex One Security Agent program to support endpoints running Microsoft Windows 11 23H2.

This Patch updates the default browser shortcut for the Apex One web console.

This Patch enables Apex One (On-premises) to regularly update the information of managed Security Agents to the Endpoint Inventory app in Trend Vision One to enhance product integration. Note: This feature requires the installation of Apex Central Patch 8 or above.

This Patch updates the Behavior Monitoring feature in Apex One to support file hash exceptions.

On Security Agent endpoints running Windows 10, the system may take an excessive amount of time to restart or load the Windows logon screen.

The system may not import all Security Agent settings properly from a .dat file.

The system may not generate logs for file uploads to a cloud storage for Data Loss Prevention.

This Critical Patch updates the related modules in Apex One to protect against the Link Following Local Privilege Escalation Vulnerability (ZDI-CAN-21346)(CVSS 3.0, Score 7.5).

This Critical Patch updates the related modules in Apex One to protect against the Anti-Spyware Engine Link Following Local Privilege Escalation Vulnerability (ZDI-CAN-21522)(CVSS 3.0, Score 7.8).

This Critical Patch updates the related modules in Apex One to protect against the Cross-Site Scripting Vulnerability (ZDI-CAN-21425)(CVSS 3.0, Score 7.8).

This Critical Patch updates the related modules in Apex One to protect against the Exposed Dangerous Function Local Privilege Escalation Vulnerability (ZDI-CAN-21860)(CVSS 3.0, Score 7.8).

This Critical Patch updates the related modules in Apex One to protect against the Updater Link Following Local Privilege Escalation Vulnerability ( ZDI-CAN-21896)(CVSS 3.0, Score 7.0).

An internal issue may cause the system not to update the Spyware Scan Engine module in Apex One Security Agent.

During the Apex One Security Agent installation process, the system may not remove the Symantec Endpoint Protection application on endpoints.

After performing a rollback process on the Apex One server, the system does not properly revert related components on managed Security Agents to the previous versions.

Users are unable to access the web console of some managed Apex One servers from Apex Central.

Component updates may not be successful for Security Agents on Windows 2012 Server endpoints.

When the parameter EnableMoveNATClient is set to 1, the web console does not display the Security Agents in a domain that is moved.

An internal issue prevents the system from updating files when the "Autopcc.exe -f" command is executed manually on Security Agent endpoints

After applying the Apex One B12512 update, users are unable to move agent endpoints using the drag-and-drop method in the web console.

After applying the Apex One B12512 update, the system does not display the Product License screen properly in the web console.

After applying the Apex One B12512 update, users are unable to save settings on the Integrated Smart Protection Server screen in the web console.

This Critical Patch updates the Self-Protection module in Apex One Security Agent to enhance product security.

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21366).

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21367).

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21368).

This Critical Patch updates the Apex One server program to protect against the CNTAoSMgr Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21378).

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21380).

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21381).

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21382).

This Critical Patch updates the Apex One server program to protect against the CNTAoSMgr Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21383).

This Critical Patch updates the Apex One server program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability (ZDI-CAN-21665).

This Critical Patch updates the Apex One server program to protect against the 7-Zip 7Z File Parsing Integer Underflow Remote Code Execution Vulnerability (CVE-2023-40481/ ZDI-23-1165).

This Critical Patch updates the Apex One server program to protect against the 7-Zip SquashFS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability (CVE-2023-40481).

The Apex One server is unable to receive virus detection log data from managed Security Agents.

A data conversion error occurs when the Security Agent tries to access a file path that is encoded in UTF-8 format.

An issue related to internal data processing may prevent the system from displaying the domain names properly in the web console.

Security Agent installed on endpoints using the Client Packager may not contain all the settings configured for the selected agent domain.

The system does not block some mobile devices on Security Agent endpoints based on the Device Control settings.

The system is unable to install the Apex One Security Agent on endpoints using the MSI package.

This Critical Patch updates the Case Diagnostic Tool (CDT) to allow the system to purge data in the AU_Temp folder and optimize storage space usage.

This Critical Patch updates the jQuery library in Apex One to enhance product security.

This Critical Patch updates the related modules to enhance product security and protect against the Local File Inclusion Local Privilege Escalation Vulnerability.

This Hotfix updates the Virus Scan Engine (VSAPI) to version 22.610.1017 to support Advanced Malware Detection for well-known and high-volume malware sample scanning.

The Security Agent is unable to generate SHA-1 hashes for some file types.

An Apex One server update may be unsuccessful with the error message "An error has occurred during SQL script execution".

On the Agent Management screen in the Apex One server web console, specifying more than 15 characters in the Search for Endpoints field causes the system to generate a warning event.

