Readme Last Update: April 8th, 2021
Trend Micro Apex One™
English - Windows - 32-bit / 64-bit
Critical Patch - Server Build 9204 and Agent Build 9179
1. Critical Patch Release Information
Resolved Known Issues
This Critical Patch resolves the following issue(s):
Issue 1
(SEG-93725), (SEG-99523)
An issue prevents the Device List Tool (listDeviceInfo.exe) from retrieving certain SCSI disk device information.
Solution
This Critical Patch updates the Device List Tool (listDeviceInfo.exe) to resolve this issue.
Issue 2
(SEG-99331)
Users encounter the following Microsoft™ Windows™ system event error message after disabling the "Global Agent Settings > Enable Early Launch Anti-Malware protection" feature on an endpoint.
"The Apex One NT WSC service failed to start due to the following error:
Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source."
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue 3
(SEG-95827)
The Data Loss Prevention™ (DLP) feature cannot block Adobe™ Acrobat™ Reader DC from saving files into a connected USB storage device.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue 4
(SEG-97677)
When "bypass_itunes_nonstor_usb_dc=true", users can access an iOS phone from a protected computer even when the Device Control feature is configured to "Block" mobile devices.
Solution
This Critical Patch updates the Data Protection module to ensure that users will only be able to charge an iOS phone and not access it under the scenario described above.
Issue 5
(SEG-98286)
An issue related to the DLP module causes certain developer tools to start slowly.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue 6
(SEG-98340)
An issue related to the DLP module causes a third-party application (Teleopti WFM) to stop responding unexpectedly.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue 7
(SEG-94995)
Certain Huawei webcam devices are recognized as "Modems".
Solution
This Critical Patch updates the Data Protection module to ensure such devices are correctly recognized as "Imaging Devices".
Issue 8
(SEG-92326)
The Apex One Firewall also blocks network packets based on the connection status, as a result, some network packets may appear to be both blocked and accepted by the same rule in the corresponding Apex One Firewall logs.
Solution
This Critical Patch resolves this issue by updating the Apex One Security Agent program to allow users to disable the Firewall log for certain events.
Procedure
To configure Apex One to disable the Firewall logs certain events to help prevent the issue and deploy the solution globally:
- Install this Critical Patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
- Under the "Global Setting" section, manually add the "PfwFeatureForResult" key and set it to "0".
- [Global Setting]
- PfwFeatureForResult=0
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entries on all Apex One agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.
- Key: PfwFeatureForResult
- Type: DWORD
- Value: 0
- Restart the Apex One security agent.
Issue 9
(SEG-100992)
The Apex One SQL program returns a data error after users upgrade to Build 9120.
Solution
This Critical Patch updates the Apex One SQL program to resolve this issue.
Issue 10
(SEG-98742)
An issue triggers the Apex One Behavior Monitoring feature to close the Microsoft Office application unexpectedly.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue 11
(SEG-95253)
An issue causes the "Spyware/Grayware Outbreaks Alert" widget to return query results from the wrong time range.
Solution
This Critical Patch updates the Apex One server program to ensure that the widget returns logs generated within the specified time range.
Issue 12
(SEG-85925)
The Active Directory (AD) displays abnormally after AD synchronization when the Organizational Unit (OU) name contains a "TAB" character.
Solution
This Critical Patch enables users to configure Apex One to handle OU names that contain a "TAB" character.
Procedure
To configure Apex One to handle OU names that contain a "TAB" character:
- Install this Critical Patch (see "Installation").
- Open the "ofcserver.ini" file in the "\PCCSRV\Private\" folder in the Apex One server installation directory.
- Under the "[INI_AD_INTEGRATION_SECTION]" section, manually add "AdScopeSyncUpBatchSeparatorType=1"
- [INI_AD_INTEGRATION_SECTION]
- AdScopeSyncUpBatchSeparatorType=1
NOTE:
0: If the OU name does not contain a "TAB" (default)
1: If the OU name contains a "TAB"
- Save the changes and close the file.
Issue 13
(SEG-98762)
An "osp_cb_dbGetClientsByCompName" stored procedure leakage issue prevents the "EnableCheckClientComputerName" hidden key from working normally. When this happens, duplicate hostnames are not purged automatically even when the key is enabled.
Solution
This Critical Patch resolves the memory leak issue to ensure that the "EnableCheckClientComputerName" hidden key works normally.
Issue 14
(SEG-93060)
The following message displays on the "Result" field of Virus/Malware logs on the web console when the filename of an infected file contains certain special characters.
"Quarantine is successful at agent, but unable to send the quarantined file to the designated quarantine folder. Refer to the online help for solutions."
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue 15
(SEG-100201)
An issue prevents the Web Reputation Service (WRS) from blocking access to HTTPS URLs on Microsoft™ Edge (Chromium) even when configured to block these websites.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue and ensure that WRS can correctly detect HTTPS URLs on the Edge web browser.
Issue 16
(SEG-101636)
After applying Apex One Critical Patch 9167, when users generate a setup package while "ForceRefresh=1" in "ofcscan.ini" and use it to install an agent, the Apex One NT Listener service may remain busy and the newly-installed agent cannot be moved to another server using the IpXfer tool.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue 17
(SEG-101468)
The "Current Version" information for the Common Firewall Driver on the Agent Updates widget is not accurate.
Solution
This Critical Patch ensures that the correct "Current Version" information displays for the Common Firewall Driver on the Agent Updates widget.
Enhancements
The following enhancements are included in this Critical Patch:
Enhancement 1
(VRTS-5200)
This Critical Patch updates the file privileges for the database log file in the server installation folder for enhanced security.
Enhancement 2
(SEG-96928)
This Critical Patch helps prevent false Trend Micro process alerts during Yara investigations.
Enhancement 3
(VRTS-5424)
This Critical Patch fixes the Improper Access Control Privilege Escalation security issue.
Enhancement 4
(SEG-96695)
This Critical Patch ensures that when an administrator grants users privileges to configure Manual Scan settings, Real-time Scan settings, Scheduled Scan settings and Mail Scan through the Security Agent console, these settings will not be overwritten by changes made through the Apex One console or Apex Central console.
Files Included in This Release
A. Files for Current Issue(s)
-------------------------------------------------------------------
Filename Build Number
------------------------------ ------------
Apex One\PCCSRV\Admin\Utility\EdgeServer\*.*
Apex One\PCCSRV\Admin\Utility\SQL\*.*
Apex One\PCCSRV\Pccnt\Disk1\*.*
Apex One\PCCSRV
-------------------------------------------------------------------
autopcc.exe 14.0.0.9204
autopcc.msg *
autopccp.exe 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
cgishare.dll 14.0.0.9204
cpprest141_2_10.dll *
datfhs.dll 14.0.0.9179
dzip32.dll 3.0.0.15
flowcontrol.dll 14.0.0.9204
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
libnetctrl.dll 14.0.0.9179
loadhttp.dll 14.0.0.9179
microsoft.web.administration.dll 10.0.14393.0
ofcpfwcommon.dll 14.0.0.9179
ofcshare.dll 14.0.0.9204
ofcsvcconfig.exe 14.0.0.9204
ofcupd.exe 14.0.0.9204
ofc_loadhttp.dll 14.0.0.9179
osf_iproduct.xml *
pccwfwmo.dll 14.0.0.9179
readme.htm *
setcgitimeout.exe 14.0.0.9204
sqlite3.dll *
ssleay32.dll 1.0.2.21
svcmgr.dll 14.0.0.9204
svrsetupscloudtool.exe 14.0.0.9204
svrsvcsetup.exe 14.0.0.9204
svrsvcsetup_64x.exe 14.0.0.9204
svrunirc.dll 14.0.0.9204
timestring.dll 14.0.0.9179
timestring_64x.dll 14.0.0.9179
tmcfwapi.dll 5.83.0.1070
tmicfgapi.dll 1.11.0.1012
tmnotify.dll 1.5.0.1061
Apex One\PCCSRV\
-------------------------------------------------------------------
ofcpipc.dll 14.0.0.9179
zlibwapi.dll 1.2.11.1002
vsapi32.dll 12.500.0.1004
endpointbasecamp.exe 1.0.0.1129
agentsdk.dll 6.2.0.1480
Apex One\PCCSRV\Admin
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
vsapi64.dll 12.500.0.1004
Apex One\PCCSRV\Admin\
-------------------------------------------------------------------
tmxfalcon.cfg *
tsc.exe 7.5.0.1154
tsc64.exe 7.5.0.1154
Apex One\PCCSRV\Admin\Utility\ClientPackager
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
Apex One\PCCSRV\Admin\Utility\EdgeServer
-------------------------------------------------------------------
0x0409.ini *
data1.cab *
data1.hdr *
data2.cab *
issetup.dll 22.0.0.330
layout.bin *
setup.exe 14.0.9204.0
setup.ini *
setup.inx *
Apex One\PCCSRV\Admin\Utility\EdgeServer\issetupprerequisites
-------------------------------------------------------------------
microsoft .net framework 4.6.1 full.prq *
microsoft visual cplusplus 2017 update 3 redistributable package (x64).prq *
microsoft visual cplusplus 2017 update 3 redistributable package (x86).prq *
Apex One\PCCSRV\Admin\Utility\EdgeServer\issetupprerequisites\{08d3160a-c6c5-4c8a-8920-d30b1a28bb23}
-------------------------------------------------------------------
vc_redist.x86.exe 14.13.26020.0
Apex One\PCCSRV\Admin\Utility\EdgeServer\issetupprerequisites\{40beac6a-420f-4f8f-930d-6506d05bdd3c}
-------------------------------------------------------------------
vc_redist.x64.exe 14.13.26020.0
Apex One\PCCSRV\Admin\Utility\EdgeServer\issetupprerequisites\{506a420f-1f74-4371-9e84-eff365724daa}
-------------------------------------------------------------------
ndp461-kb3102436-x86-x64-allos-enu.exe 4.6.1055.0
Apex One\PCCSRV\Admin\Utility\PLM\
-------------------------------------------------------------------
plmsetup.exe 2.5.5062.0
Apex One\PCCSRV\Admin\Utility\SQL
-------------------------------------------------------------------
dotnetfx461.exe 4.6.1055.0
installcfgfile.ini *
libeay32.dll 1.0.2.21
libsqldatabaseupgrade.dll 14.0.0.9204
ofcsqlsetup.ini *
oscedbt.exe 14.0.0.9204
setschemaver.bat *
setupsqlexpress.bat *
sqlschemaver.ini *
sqlschemaver.ini.new *
sqltxfr.chm *
sqltxfr.exe 14.0.0.9204
ssleay32.dll 1.0.2.21
timestring.dll 14.0.0.9179
tmnotify.dll 1.5.0.1061
uninstallcfgfile.ini *
upgradesqlschema.bat *
zlib.dll 1.31.0.1708
Apex One\PCCSRV\Admin\Utility\SQL\upgrade
-------------------------------------------------------------------
libmssqldb.dacpac *
libmssqldb.dll 13.0.0.0
libmssqldbazure.dacpac *
libmssqldbazure.dll 13.0.0.0
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\10.91.1619
-------------------------------------------------------------------
10.91.1619-superlab-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
preupdate.sql *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\10.92.1038
-------------------------------------------------------------------
10.92.1038-ib-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\10.93.1026
-------------------------------------------------------------------
10.93.1026-eb-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
preupdate.sql *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.0.1028
-------------------------------------------------------------------
11.0.1028-gm-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
preupdate.sql *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.0.2799
-------------------------------------------------------------------
11.0.2799-ib-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.0.2849
-------------------------------------------------------------------
11.0.2849-eb-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.0.2995
-------------------------------------------------------------------
11.0.2995-gm-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.0.4150
-------------------------------------------------------------------
11.0.4150-gm-libmssqldb.dacpac *
master.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.95.1084
-------------------------------------------------------------------
11.95.1084-superlab-libmssqldb.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.96.1004
-------------------------------------------------------------------
11.96.1004-ib-libmssqldb.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\11.97.1033
-------------------------------------------------------------------
11.97.1033-eb-libmssqldb.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\12.0.1222
-------------------------------------------------------------------
12.0.1222-gm-libmssqldb.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\SQL\upgrade\12.0.1406
-------------------------------------------------------------------
12.0.1406-gm-libmssqldb.dacpac *
placeholder.txt *
Apex One\PCCSRV\Admin\Utility\VSEncrypt
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Client\x64\
-------------------------------------------------------------------
osfext_iacclient_x64.dll 3.0.0.3050
osfext_iatasclient_x64.dll 1.7.0.1045
osfext_iesclient_x64.dll 3.5.0.1194
osfext_ivpclient_x64.dll 3.0.0.2724
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Client\x86\
-------------------------------------------------------------------
osfext_iacclient.dll 3.0.0.3050
osfext_iatasclient.dll 1.7.0.1045
osfext_iesclient.dll 3.5.0.1194
osfext_ivpclient.dll 3.0.0.2724
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iAC\
-------------------------------------------------------------------
osfext_iaccmagent.dll 3.0.0.3050
osfext_iacmasterservice.dll 3.0.0.3050
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iAC\x64\
-------------------------------------------------------------------
osfext_iaccmagent.dll 3.0.0.3050
osfext_iacmasterservice.dll 3.0.0.3050
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iATAS\
-------------------------------------------------------------------
osfext_iatascmagent.dll 1.7.0.1045
osfext_iatasmasterservice.dll 1.7.0.1045
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iATAS\x64\
-------------------------------------------------------------------
osfext_iatascmagent.dll 1.7.0.1044
osfext_iatasmasterservice.dll 1.7.0.1044
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iES\
-------------------------------------------------------------------
osfext_iescmagent.dll 3.0.0.1611
osfext_iesmasterservice.dll 3.0.0.1611
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iES\x64\
-------------------------------------------------------------------
osfext_iescmagent.dll 3.0.0.1611
osfext_iesmasterservice.dll 3.0.0.1611
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iVP\
-------------------------------------------------------------------
osfext_ivpcmagent.dll 3.0.0.2724
osfext_ivpmasterservice.dll 3.0.0.2724
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iVP\x64\
-------------------------------------------------------------------
osfext_ivpcmagent.dll 3.0.0.2724
osfext_ivpmasterservice.dll 3.0.0.2724
Apex One\PCCSRV\CmAgent
-------------------------------------------------------------------
productui.zip *
Apex One\PCCSRV\Download\Engine
-------------------------------------------------------------------
bmservice_x32.sig *
bmservice_x32.zip *
bmservice_x64.sig *
bmservice_x64.zip *
bmdriver_x32.sig *
bmdriver_x32.zip *
bmdriver_x64.sig *
bmdriver_x64.zip *
tmumhv2.zip *
engv_amd64_ntkd.sig *
engv_amd64_ntkd.zip *
eng_ntkd.sig *
eng_ntkd.zip *
Apex One\PCCSRV\Download\Engine\
-------------------------------------------------------------------
falcon32.sig *
falcon32.zip *
falcon64.sig *
falcon64.zip *
xhldr_x64.sig *
xhldr_x64.zip *
xhldr_x86.sig *
xhldr_x86.zip *
atse32.sig *
atse32.zip *
atse64.sig *
atse64.zip *
tsc.sig *
tsc.zip *
tsc64.sig *
tsc64.zip *
tmebc32.sig *
tmebc32.zip *
tmebc64.sig *
tmebc64.zip *
Apex One\PCCSRV\Download\Pattern\
-------------------------------------------------------------------
falconcfg.zip *
tmgd.sig *
tmgd.zip *
tmgd64.sig *
tmgd64.zip *
tmbmlop.sig *
tmbmlop.zip *
tmbmlop64.sig *
tmbmlop64.zip *
trendxv.sig *