Performing an Apex One Toolbox plug-in program update may cause the plug-in program to be unresponsive.

A typo is found on the Exception Rule screen for firewall policy configuration.

An issue related to Behavior Monitoring may cause the operating system to shutdown unexpectedly.

An issue related to the Firewall module may cause a third-party application to stop responding.

Under certain conditions, an agent update may fail.

After upgrading the Apex One server, the "Behavior Monitoring Core Service (64-bit)" component is selected on the Scheduled Update and Manual Update screens in the web console.

The system is unable to uninstall the Apex One Data Protection plug-in program.

The system may not apply the specified action configured on the Suspicious Connection Settings screen in the web console.

Under certain conditions, the system may remove third-party security applications on Security Agent endpoints.

The system may not be able to perform an agent update successfully on Security Agent endpoints.

An issue related to the Smart Scan feature may cause a Blue Screen of Death (BSOD) error on Security Agent endpoints.

This Patch enables the Apex Central console to display up to five layers of Apex One domain hierarchy.

NOTE: This feature requires the installation of Apex Central Patch 5.

This Patch removes the files isapiClientx64.dll and isapiClientx86.dll to enhance the Vulnerability Protection Service.

This Patch updates the file integrity checking mechanism to enhance product security.

This Patch enhances the Security Agent update process to update Data Loss Prevention (DLP) templates from the Apex One server.

This Patch updates the log description for security scan operations to enhance user experience.

This Patch enables Apex One to send server configuration information to Trend Vision One to enhance product integration.

NOTE: This feature requires the installation of Apex Central Patch 6.

This Patch updates Apex Central to enable Trend Vision One integration for managed Apex One servers.

NOTE: This feature requires the installation of Apex Central Patch 5 or above.

Apex One Security Agents may not be able to disable the Print Screen function on endpoints.

For CD/DVD drive file detections, the system generates Data Loss Prevention logs with lowercase file names.

The system may not be able to apply Data Loss Prevention policy settings properly.

The system may not be able to block Write access from some applications (such as Total Commander) using Device Control.

Data Loss Prevent (DLP) is unable to detect and block Twitter messages containing specified keywords on Security Agent endpoints.

The system is unable to block opened files on cloud storage using Data Loss Prevention.

On the Apex Central web console, the Web Reputation Endpoint Patch Pattern component status may be "outdated" even when regular component updates are performed on Apex One.

The Data Loss Prevention feature is unable to detect sensitive data that has been copied to a removable USB storage device.

The Data Loss Prevention feature is unable to block file transfers.

The Data Loss Prevention feature is unable to detect sensitive data that has been copied to a shared folder on an endpoint.

Accessing the Agents > Agent Installation > Browser-based screen on the Apex One web console sets the system to generate a false-positive Windows system event.

After setting the connection verification schedule to Hourly on the Agent > Connection Verification > Scheduled Verification screen, the hour drop-down list is still active.

This Critical Patch updates the Apex One Security Agent program to protect against potential privilege escalation vulnerabilities.

This Critical Patch updates the component verification process in Apex One Security Agent to enhance product security.

After the Apex One server receives the heartbeat message from a Security Agent, the status of the Security Agent is still offline.

After configuring the Global Agent settings, the parameter "EnableWMIQuery" is 1 in the ofcscan.ini file on the Apex One server but the "EnableWMIQuery " registry key value is 0 on Security Agent endpoints.

After disabling the POP3 email scanning feature, the Apex One NT Listener service is unable to perform some file operations.

Sometimes the system may contain multiple temporary pattern files newpnt.zip.tmp and newpx64.zip.tmp that take up a significant amount of storage space.

Sometimes the may generate the Windows event "Event ID: 15 Updated Trend Micro Apex One Antivirus status successfully to SECURITY_PRODUCT_STATE_ON" multiple times within a short time affecting system performance.

The system may generate an excessive amount of Scan Operation Logs resulting in an increase in the Apex One database size.

After initiating an update for Security Agents with outdated components on the Agent Manual Update screen, the system is unable to update the Behavior Monitoring Detection Pattern.

This Critical Patch updates the Apex One server program to protect against the Privilege Escalation Vulnerability for Trend Micro for Windows.

This Critical Patch updates the MSI agent installer to enhance product security.

The Behavior Monitoring components may not be updated in Apex One Security Agent on endpoints.

Under certain conditions, the Apex One Security Agent installation process may be interrupted on endpoints.

In Digital Asset Transmissions email notifications, the email subject does not show the correct user name.

This Critical Patch updates the related modules in Apex One to protect against the Email Address Variable Length Buffer Overflow vulnerability (CVE-2022-3786).

This Critical Patch updates the Apex One Security Agent program to protect against the Time-of-Check Time-of-Use Local Privilege Escalation vulnerability (ZDI-CAN-19102).