trendxv.zip *
Apex One\PCCSRV\Download\Product\
-------------------------------------------------------------------
dlplite.sig *
dlplite.zip 6.2.1485
dlplite_3rdparty.sig *
dlplite_3rdparty.zip *
dlplite_3rdparty_x64.sig *
dlplite_3rdparty_x64.zip *
dlplite_common.sig *
dlplite_common.zip 6.2.1485
dlplite_common_x64.sig *
dlplite_common_x64.zip 6.2.1485
dlplite_x64.sig *
dlplite_x64.zip 6.2.1485
libdlppatchagent.sig *
libdlppatchagent.zip *
libdlppatchagent_64x.sig *
libdlppatchagent_64x.zip *
Apex One\PCCSRV\Download\engine\ssapi32_v6\
-------------------------------------------------------------------
ssapi32.sig *
ssapi32.zip *
Apex One\PCCSRV\Download\engine\ssapi64_v6\
-------------------------------------------------------------------
ssapi64.sig *
ssapi64.zip *
Apex One\PCCSRV\Engine
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
tmamsiprovider.dll 8.53.0.1073
tmsysevt.dll 8.53.0.1073
Apex One\PCCSRV\Engine\
-------------------------------------------------------------------
saegiscounters.man *
tmaegissysevt.dll 2.98.0.1598
tmbmcli.dll 2.98.0.1598
tmbmsrv.exe 2.98.0.1598
tmcomeng.dll 2.98.0.1598
tmengdrv.dll 2.98.0.1598
tmpem.dll 2.98.0.1598
tmwlutil.dll 2.98.0.1598
tmxfalcon.dll 1.7.0.1028
tmcfwapi.dll 5.83.0.1070
tmhash.dll 5.83.0.1070
tmpfw.exe 5.83.0.1070
tmpfwapi.dll 5.83.0.1070
tmpfwrul.dll 5.83.0.1070
atse32.dll 12.500.0.1004
ssapi32.dll 6.2.1.4035
Apex One\PCCSRV\Engine\CCSF\TrxHandler\
-------------------------------------------------------------------
trxhandler.dll 1.100.0.1073
Apex One\PCCSRV\Engine\X64\
-------------------------------------------------------------------
saegiscounters.man *
tmaegissysevt.dll 2.98.0.1598
tmbmcli.dll 2.98.0.1598
tmbmsrv.exe 2.98.0.1598
tmcomeng.dll 2.98.0.1598
tmengdrv.dll 2.98.0.1598
tmpem.dll 2.98.0.1598
tmwlutil.dll 2.98.0.1598
tmxfalcon.dll 1.7.0.1028
tmcfwapi.dll 5.83.0.1070
tmhash.dll 5.83.0.1070
tmpfw.exe 5.83.0.1070
tmpfwapi.dll 5.83.0.1070
tmpfwrul.dll 5.83.0.1070
atse64.dll 12.500.0.1004
tsc64.exe 7.5.0.1154
ssapi64.dll 6.2.1.4035
Apex One\PCCSRV\Engine\X64\CCSF\TrxHandler\
-------------------------------------------------------------------
trxhandler.dll 1.100.0.1073
Apex One\PCCSRV\Engine\x64
-------------------------------------------------------------------
vsapi64.dll 12.500.0.1004
tmamsiprovider64.dll 8.53.0.1073
tmsysevt.dll 8.53.0.1073
Apex One\PCCSRV\LWCS
-------------------------------------------------------------------
aucfg.ini *
au_wrs.exe 3.1.0.2044
build.exe 2.86.0.4002
bwlistmgmt.exe 3.1.0.2044
bwlistsearch.exe 3.1.0.2044
cccaupdate.exe 3.1.0.2044
cert5.db *
ciuas32.dll 1.0.0.2075
ciussi32.dll 2.0.0.2074
icrcauapi.dll 2.5.0.1115
libbwlistfilter.dll 3.1.0.2044
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
liblwtpciu32.dll 1.0.0.1005
lwcsctrl.exe 3.1.0.2044
lwcsservice.exe 3.1.0.2044
migratebwlist.exe 3.1.0.2044
patch.exe 2.86.0.4002
patchbld.dll 12.21.0.0
patchw32.dll 12.22.0.0
pcre.dll *
perflwcsperfmonmgr.dll 3.1.0.2044
perflwcsperfmonmgr.ini *
placeholder.txt *
ssleay32.dll 1.0.2.21
sym_perflwcsperfmonmgr.h *
tmufeng.dll 5.0.0.1001
tmupdate.dll 2.86.0.4002
x500.db *
zlib1.dll 1.2.4.0
Apex One\PCCSRV\PccNT\Drv
-------------------------------------------------------------------
tmel.cat *
tmel.inf *
tmel.sys 1.6.0.1005
tmcomm.cat *
tmcomm.inf *
tmcomm.sys 8.20.0.1040
Apex One\PCCSRV\PccNT\Drv\
-------------------------------------------------------------------
tmebc.cat *
tmebc.inf *
tmebc32.sys 1.5.0.1045
Apex One\PCCSRV\PccNT\Drv\x64
-------------------------------------------------------------------
tmel.cat *
tmel.inf *
tmel.sys 1.6.0.1005
tmcomm.cat *
tmcomm.inf *
tmcomm.sys 8.20.0.1040
Apex One\PCCSRV\PccNT\Drv\x64\
-------------------------------------------------------------------
tmebc.cat *
tmebc.inf *
tmebc64.sys 1.5.0.1045
Apex One\PCCSRV\Pccnt\
-------------------------------------------------------------------
aoshtml.zip *
aoshtml.zip.cat *
Apex One\PCCSRV\Pccnt\Common
-------------------------------------------------------------------
osfext_iacclient.dll 3.0.0.3050
osfext_iatasclient.dll 1.7.0.1045
osfext_iesclient.dll 3.5.0.1194
osfext_ivpclient.dll 3.0.0.2724
crc0filter.dll 2.83.0.1026
icrchdler.dll 2.83.0.1026
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
ssleay32.dll 1.0.2.21
salperfcounters.man *
tmopcfg.dll 5.1.0.1073
tmopcfscan.dll 5.1.0.1073
tmopctl.dll 5.1.0.1073
tmopdbg.dll 5.1.0.1073
tmoppecertpin.dll 5.1.0.1062
tmoppeevts.dll 5.1.0.1073
tmoppehosf.dll 5.1.0.1073
tmoppepdp.dll 5.1.0.1062
tmoppesal.dll 5.1.0.1073
tmoppessf.dll 5.1.0.1062
tmoppeurlf.dll 5.1.0.1073
tmoppevs.dll 5.1.0.1073
tmopphdns.dll 5.1.0.1062
tmopphhttp.dll 5.1.0.1073
tmopphhttp2.dll 5.1.0.1073
tmopphpop3.dll 5.1.0.1073
tmopphsmtp.dll 5.1.0.1073
tmopphsocks.dll 5.1.0.1073
tmopphsvrhello.dll 5.1.0.1062
tmopplgadp.dll 5.1.0.1073
tmopsent.dll 5.1.0.1073
tmopsmhttp.dll 5.1.0.1073
tmopsmmail.dll 5.1.0.1073
tmopsmproxy.dll 5.1.0.1073
tmopsmsvrhello.dll 5.1.0.1062
tmosprey.reg *
urlfperfcounters.man *
Apex One\PCCSRV\Pccnt\Common\
-------------------------------------------------------------------
tmcfwapi.dll 5.83.0.1070
tmfphcex.exe 5.83.0.1070
tmhash.dll 5.83.0.1070
tmpfw.exe 5.83.0.1070
tmpfwapi.dll 5.83.0.1070
tmpfwctl.dll 5.83.0.1070
tmpfwctl_xp.dll 5.83.0.1070
tmpfwrul.dll 5.83.0.1070
tmwfpapi.dll 5.83.0.1070
tmeectv.dll 3.5.0.1017
tmeesent.dll 3.5.0.1017
Apex One\PCCSRV\Pccnt\Disk1
-------------------------------------------------------------------
0x0409.ini *
data1.cab *
data1.hdr *
data2.cab *
install.exe 6.70.0.0
issetup.dll 22.0.0.330
layout.bin *
setup.ini *
setup.inx *
setup.iss *
Apex One\PCCSRV\Pccnt\Drv
-------------------------------------------------------------------
tmactmon.cat *
tmactmon.inf *
tmactmon.sys 2.98.0.1598
tmevtmgr.cat *
tmevtmgr.inf *
tmevtmgr.sys 2.98.0.1598
tmetw.man *
tmfilter.cat *
tmfilter.sys 12.500.0.1004
tmpcw.man *
tmpreflt.inf *
tmpreflt.sys 12.500.0.1004
tmxpflt.inf *
tmxpflt.sys 12.500.0.1004
vsapint.inf *
vsapint.sys 12.500.0.1004
tmusa.cat *
tmusa.inf *
tmusa.sys 5.1.0.1010
Apex One\PCCSRV\Pccnt\Drv\
-------------------------------------------------------------------
tmnciesc.cat *
tmnciesc.inf *
tmnciesc.sys 3.0.0.1074
tmlwf.cat *
tmlwf.inf *
tmlwf.sys 5.83.0.1066
tmwfp.cat *
tmwfp.inf *
tmwfp.sys 5.83.0.1066
tmlwfins.exe 5.83.0.1066
tmwfpins.exe 5.83.0.1066
tmeevw.cat *
tmeevw.inf *
tmeevw.sys 3.5.0.1017
Apex One\PCCSRV\Pccnt\Drv\X64
-------------------------------------------------------------------
tmactmon.cat *
tmactmon.inf *
tmactmon.sys 2.98.0.1598
tmevtmgr.cat *
tmevtmgr.inf *
tmevtmgr.sys 2.98.0.1598
tmetw.man *
tmfilter.cat *
tmpcw.man *
tmpreflt.inf *
tmpreflt.sys 12.500.0.1004
tmxpflt.inf *
tmxpflt.sys 12.500.0.1004
vsapint.inf *
vsapint.sys 12.500.0.1004
tmusa.cat *
tmusa.inf *
tmusa.sys 5.1.0.1010
Apex One\PCCSRV\Pccnt\Drv\X64\
-------------------------------------------------------------------
tmnciesc.cat *
tmnciesc.inf *
tmnciesc.sys 3.0.0.1074
tmlwf.cat *
tmlwf.inf *
tmlwf.sys 5.83.0.1066
tmwfp.cat *
tmwfp.inf *
tmwfp.sys 5.83.0.1066
tmlwfins.exe 5.83.0.1066
tmwfpins.exe 5.83.0.1066
tmeevw.cat *
tmeevw.inf *
tmeevw.sys 3.5.0.1017
Apex One\PCCSRV\Pccnt\Win64\X64
-------------------------------------------------------------------
osfext_iacclient_x64.dll 3.0.0.3050
osfext_iatasclient_x64.dll 1.7.0.1045
osfext_iesclient_x64.dll 3.5.0.1194
osfext_ivpclient_x64.dll 3.0.0.2724
crc0filter.dll 2.83.0.1026
icrchdler.dll 2.83.0.1026
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
ssleay32.dll 1.0.2.21
salperfcounters.man *
tmopcfg.dll 5.1.0.1073
tmopcfscan.dll 5.1.0.1073
tmopctl.dll 5.1.0.1073
tmopdbg.dll 5.1.0.1073
tmoppecertpin.dll 5.1.0.1062
tmoppeevts.dll 5.1.0.1073
tmoppehosf.dll 5.1.0.1073
tmoppepdp.dll 5.1.0.1062
tmoppesal.dll 5.1.0.1073
tmoppessf.dll 5.1.0.1062
tmoppeurlf.dll 5.1.0.1073
tmoppevs.dll 5.1.0.1073
tmopphdns.dll 5.1.0.1062
tmopphhttp.dll 5.1.0.1073
tmopphhttp2.dll 5.1.0.1073
tmopphpop3.dll 5.1.0.1073
tmopphsmtp.dll 5.1.0.1073
tmopphsocks.dll 5.1.0.1073
tmopphsvrhello.dll 5.1.0.1062
tmopplgadp.dll 5.1.0.1073
tmopsent.dll 5.1.0.1073
tmopsmhttp.dll 5.1.0.1073
tmopsmmail.dll 5.1.0.1073
tmopsmproxy.dll 5.1.0.1073
tmopsmsvrhello.dll 5.1.0.1062
urlfperfcounters.man *
Apex One\PCCSRV\Pccnt\Win64\X64\