This Critical Patch updates the Apex One server program to protect against the system privilege exploit security issue.

This Critical Patch updates the related modules in Apex One to protect against the Email Address 4-byte Buffer Overflow vulnerability (CVE-2022-3602).

This Critical Patch updates the Apex One Security Agent program to protect against the Time-of-Check Time-of-Use Local Privilege Escalation vulnerability (ZDI-CAN-19831).

This Critical Patch enables Apex One to support Client Authentication Checksum (CAC) security for server-agent communication.

This Critical Patch adds environment pre-checking in the Apex One server and Security Agent installation package (MSI) to support certificate integrity checking for Azure Code Signing (ACS).

The audit log contains an excessive number of root account login events from Apex Central.

An issue related to the Apex One service may cause endpoints to stop responding upon startup.

On the Agent Management screen, the system may clear all associated settings for a subdomain when users move the subdomain to the root domain in the agent tree using the drag-and-drop method.

An issue related to the Apex One service may cause the TMBMSRV.exe process to stop unexpectedly on Security Agent endpoints.

The system may not display the detailed information on the Update Summary screen.

The system may not display the content properly for some help pages.

When using the Pccntmon.exe command, the system may not export the Security Agent component version information to the output file specified.

After upgrading Security Agents from OfficeScan XG, the system may not apply the approved program list properly for program inspection.

The system is unable to block the URL "https://duckduckgo.com" that has been added to the User-Defined Suspicious Object List.

The system may not start a Scheduled Scan based on the configured schedule.

Running the Apex One Security Agent program on endpoints may cause the Refinitiv Workspace application to not function properly.

Running the Apex One Security Agent and SentinelOne programs simultaneously on endpoints may cause the system to stop responding.

Users can still start applications from connected USB devices that are set to read-only in Device Control.

Enabling the Data Loss Prevention (DLP) feature may prevent USB modems from working properly.

Data Loss Prevention (DLP) does not block CD/DVD devices with the IDE interface.

When uploading files, the Microsoft Edge browser may become unresponsive.

Running the Apex One Security Agent and VG Studio Max programs simultaneously on endpoints may cause the system to become unresponsive.

After upgrading to Apex One Service Pack 1, the Trend Micro Endpoint Encryption Deployment Tool may not be able to display the Apex One Security Agent list properly.

During the Apex One Service Pack 1 installation process, the error message "Setup program cannot connect to the website successfully." appears.

When performing a Security Agent upgrade using the installer created by the Agent Packager, the upgrade process may be unsuccessful and the Security Agent status is set to "Protection at risk".

After applying Critical Patch build 11136, the system displays "N/A" for the File Reputation Services URL on the web console.

After updating the Script Analyzer Unified Pattern file, the "File Self-Protection delete invalid file" Windows event logs are generated on agent endpoints.

After applying Critical Patch build 11136 for Apex One servers running on Windows Server 2012 R2 and deploying policies from Apex Central, the policy status is still pending for managed Security Agents.

After applying the previous patch update, the "Use configured Smart Protection Sources for service queries" setting is reset.

If the Apex One server is unable to download components from the Trend Micro ActiveUpdate server, Security Agents may try to download the Program Inspection Monitoring Pattern repeatedly.

For Security Agent endpoints running on Windows 7 or Windows Server 2021 R2, an issue related to the OpenSSL 3.0 module may result in connection issues between Security Agents and Edge Relay servers.

If users perform two file transfers in quick succession, Trend Micro Endpoint Encryption may not encrypt the second file.

After applying Service Pack build 11561, users are not able to log into the web console when using a non-built-in administrator Windows account for database authentication.

When Data Loss Prevention (DLP) is enabled on Apex One Security Agent endpoints, Google Chrome (version 106 or later) and Microsoft Edge (Chromium) may become unresponsive.

This Service Pack updates the Spyware/Grayware Scan Engine to protect against the Link Following Local Privilege Escalation security issue.

This Service Pack updates the Virus Scan Engine to protect against the Improper Access Control Local Privilege Escalation security issue.

This Service Pack enables SHA-256 certificate fingerprint support for server-agent communication.

This Service Pack updates the Apex One Security Agent program to protect against the Link Following Local Privilege Escalation security issue.

This Service Pack enhances the Apex One server service command authorization to improve product security.

This Service Pack updates the Uncontrolled Search Path Element to protect against the Local Remote Code Execution Vulnerability security issue.

This Service Pack enables the Apex One Security Agent program to support Microsoft Windows 10 22H2 and Windows 11 22H2.

This Service Pack updates the file upload process to protect against the Local Remote Code Execution Vulnerability security issue.