-------------------------------------------------------------------
tmcfwapi.dll 5.83.0.1070
tmfphcex.exe 5.83.0.1070
tmhash.dll 5.83.0.1070
tmpfw.exe 5.83.0.1070
tmpfwapi.dll 5.83.0.1070
tmpfwctl.dll 5.83.0.1070
tmpfwctl_xp.dll 5.83.0.1070
tmpfwrul.dll 5.83.0.1070
tmwfpapi.dll 5.83.0.1070
tmeectv.dll 3.5.0.1017
tmeesent.dll 3.5.0.1017
Apex One\PCCSRV\Private\AuthorStore
-------------------------------------------------------------------
rbauserprofile.ini *
trendauth.xml *
trendauthdef.xml *
trendclnpermissiondef.payload *
Apex One\PCCSRV\SRS
-------------------------------------------------------------------
libapricotlog.dll 3.1.0.2044
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
makecert.exe 10.0.17134.12
placeholder.txt *
relayrulehandler.dll 3.1.0.2044
relayruleperfcounter.dll 3.1.0.2044
relayserviceperfcounter.dll 3.1.0.2044
srscli.exe 3.1.0.2044
srservice.exe 3.1.0.2044
ssleay32.dll 1.0.2.21
zlib1.dll 1.2.4.0
Apex One\PCCSRV\WSS
-------------------------------------------------------------------
aucfg.ini *
au_frs.exe 3.1.0.2044
bsdiff.exe *
build.exe 2.86.0.4002
cert5.db *
ciuas32.dll 1.0.0.2075
ciussi32.dll 2.0.0.2074
cpuctrl.exe 3.1.0.2044
genbfdiff.exe 3.1.0.2044
gencrcdiff.exe 3.1.0.2044
icrcauapi.dll 2.5.0.1115
icrcservice.exe 3.1.0.2044
liblwtpciu32.dll 1.0.0.1005
makebf.exe 3.1.0.2044
makecert.exe 10.0.17134.12
patch.exe 2.86.0.4002
patchbld.dll 12.21.0.0
patchw32.dll 12.22.0.0
perfwssperfmonmgr.dll 3.1.0.2044
perfwssperfmonmgr.ini *
placeholder.txt *
spsc.dll 2.7.0.1098
spscserverapi.dll 2.7.0.1098
sym_perfwssperfmonmgr.h *
tmupdate.dll 2.86.0.4002
unzip.exe *
vsapi32.dll 9.800.0.1009
x500.db *
Apex One\PCCSRV\WSS\spsc\bin
-------------------------------------------------------------------
activeindex.exe 2.7.0.1098
attributetool.exe 2.7.0.1098
bfgen.exe 2.7.0.1098
bsdiffgen.exe 2.7.0.1098
cpuctrl.exe 2.7.0.1098
crcdiffgen.exe 2.7.0.1098
crczdiffgen.exe 2.7.0.1098
crczdiffgenfromcrcz.exe 2.7.0.1098
crczgen.exe 2.7.0.1098
crczmerge.exe 2.7.0.1098
dbintegrity.exe 2.7.0.1098
fullmarkhelper.exe 2.7.0.1098
icrcauapi.dll 2.7.0.1098
importmanager.exe 2.7.0.1098
loglevelsetter.exe 2.7.0.1098
ptncheck.exe 2.7.0.1098
ptnclean.exe 2.7.0.1098
rwconfig.py *
spsc.dll 2.7.0.1098
spscserverapi.dll 2.7.0.1098
switchdb.exe 2.7.0.1098
tbldiffgen.exe 2.7.0.1098
tblmodifier.exe 2.7.0.1098
updatepattern.exe 2.7.0.1098
Apex One\PCCSRV\WSS\spsc\lib
-------------------------------------------------------------------
placeholder.txt *
Apex One\PCCSRV\Web\Service
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
vsapi64.dll 12.500.0.1004
Apex One\PCCSRV\Web_OSCE\Web\CGI
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
Apex One\PCCSRV\Web_OSCE\Web_Console\CGI
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
Apex One\PCCSRV\Web_OSCE\Web_Console\RemoteInstallCGI
-------------------------------------------------------------------
vsapi32.dll 12.500.0.1004
vsapi64.dll 12.500.0.1004
Apex One\PCCSRV\Web_OSCE\osf\bin
-------------------------------------------------------------------
cgiresutf8.dll 14.0.0.9204
liblogclient4net.dll 14.0.0.9204
libosfcmdhdlradapter64.dll 14.0.0.9204
libosfdata.dll 14.0.0.9204
libosfutilhelper.dll 14.0.0.9204
libosfverifylogincookie64.dll 14.0.0.9204
libosfwebconfighelper.dll 14.0.0.9204
libosfwebsvchandler.dll 14.0.0.9204
libutilcommon.dll 14.0.0.9204
microsoft.practices.enterpriselibrary.transientfaulthandling.dll6.0.1304.0
microsoft.web.administration.dll 6.1.7601.17514
newtonsoft.json.dll 10.0.2.20802
osfwebservices.dll 14.0.0.9204
osf_datalayer.dll 14.0.0.9204
system.net.http.formatting.dll 5.2.30128.0
system.web.http.dll 5.2.30128.0
system.web.http.webhost.dll 5.2.30128.0
timestring_64x.dll 14.0.0.9179
Apex One\PCCSRV\admin
-------------------------------------------------------------------
build.exe 2.86.0.4002
build64.exe 2.86.0.4002
cert5.db *
clientrollback.exe 14.0.0.9204
infocollector.exe 14.0.0.9179
installdownloader.exe 14.0.0.9204
instntres.dll 14.0.0.9204
instreg.exe 14.0.0.9179
loadhttp.dll 14.0.0.9179
ofc_loadhttp.dll 14.0.0.9179
oscetsclog.dll 14.0.0.9179
patch.exe 2.86.0.4002
patch64.exe 2.86.0.4002
patchw32.dll 12.22.0.0
rollbackagent.dll 14.0.0.9204
rollbackagent_64x.dll 14.0.0.9204
setupman.dll 14.0.0.9204
setupusr.dll 14.0.0.9204
setupusr.exe 14.0.0.9204
svcmgr.dll 14.0.0.9204
svcrunap.exe 14.0.0.9204
timestring.dll 14.0.0.9179
tmbmlop.ptn *
tmbmlop64.ptn *
tmdbg20.dll 14.0.0.9179
tmgd.ptn *
tmgd64.ptn *
tmuninst.dll 14.0.0.9179
tmuninst.exe 14.0.0.9179
tmupdate.dll 2.86.0.4002
tmupdate64.dll 2.86.0.4002
wizard.exe 14.0.0.9179
wizard_64x.exe 14.0.0.9179
Apex One\PCCSRV\admin\utility\certificatemanager
-------------------------------------------------------------------
certificatemanager.exe 14.0.0.9204
timestring.dll 14.0.0.9179
Apex One\PCCSRV\admin\utility\clientpackager
-------------------------------------------------------------------
clientmsisetup_msi *
clnextor.exe 14.0.0.9204
clnpack.exe 14.0.0.9204
clnpack.ini *
flowcontrol.dll 14.0.0.9204
ofcpfwcommon.dll 14.0.0.9179
suctool.exe 14.0.0.9204
timestring.dll 14.0.0.9179
tmcfwapi.dll 5.83.0.1070
Apex One\PCCSRV\admin\utility\domainscheduledupdate
-------------------------------------------------------------------
dsu_convert.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\enableprogramupgrade
-------------------------------------------------------------------
enableprogramupgrade.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\gatewaysettingsimporter
-------------------------------------------------------------------
gsimporter.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\imgsetup
-------------------------------------------------------------------
imgsetup.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\ipxfer
-------------------------------------------------------------------
ipxfer.exe 14.0.0.9179
ipxfer_x64.exe 14.0.0.9179
Apex One\PCCSRV\admin\utility\ispsinstaller
-------------------------------------------------------------------
ispsinstaller.exe *
Apex One\PCCSRV\admin\utility\listdeviceinfo
-------------------------------------------------------------------
listdeviceinfo.exe 6.2.0.1480
Apex One\PCCSRV\admin\utility\messagequeue
-------------------------------------------------------------------
liboscemsmq.dll 14.0.0.9204
mqtool.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\osceresetpw
-------------------------------------------------------------------
osceresetpw.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\policyexporttool
-------------------------------------------------------------------
apexonesettingsexporttool.exe 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
servermigrationtool.ex_ 14.0.0.9204
timestring.dll 14.0.0.9179
Apex One\PCCSRV\admin\utility\saasstoragemgr
-------------------------------------------------------------------
edcryp.net4.dll 14.0.0.9204
liblogclient4net.dll 14.0.0.9204
microsoft.windowsazure.storage.dll 4.3.0.0
newtonsoft.json.dll 10.0.3.21018
newtonsoft.json.xml *
ofcasmgr.exe 14.0.0.9204
ofcasmgr.exe.config *
Apex One\PCCSRV\admin\utility\servermigrationtool
-------------------------------------------------------------------
cgiocommon.dll 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
ofcpfwcommon.dll 14.0.0.9179
servermigrationtool.exe 14.0.0.9204
srec.ex_ 14.0.0.9204
timestring.dll 14.0.0.9179
Apex One\PCCSRV\admin\utility\spnsxfr
-------------------------------------------------------------------
spnsxfr.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\svrtune
-------------------------------------------------------------------
svrtune.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\systemhealthvalidator
-------------------------------------------------------------------
officescannapshv_x64.exe 4.1.100.1332
officescannapshv_x86.exe 4.1.100.1332
Apex One\PCCSRV\admin\utility\tcachegen
-------------------------------------------------------------------
tcachegen.exe 14.0.0.9204
tcachegencli.exe 14.0.0.9204
tcachegencli_x64.exe 14.0.0.9204
tcachegen_x64.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\tmvs
-------------------------------------------------------------------
datfhs.dll 14.0.0.9179
libeay32.dll 1.0.2.21
loadhttp.dll 14.0.0.9179
ssleay32.dll 1.0.2.21
tmdbg20.dll 14.0.0.9179
tmnotify.dll 1.5.0.1061
tmvs.exe 14.0.0.9204
Apex One\PCCSRV\admin\utility\touch
-------------------------------------------------------------------
tmtouch.exe 14.0.0.9179
Apex One\PCCSRV\admin\utility\vsencrypt
-------------------------------------------------------------------
vsencode.exe 14.0.0.9204
Apex One\PCCSRV\ccsf\module\atse
-------------------------------------------------------------------
trendxl.115 *
trendxv.123 *
Apex One\PCCSRV\cmagent
-------------------------------------------------------------------
cgiresutf8.dll 14.0.0.9204
datfhs.dll 14.0.0.9179
en_i18n.dll 5.0.0.2363
en_utility.dll 5.0.0.2363
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.20
libosfextensionloader.dll 14.0.0.9204
libperfosceperfmonmgr.dll 14.0.0.9204
libperfosceperfmonmgr_x64.dll 14.0.0.9204
ofccmagent.exe 14.0.0.9204
osfagent.dll 14.0.0.9179
productlibrary.dll 14.0.0.9204
ssleay32.dll 1.0.2.20
timestring.dll 14.0.0.9179
tmufeng.dll 5.0.0.1014
trendaprwrapperdll.dll 5.0.0.2363
Apex One\PCCSRV\download
-------------------------------------------------------------------
clnpack_files.xml *
Apex One\PCCSRV\osf_extension\iac
-------------------------------------------------------------------
osfext_iaccmagent.dll 3.0.0.3050
osfext_iacmasterservice.dll 3.0.0.3050
Apex One\PCCSRV\osf_extension\iac\x64
-------------------------------------------------------------------
osfext_iaccmagent.dll 3.0.0.3050
osfext_iacmasterservice.dll 3.0.0.3050
Apex One\PCCSRV\osf_extension\iatas
-------------------------------------------------------------------
osfext_iatascmagent.dll 1.7.0.1045
osfext_iatasmasterservice.dll 1.7.0.1045
Apex One\PCCSRV\osf_extension\iatas\x64
-------------------------------------------------------------------
osfext_iatascmagent.dll 1.7.0.1044
osfext_iatasmasterservice.dll 1.7.0.1044
Apex One\PCCSRV\osf_extension\ies
-------------------------------------------------------------------
osfext_iescmagent.dll 3.0.0.1611
osfext_iesmasterservice.dll 3.0.0.1611
Apex One\PCCSRV\osf_extension\ies\x64
-------------------------------------------------------------------
osfext_iescmagent.dll 3.0.0.1611
osfext_iesmasterservice.dll 3.0.0.1611
Apex One\PCCSRV\osf_extension\ivp
-------------------------------------------------------------------
osfext_ivpcmagent.dll 3.0.0.2724
osfext_ivpmasterservice.dll 3.0.0.2724
Apex One\PCCSRV\osf_extension\ivp\x64
-------------------------------------------------------------------
osfext_ivpcmagent.dll 3.0.0.2724
osfext_ivpmasterservice.dll 3.0.0.2724
Apex One\PCCSRV\pccnt
-------------------------------------------------------------------
clientconsole.zip *
clientconsole.zip.cat *
clienthelp.zip *
clienthelp.zip.cat *
libcntprodres.dll 14.0.0.9179
ntmonres.dll 14.0.0.9204
ntrmvrc.dll 14.0.0.9204
ntrtscan.exe 14.0.0.9179
ntrtscanperfcounters.man *
ntsvcres.dll 14.0.0.9204
pccntres.dll 14.0.0.9204
readme.txt *
svcmgr.dll 14.0.0.9204
tmnotify.dll 1.5.0.1061
Apex One\PCCSRV\pccnt\common
-------------------------------------------------------------------
7z.dll 18.5.0.0
7z.exe 18.5.0.0
apricotcbrulehandler.dll 2.0.0.1049
apricotmanagermodule.dll 2.0.0.1049
ccsf_ptn.zip *
ccsf_ptn.zip.cat *
ccsf_win32.zip *
ccsf_win32.zip.cat *
comprmv.exe 14.0.0.9179
datfhs.dll 14.0.0.9179
dcexif32.dll 14.0.0.9179
dwiotrapnt.dll 14.0.0.9179
fcwofieui.dll 14.0.0.9179
filebrowsingrulehandler.dll 2.0.0.1049
flowcontrol.dll 14.0.0.9204
lib7zwrapper.dll 14.0.0.9179
libapricotlog.dll 2.0.0.1049
libcnttmpollingmodule.dll 14.0.0.9179
libnetctrl.dll 14.0.0.9179
libosf.dll 14.0.0.9179
libtmcav.dll 14.0.0.9179
libuaprefltr.dll 14.0.0.9179
libwfpnetworkisolation.dll 14.0.0.9179
libzipunzipdll.dll 14.0.0.9179
loadhttp.dll 14.0.0.9179
logserver.exe 14.0.0.9179
ntrmv.exe 14.0.0.9179
ofccccaupdate.exe 14.0.0.9179
ofcpfwcommon.dll 14.0.0.9179
ofcpfwsvc.dll 14.0.0.9179
ofcpfwsvc.exe 14.0.0.9179
ofcpipc.dll 14.0.0.9179
ofcpluginapi.dll 14.0.0.9179
ofcpluginmain.dll 14.0.0.9179
ofcplugintray.dll 14.0.0.9179
ofc_loadhttp.dll 14.0.0.9179
officescantouch.exe 14.0.0.9179
osceprot.dll 14.0.0.9179
osfagent.dll 14.0.0.9179
pccnt.exe 14.0.0.9179
pccntmon.exe 14.0.0.9179
pccntupd.exe 14.0.0.9179
pccwfwmo.dll 14.0.0.9179
pwd.dll 14.0.0.9179
spywareresource.dll 14.0.0.9179
supportconnector.exe 14.0.0.9179
surrogatetmlisten.exe 14.0.0.9179
tmdshell.dll 14.0.0.9179
tmfbeng.dll 2.59.0.1001
tmlisten.exe 14.0.0.9179
tmlistenshare.dll 14.0.0.9179
tmnapshainfo.dll 14.0.0.9179
tmntupgd.exe 14.0.0.9179
tmopp.dll 14.0.0.9179
tmpac.dll 14.0.0.9179
tmsock.dll 14.0.0.9179
tmssclient.exe 14.0.0.9179
tmufeng.dll 5.0.0.1014
tmwatchdog.dll 14.0.0.9179
tmwatchdog.exe 14.0.0.9179
tmwscsvc.exe 14.0.0.9179
ulicense.bin *
updguide.exe 14.0.0.9179
upgrade.exe 14.0.0.9179
urlcateg.dat *
urlgroup.dat *
userver.bin *
utiljsonhandle.dll 14.0.0.9179
utilpfwinstcondchecker.exe 14.0.0.9179
uvid.bin *
wofielauncher.exe 14.0.0.9179
xpupg.exe 14.0.0.9179
Apex One\PCCSRV\pccnt\win64\x64
-------------------------------------------------------------------
7z.dll 18.5.0.0
7z.exe 18.5.0.0
apricotcbrulehandler.dll 2.0.0.1049
apricotmanagermodule.dll 2.0.0.1049
ccsf_x64.zip *
ccsf_x64.zip.cat *
comprmv.exe 14.0.0.9179
datfhs.dll 14.0.0.9179
dcexif64.dll 14.0.0.9179
fcwofieui.dll 14.0.0.9179
filebrowsingrulehandler.dll 2.0.0.1049
flowcontrol_64x.dll 14.0.0.9204
instreg.exe 14.0.0.9179
lib7zwrapper_64x.dll 14.0.0.9179
libapricotlog.dll 2.0.0.1049
libcntprodres_64x.dll 14.0.0.9179
libcnttmpollingmodule_64x.dll 14.0.0.9179
libnetctrl_64x.dll 14.0.0.9179
libosf_64x.dll 14.0.0.9179
libtmcav_64x.dll 14.0.0.9179
libuaprefltr.dll 14.0.0.9179
libwfpnetworkisolation_x64.dll 14.0.0.9179
libzipunzipdll_64x.dll 14.0.0.9179
loadhttp_64x.dll 14.0.0.9179
ntrmv.exe 14.0.0.9179
ntrtscan.exe 14.0.0.9179
ntrtscanperfcounters.man *
ofccccaupdate.exe 14.0.0.9179
ofcpfwcommon_64x.dll 14.0.0.9179
ofcpfwsvc.exe 14.0.0.9179
ofcpfwsvc_64x.dll 14.0.0.9179
ofcpipc_64x.dll 14.0.0.9179
ofcpluginapi_64x.dll 14.0.0.9179
ofcpluginmain_64x.dll 14.0.0.9179
ofcplugintray_64x.dll 14.0.0.9179
ofc_loadhttp_64x.dll 14.0.0.9179
osceprot_64x.dll 14.0.0.9179
oscetsclog_64x.dll 14.0.0.9179
osfagent_64x.dll 14.0.0.9179
pccnt.exe 14.0.0.9179
pccntmon.exe 14.0.0.9179
pccntupd.exe 14.0.0.9179
pccwfwmo_64x.dll 14.0.0.9179
pwd_64x.dll 14.0.0.9179
spywareresource_64x.dll 14.0.0.9179
supportconnector.exe 14.0.0.9179
surrogatetmlisten.exe 14.0.0.9179
timestring_64x.dll 14.0.0.9179
tmdbg20_64x.dll 14.0.0.9179
tmdshell_64x.dll 14.0.0.9179
tmfbeng.dll 2.59.0.1001
tmlisten.exe 14.0.0.9179
tmlistenshare_64x.dll 14.0.0.9179
tmnapshainfo.dll 14.0.0.9179
tmnotify.dll 1.5.0.1061
tmopp_64x.dll 14.0.0.9179
tmpac_64x.dll 14.0.0.9179
tmsock_64x.dll 14.0.0.9179
tmssclient.exe 14.0.0.9179
tmufeng.dll 5.0.0.1014
tmwatchdog.dll 14.0.0.9179
tmwatchdog.exe 14.0.0.9179
tmwscsvc.exe 14.0.0.9179
updguide.exe 14.0.0.9179
upgrade.exe 14.0.0.9179
utiljsonhandle_64x.dll 14.0.0.9179
utilpfwinstcondchecker.exe 14.0.0.9179
wofielauncher.exe 14.0.0.9179
xpupg.exe 14.0.0.9179
zlibwapi.dll 1.2.11.1003
Apex One\PCCSRV\private
-------------------------------------------------------------------
dlpclc.xml *
Apex One\PCCSRV\private\certificate
-------------------------------------------------------------------
certtool.exe 14.0.0.9204
edcryp.net4.dll 14.0.0.9204
libeay32.dll 1.0.2.20
openssl.exe *
ssleay32.dll 1.0.2.20
Apex One\PCCSRV\private\logserver
-------------------------------------------------------------------
7z.dll 18.5.0.0
7z.exe 18.5.0.0
logserver.exe 14.0.0.9179
ofcpipc.dll 14.0.0.9179
tmdbg20.dll 14.0.0.9179
tmdbg20ex.dll 14.0.0.9179
Apex One\PCCSRV\web\service
-------------------------------------------------------------------
7z.dll 18.5.0.0
aosproxy.exe 14.0.0.9204
atse32.dll 12.500.0.1004
atse64.dll 12.500.0.1004
build.exe 2.86.0.4002
build64.exe 2.86.0.4002
cert5.db *
cgiocommon.dll 14.0.0.9204
cgires.dll 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
cgishare.dll 14.0.0.9204
ciuas64.dll 1.0.0.2075
ciussi64.dll 2.0.0.2074
cmdhlclient.dll 14.0.0.9204
cmdhoconsole.dll 14.0.0.9204
cme_dll.dll 6.2.0.1426
cme_vxe_dll_static.dll 6.2.0.1426
cpprest141_2_10.dll *
datfhs.dll 14.0.0.9179
dbserver.exe 14.0.0.9204
edcryp.dll 14.0.0.9204
edcryp.net4.dll 14.0.0.9204
expapply64.dll 9.5.0.0
expbuild64.dll 8.4.2.0
flowcontrol.dll 14.0.0.9204
flowcontrol_64x.dll 14.0.0.9204
icrcauapi.dll 2.5.0.1115
lib7zwrapper.dll 14.0.0.9179
lib7zwrapper_64x.dll 14.0.0.9179
libcmdapiddadll.dll 14.0.0.9204
libcmdhndlrclientv2.dll 14.0.0.9204
libcmdhndlrconsolev2.dll 14.0.0.9204
libcmdhndlrdda.dll 14.0.0.9204
libcmdhndlrsa.dll 14.0.0.9204
libcsocclient.dll 14.0.0.9204
libcurl.dll 7.66.0.0
libcurl_ofc.dll 7.66.0.0
libdlog.dll 14.0.0.9179
libeay32.dll 1.0.2.21
liblogclient4net.dll 14.0.0.9204
libloghandler.dll 14.0.0.9204
liblwtpciu64.dll 1.0.0.1005
liboscemsmq.dll 14.0.0.9204
liboscemsmq64.dll 14.0.0.9204
libosfeventadapter.dll 14.0.0.9204
libosfextensionloader.dll 14.0.0.9204
libosfextensionloader64.dll 14.0.0.9204
libosfsvcclient.dll 14.0.0.9204
libperfodamperfmonmgr.dll 14.0.0.9204
libperfodamperfmonmgr_x64.dll 14.0.0.9204
libperfosceperfmonmgr.dll 14.0.0.9204
libperfosceperfmonmgr_x64.dll 14.0.0.9204
libutilcommon.dll 14.0.0.9204
loadhttp.dll 14.0.0.9179
loadhttp_64x.dll 14.0.0.9179
logaccessor.exe 14.0.0.9204
logagent.dll 14.0.0.9204
logcache.dll 14.0.0.9204
mqtool.exe 14.0.0.9204
ntsvcres.dll 14.0.0.9204
ofccccaupdate.exe 14.0.0.9179
ofcdbbackup.exe 14.0.0.9204
ofcddasvr.exe 14.0.0.9204
ofcdownload.dll 14.0.0.9204
ofchotfix.exe 14.0.0.9204
ofclogreceiversvc.exe 14.0.0.9204
ofcnotify.dll 14.0.0.9204
ofcnotifyqueue.dll 14.0.0.9204
ofcpfwcommon.dll 14.0.0.9179
ofcpfwcommon_64x.dll 14.0.0.9179
ofcpurgelog.dll 14.0.0.9204
ofcservice.exe 14.0.0.9204
ofcshare.dll 14.0.0.9204
ofcupdate.exe 14.0.0.9204
ofc_loadhttp.dll 14.0.0.9179
ofc_loadhttp_64x.dll 14.0.0.9179
osceintegrationservice.exe 14.0.0.9204
osfagent.dll 14.0.0.9179
osfagent_64x.dll 14.0.0.9179
patch.exe 2.86.0.4002
patch64.exe 2.86.0.4002
patchw32.dll 12.22.0.0
patchw64.dll 12.22.0.0
pbld64.dll 12.20.0.0
psmc64.dll 8.4.2.0
pwd.dll 14.0.0.9179
pwd_64x.dll 14.0.0.9179
spywareresource.dll 14.0.0.9179
spywareresource_64x.dll 14.0.0.9179
sqlite3.dll *
ssleay32.dll 1.0.2.21
svcmgr.dll 14.0.0.9204
timestring.dll 14.0.0.9179
timestring_64x.dll 14.0.0.9179
tmnotify.dll 1.5.0.1061
tmprapit.dll 1.2.0.1131
tmprapi_nsmb_mt.dll 1.0.0.1007
tmupdate.dll 2.86.0.4002
tmupdate64.dll 2.86.0.4002
vdiinfo.exe 14.0.0.9204
verconn.exe 14.0.0.9204
zlibwapi.dll 1.2.11.1003
Apex One\PCCSRV\web\service\netfx35
-------------------------------------------------------------------
edcryp.dll 14.0.0.9204
logaccessor.exe 14.0.0.9204
Apex One\PCCSRV\web\service\netfx4
-------------------------------------------------------------------
edcryp.net4.dll 14.0.0.9204
logaccessor.net4.exe 14.0.0.9204
Apex One\PCCSRV\web_console\cgi
-------------------------------------------------------------------
cgiwebupdate.ini *
Apex One\PCCSRV\web_osce\web\cgi
-------------------------------------------------------------------
cgicheckip.exe 14.0.0.9204
cgiexportinfo.exe 14.0.0.9204
cgigetclient.exe 14.0.0.9204
cgiimportinfo.exe 14.0.0.9204
cgilog.exe 14.0.0.9204
cgiocommon.dll 14.0.0.9204
cgionclientcfg.exe 14.0.0.9204
cgionclose.exe 14.0.0.9204
cgionmscfg.exe 14.0.0.9204
cgionpscfg.exe 14.0.0.9204
cgionqueryclientbindport.exe 14.0.0.9204
cgionrtcfg.exe 14.0.0.9204
cgionscan.exe 14.0.0.9204
cgionspeciallog.exe 14.0.0.9204
cgionstart.exe 14.0.0.9204
cgionunst.exe 14.0.0.9204
cgirecvfile.exe 14.0.0.9204
cgires.dll 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
cgirqalertmsg.exe 14.0.0.9204
cgirqhotfix.exe 14.0.0.9204
cgishare.dll 14.0.0.9204
fcgiofcdda.exe 14.0.0.9204
flowcontrol.dll 14.0.0.9204
flowcontrol_64x.dll 14.0.0.9204
isapiclient.dll 14.0.0.9204
isapiclientx64.dll 14.0.0.9204
isapiclientx86.dll 14.0.0.9204
jdknotify.exe 14.0.0.9204
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
loadhttp.dll 14.0.0.9179
ofcpfwcommon.dll 14.0.0.9179
ofcpfwcommon_64x.dll 14.0.0.9179
pwd.dll 14.0.0.9179
ssleay32.dll 1.0.2.21
sso_pkihelper.dll 5.0.0.2363
timestring.dll 14.0.0.9179
timestring_64x.dll 14.0.0.9179
vsapi64.dll 12.500.0.1004
zlibwapi.dll 1.2.11.1003
Apex One\PCCSRV\web_osce\web\clientutility
-------------------------------------------------------------------
ofcescvpack.exe 14.0.0.9204
Apex One\PCCSRV\web_osce\web_console\cgi
-------------------------------------------------------------------
cgiauthmanagement.exe 14.0.0.9204
cgichkmasterpwd.exe 14.0.0.9204
cgicmdnotify.exe 5.0.0.2363
cgiocommon.dll 14.0.0.9204
cgires.dll 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
cgishare.dll 14.0.0.9204
cgishowactivedirectory.exe 14.0.0.9204
cgishowcav.exe 14.0.0.9204
cgishowclientadm.exe 14.0.0.9204
cgishowcompliancereport.exe 14.0.0.9204
cgishowdlp.exe 14.0.0.9204
cgishowlogs.exe 14.0.0.9204
cgishownotify.exe 14.0.0.9204
cgishowopp.exe 14.0.0.9204
cgishowpfw.exe 14.0.0.9204
cgishowserveradm.exe 14.0.0.9204
cgishowsummary.exe 14.0.0.9204
cgishowupdate.exe 14.0.0.9204
cgishowvdi.exe 14.0.0.9204
cgishowwssadmin.exe 14.0.0.9204
cgiturnlog.exe 14.0.0.9204
cgiwebupdate.exe 14.0.0.9204
ddaisapifilter.dll 14.0.0.9204
ddaisapifilter64.dll 14.0.0.9204
fcgiofcdda.exe 14.0.0.9204
flowcontrol.dll 14.0.0.9204
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
loadhttp.dll 14.0.0.9179
ofcpfwcommon.dll 14.0.0.9179
patchw32.dll 12.22.0.0
pwd.dll 14.0.0.9179
ssleay32.dll 1.0.2.21
sso_pkihelper.dll 5.0.0.2363
timestring.dll 14.0.0.9179
tmcfwapi.dll 5.83.0.1070
tmnotify.dll 1.5.0.1061
tmupdate.dll 2.86.0.4002
trendaprwrapperdll.dll 5.0.0.2363
Apex One\PCCSRV\web_osce\web_console\html\ad_integration
-------------------------------------------------------------------
ad_integration.htm *
client_grouping.htm *
edit_sorting_rules.htm *
Apex One\PCCSRV\web_osce\web_console\html\aegis
-------------------------------------------------------------------
data_protection.htm *
device_control.htm *
Apex One\PCCSRV\web_osce\web_console\html\auth
-------------------------------------------------------------------
admin_account_domain.htm *
admin_account_info.htm *
admin_account_menu.htm *
admin_roles_list.htm *
admin_role_add.htm *
Apex One\PCCSRV\web_osce\web_console\html\behavior_monitoring
-------------------------------------------------------------------
bm_settings.htm *
Apex One\PCCSRV\web_osce\web_console\html\clientmag
-------------------------------------------------------------------
client_cfg_privileage.htm *
client_cfg_wtp.htm *
client_globalsetting.htm *
client_list_2.htm *
client_list_2_task.htm *
client_move.htm *
client_ofsc_services.htm *
client_policy_import_preview.htm *
client_searchwindow.htm *
Apex One\PCCSRV\web_osce\web_console\html\cloud_service
-------------------------------------------------------------------
scan_ip_range_edit.htm *
Apex One\PCCSRV\web_osce\web_console\html\common
-------------------------------------------------------------------
ajax.js *
authorize.js *
js-common.js *
ln_clientmag.js *
ln_common.js *
ln_pfw.js *
menu_common.js *
page_init.js *
scripts.js *
setting.summary.js *
setting.vdi.js *
settings.logs.js *
trend-ui-opt_list.js *
trend-ui.domaintree.js *
x_localization.xml *
x_view_status.xsl *
Apex One\PCCSRV\web_osce\web_console\html\common\css
-------------------------------------------------------------------
index.css *
l10n-style.css *
menubar.css *
Apex One\PCCSRV\web_osce\web_console\html\common\images
-------------------------------------------------------------------
ico_warning.svg *
Apex One\PCCSRV\web_osce\web_console\html\common\l10n
-------------------------------------------------------------------
l10n.aegis.js *
l10n.behavior_monitoring.js *
l10n.clientmag.js *
l10n.dlp.js *
l10n.global.js *
l10n.logs.js *
l10n.pfw.js *
l10n.root.js *
l10n.update.js *
l10n.vdi.js *
Apex One\PCCSRV\web_osce\web_console\html\common\settings
-------------------------------------------------------------------
setting.addon.js *
setting.ad_integration.js *
setting.aegis.js *
setting.behavior_monitoring.js *
setting.clientmag.js *
setting.cloud_service.js *
setting.compliance_report.js *
setting.dlp.js *
setting.logon.js *
setting.logs.js *
setting.menu.js *
setting.notify.js *
setting.outbreak.js *
setting.pfw.js *
setting.rba.js *
setting.root.js *
setting.serveradm.js *
setting.update.js *
setting.vdi.js *
Apex One\PCCSRV\web_osce\web_console\html\common\tmicon
-------------------------------------------------------------------
icon-font-demo.html *
icon-font.css *
icon-svg-demo.html *
symbol-defs.svg *
Apex One\PCCSRV\web_osce\web_console\html\common\tmicon\fonts
-------------------------------------------------------------------
tmicon.svg *
Apex One\PCCSRV\web_osce\web_console\html\common\tmicon\svg
-------------------------------------------------------------------
blacklist.svg *
Apex One\PCCSRV\web_osce\web_console\html\common\util
-------------------------------------------------------------------
common.js *
json2.min.js *
osce.menubar.js *
Apex One\PCCSRV\web_osce\web_console\html\common\yui\build\json
-------------------------------------------------------------------
json-debug.js *
json.js *
Apex One\PCCSRV\web_osce\web_console\html\compliance_report
-------------------------------------------------------------------
compliance_report.htm *
installing_computers.htm *
scheduled_compliance_report.htm *
Apex One\PCCSRV\web_osce\web_console\html\dlp
-------------------------------------------------------------------
dlp_compliance_tpl_addedit_v2.htm *
dlp_digitalaccess.htm *
dlp_display_ac.htm *
dlp_entities_addedit.htm *
dlp_listentities.htm *
dlp_listfileattr.htm *
dlp_listkeywords.htm *
dlp_listtemplates.htm *
dlp_settings.htm *
Apex One\PCCSRV\web_osce\web_console\html\help\webhelp
-------------------------------------------------------------------
-trend_client_progra.html *
about-company_name-s.html *
about-plug-in-manage.html *
about-the-product_sh.html *
about-web-threats.html *
activating-or-renewi.html *
activating-the-plug_.html *
active-directory-int.html *
active-directory-log.html *
activeupdate-server-.html *
activeupdate.html *
adding-a-custom-acco.html *
adding-a-custom-role.html *
adding-a-firewall-po.html *
adding-a-firewall-po_001.html *
adding-a-firewall-pr.html *
adding-additional-se.html *
adding-already-detec.html *
adding-and-editing-a.html *
adding-autopcc_exe-t.html *
adding-programs-to-t.html *
adding-server-connec.html *
administrator-notifi.html *
advanced-search-opti.html *
agent-connected-to-t.html *
agent-connection-sta.html *
agent-mover.html *
agent-packager-logs.html *
agents-on-the-comput.html *
allowing-wmi-communi.html *
an-error-in-the-syst.html *
anti-exploit-protect.html *
anti-spyware-compone.html *
antivirus-components.html *
antivirusclientconne.html *
appendices.html *
application-filterin.html *
apply-scan-exclusion.html *
audience.html *
authentication-of-se.html *
automatically-removi.html *
automatically-stop-s.html *
back-up-files-before.html *
backup-files.html *
behavior-monitoring-.html *
behavior-monitoring-_001.html *
behavior-monitoring-_002.html *
behavior-monitoring-_003.html *
behavior-monitoring-_004.html *
behavior-monitoring-_005.html *
behavior-monitoring.html *
behav_monit_event_mo.html *
bind-customer-specif.html *
binding-customer-spe.html *
blocking-access-to-c.html *
blocking-vulnerable-.html *
browser-based-instal.html *
browser-exploit-solu.html *
built-in-user-roles.html *
cache-settings-for-s.html *
case-diagnostic-tool.html *
cc-callback-notifica.html *
cc-callback-outbreak.html *
cc-contact-alert-not.html *
ccca_events-widget.html *
ccc_sus_conn_cfg.html *
certified-safe-softw.html *
changing-the-scan-me.html *
changing-the-vdi-sca.html *
clean-delete-infecte.html *
client-management-sc.html *
clientserverconnecti.html *
clientupdates-widget.html *
client_computer_sing.html *
client_computer_sing_001.html *
client_computer_sing_002.html *
client_computer_sing_003.html *
client_computer_sing_004.html *
client_computer_sing_005.html *
client_computer_sing_006.html *
client_computer_sing_007.html *
client_priv_sett_all.html *
client_settings_item.html *
client_sm_scan_switc.html *
cloud-storage.html *
cl_tr_tsk_sp.html *
company_name-network.html *
company_name-virtual.html *
component-duplicatio.html *
component-update-for.html *
component-update-log.html *
component-update-sum.html *
component-updates.html *
components.html *
components_001.html *
compressed-file.html *
condition-statements.html *
configure-scan-setti.html *
configuring-a-schedu.html *
configuring-agent-la.html *
configuring-cache-se.html *
configuring-cc-callb.html *
configuring-connecti.html *
configuring-custom-l.html *
configuring-customiz.html *
configuring-data-los.html *
configuring-data-los_001.html *
configuring-general-.html *
configuring-global-b.html *
configuring-global-f.html *
configuring-global-s.html *
configuring-global-s_001.html *
configuring-global-u.html *
configuring-integrat.html *
configuring-internal.html *
configuring-ipv6-add.html *
configuring-location.html *
configuring-malware-.html *
configuring-notifica.html *
configuring-ping-set.html *
configuring-predicti.html *
configuring-product-.html *
configuring-product_.html *
configuring-proxy-se.html *
configuring-proxy-se_001.html *
configuring-quaranti.html *
configuring-reserved.html *
configuring-retrieva.html *
configuring-sample-s.html *
configuring-scan-res.html *
configuring-scan-set.html *
configuring-schedule.html *
configuring-security.html *
configuring-security_001.html *
configuring-service-.html *
configuring-settings.html *
configuring-spyware_.html *
configuring-suspicio.html *
configuring-the-beha.html *
configuring-the-cc-c.html *
configuring-the-fire.html *
configuring-the-fire_001.html *
configuring-the-hear.html *
configuring-the-ip-a.html *
configuring-the-sche.html *
configuring-the-secu.html *
configuring-the-serv.html *
configuring-the-stan.html *
configuring-the-stan_001.html *
configuring-the-trus.html *
configuring-the-upda.html *
configuring-trend_cl.html *
configuring-trend_cl_001.html *
configuring-trend_cl_002.html *
configuring-virus_ma.html *
configuring-web-cons.html *
connection-verificat.html *
considerations-when-.html *
contacting-trend-mic.html *
control-manager-cert.html *
control_manager_prod.html *
control_manager_prod_001.html *
conventional-scan-ic.html *
cookie.html *
cpu-usage.html *
creating-a-backup-of.html *
creating-a-disk-imag.html *
creating-a-pre-scan-.html *
creating-an-installa.html *
creating-mutual-excl.html *
criteria-for-customi.html *
customizable-profile.html *
customized-dlp-templ.html *
customized-keyword-l.html *
customized-keyword-l_001.html *
customized-update-so.html *
customized-update-so_001.html *
customizing-ptngrowt.html *
customizing-ptngrowt_001.html *
c_s_connect_icons.html *
dac_actions.html *
dac_actions_decompre.html *
dac_channels_network.html *
dac_channels_network_001.html *
dac_channels_network_002.html *
dac_channels_ntwk_sc.html *
dac_channels_ntwk_sc_001.html *
dac_channels_ntwk_ta.html *
dac_channels_system.html *
dac_channels_system_.html *
dac_expressions.html *
dac_expressions_cust.html *
dac_expressions_cust_001.html *
dac_expressions_cust_002.html *
dac_file_attributes_.html *
dac_file_attributes__001.html *
dac_keywords_customi.html *
dac_keywords_customi_001.html *
dac_templates_custom.html *
dac_templates_custom_001.html *
damage-cleanup-servi.html *
damage-cleanup-servi_001.html *
data-loss-prevention.html *
data-loss-prevention_001.html *
data-loss-prevention_002.html *
data-loss-prevention_003.html *
data-loss-prevention_004.html *
data-loss-prevention_005.html *
data-loss-prevention_006.html *
data-loss-prevention_007.html *
data-protection-debu.html *
data-protection-inst.html *
data-protection-lice.html *
data-protection-widg.html *
data-recorders-(cd_d.html *
datalosspreventionin.html *
dc_manage_access_adv.html *
dc_manage_access_usb.html *
dc_permissions.html *
dc_perm_adv.html *
dc_perm_adv_ppn.html *
decrypting-and-resto.html *
default-firewall-pol.html *
default-scan-method.html *
defining-permissions.html *
defining-the-active-.html *
delete-all-iis-rules.html *
deleting-a-connectio.html *
deleting-logs-based-.html *
denial-of-service-at.html *
denying-access-to-ex.html *
denying-write-access.html *
deploying-the-data-p.html *
deployment-considera.html *
deployment-of-data-p.html *
determining-the-trus.html *
device-control-excep.html *
device-control-excep_001.html *
device-control-logs.html *
device-list-tool.html *
device_control.html *
device_list_tool_run.html *
dhcp.html *
digital-signature-ca.html *
digital_asset_contro.html *
disabling-automatic-.html *
disabling-debug-logg.html *
disabling-debug-logg_001.html *
disabling-debug-logg_002.html *
disabling-debug-logg_003.html *
disabling-logging-fo.html *
disabling-outbreak-p.html *
distance-condition.html *
distributing-the-pac.html *
dlp-channels.html *
dlp_policy_create.html *
dlp_rule_create.html *
dns.html *
docs_terminology.html *
document-conventions.html *
document-modificatio.html *
documentation-feedba.html *
domain-name.html *
domain-structure.html *
download-center.html *
dynamic-ip-address.html *
edge-relay-server-re.html *
edge-relay-server-sy.html *
edge-relay-server.html *
editing-the-firewall.html *
email-reputation-ser.html *
enable-assessment-mo.html *
enable-deferred-scan.html *
enable-elam.html *
enabling-debug-loggi.html *
enabling-debug-loggi_001.html *
enabling-debug-loggi_002.html *
enabling-debug-loggi_003.html *
enabling-debug-loggi_004.html *
enabling-debug-loggi_005.html *
enabling-debug-loggi_006.html *
enabling-logging-for.html *
enabling-or-disablin.html *
enabling-the-cc-call.html *
enabling-the-integra.html *
enabling-the-sending.html *
enabling-the-web-thr.html *
encrypting-server-ag.html *
end-user-license-agr.html *
endpoint-location-se.html *
endpoint-location.html *
endpoint-status-widg.html *
enforcement-of-trend.html *
enhanced-product-int.html *
esmtp.html *
event-triggered-upda.html *
events-that-trigger-.html *
exception-list-wildc.html *
exclude-microsoft-ex.html *
excluding-security-a.html *
exporting-client_com.html *
false-positive.html *
file-attributes.html *
file-reputation-serv.html *
files-infected-with-.html *
files-infected-with-_001.html *
firewall-components.html *
firewall-policies-an.html *
firewall-policies.html *
firewall-profiles.html *
firewall-violation-n.html *
firewall-violation-o.html *
firewall-violation-o_001.html *
forensic-folder-and-.html *
fresh-installation-l.html *
ftp.html *
ftp_001.html *
fw_privileges.html *
gateway-settings-imp.html *
gdpr-a---kb-link-olh.html *
generating-an-on-dem.html *
genericlean.html *
getting-detailed-ser.html *
getting-detailed-tre.html *
getting-help.html *
getting-started-with_002.html *
getting-started-with_003.html *
global-firewall-sett.html *
global-scan-settings.html *
glossary_001.html *
granting-behavior-mo.html *
granting-firewall-pr.html *
granting-proxy-confi.html *
granting-scan-type-p.html *
granting-the-client_.html *
granting-trusted-pro.html *
granting-users-the-p.html *
heartbeat.html *
hot-fix-and-patch-hi.html *
how-keyword-lists-wo.html *
how-spywaregrayware-.html *
http-and-https.html *
http.html *
https-url-scan-suppo.html *
https.html *
icmp.html *
im-applications.html *
importing-and-export.html *
importing-client_com.html *
importing-or-exporti.html *
importing_-exporting.html *
inactive-trend_clien.html *
indexlist.html *
initiating-a-browser.html *
initiating-scan-now.html *
installation-logs.html *
installation-methods.html *
installation-methods_001.html *
installations-using-.html *
installing-data-prot.html *
installing-from-the-.html *
installing-remotely-.html *
installing-the-edge-.html *
installing-the-trend.html *
installing-the-trend_001.html *
installing-the-trend_002.html *
installing-the-trend_003.html *
installing-virtual-d.html *
installing-with-agen.html *
installing-with-logi.html *
installing-with-secu.html *
install_consider.html *
ins_mth_msi.html *
ins_mth_msi_sms.html *
ins_mth_msi_sms_loco.html *
integrated-servers-a.html *
integrated-smart-pro.html *
integrated-smart-pro_001.html *
integrated-smart-pro_002.html *
integrated-smart-pro_003.html *
integrating-active-d.html *
integration-with-com.html *
intelliscan.html *
intellitrap.html *
introducing-product_.html *
introduction-and-get.html *
intrusion-detection-.html *
ip.html *
ipv6-support-for-pro.html *
ipv6-support-for-pro_001.html *
ipv6-support-for-sma.html *
ipv6-support-for-tre.html *
ipv6-support-for-upd.html *
ipv6-support-in-prod.html *
ipv6_client_limits.html *
isolated-product_sho.html *
java-file.html *
keeping-protection-u_001.html *
keywords.html *
ldap.html *
licenses.html *
limiting-downloads-f.html *
limiting_denying-acc.html *
listening-port.html *
location-criteria.html *
log-maintenance.html *
log-management.html *
logon-account.html *
mail-scan-logs.html *
malware-behavior-blo.html *
management-widget.html *
managing-access-to-e.html *
managing-access-to-e_001.html *
managing-edge-relay-.html *
managing-the-edge-re.html *
managing-the-product.html *
managing-the-product_001.html *
managing-the-referen.html *
managing-the-trend_c.html *
manual-scan.html *
manually-deleting-lo.html *
manually-updating-th.html *
mcp-agent.html *
menu-items-for-manag.html *
menu-items-for-serve.html *
method-for-retrievin.html *
migrating-from-other.html *
migrating-from-serve.html *
migrating-to-the-tre.html *
mixed-threat-attack.html *
modifying-a-firewall.html *
modifying-a-firewall_001.html *
modifying-an-existin.html *
modifying-device-con.html *
modifying-the-cc-cal.html *
modifying-the-conten.html *
modifying-the-conten_001.html *
modifying-the-forens.html *
modifying-the-web-th.html *
nat.html *
native-plug_in_prog_.html *
netbios.html *
network-administrati.html *
network-size.html *
network-topology-and.html *
network-traffic.html *
newly-encountered-pr.html *
notifications.html *
notifying-client_com.html *
notifying-users-of-v.html *
number-of-keywords-c.html *
obtaining-the-packag.html *
officescan-agent-lan.html *
officescan-widgets.html *
on-demand-compliance.html *
on-demand-scan-cache.html *
one-way-communicatio.html *
opening-port-communi.html *
osce-about-product_s.html *
osce-about-security-.html *
osce-adding-a-domain.html *
osce-automatic-clien.html *
osce-checking-the-pr.html *
osce-client_computer.html *
osce-company_name-co.html *
osce-configuring-aut.html *
osce-configuring-man.html *
osce-defining-client.html *
osce-defining-client_001.html *
osce-deleting-a-doma.html *
osce-exclude-the-pro.html *
osce-firewall-logs.html *
osce-gls_hotfix_osce.html *
osce-manual-client_c.html *
osce-moving-trend_cl.html *
osce-officescanandpl.html *
osce-osce_ccc_servic.html *
osce-osce_digital_as.html *
osce-osce_dlp_policy.html *
osce-osce_feat_ben.html *
osce-osce_file_reput.html *
osce-osce_sm_prot_se.html *
osce-osce_sm_prot_so.html *
osce-osce_web_reputa.html *
osce-plugin_install_.html *
osce-plugin_license_.html *
osce-plugin_uninstal.html *
osce-registering-pro.html *
osce-renaming-a-doma.html *
osce-running-the-tou.html *
osce-scan-type-privi.html *
osce-standard-update.html *
osce-the-product_sho.html *
osce-the-trend_clien.html *
other-resources.html *
outbreak-logs.html *
outbreak-prevention-.html *
outbreak-prevention-_001.html *
outbreak-prevention-_002.html *
outbreak_prevention-.html *
outside-server-manag.html *
overall-threat-detec.html *
package-deployment-g.html *
participating-in-the.html *
password-protected-f.html *
patch.html *
peer-to-peer-applica.html *
performing-a-test-sc.html *
performing-a-unc-bas.html *
performing-post-inst.html *
permissions-for-non-.html *
pgp-encryption.html *
phish-attack.html *
ping-settings.html *
ping.html *
plug-in-agent-instal.html *
plug-in-manager-inst.html *
plug-in-program-agen.html *
plug-in-program-does.html *
plug-in-programmanag.html *
plugin_manage_about.html *
plugin_program_manag.html *
plugin_program_upgra.html *
plug_in_prog_prod_na.html *
plug_in_prog_prod_na_001.html *
policy-configuration.html *
pop3.html *
post-installation.html *
postpone-scheduled-s.html *
postponing_skipping-.html *
potential-risks-and-.html *
predefined-dlp-templ.html *
predefined-expressio.html *
predefined-file-attr.html *
predefined-keyword-l.html *
predictive-machine-l.html *
predictive-machine-l_001.html *
preface_001.html *
printer.html *
prmt_client_service_.html *
prmt_self_prot.html *
prmt_self_prot_cnsol.html *
prmt_self_prot_roam.html *
prmt_self_prot_unloa.html *
processes-by-channel.html *
product-information-.html *
product-license-stat.html *
product-query.html *
product_short_name-c.html *
product_short_name-d.html *
product_short_name-d_001.html *
product_short_name-f.html *
product_short_name-r.html *
product_short_name-s.html *
product_short_name-s_001.html *
product_short_name-s_002.html *
product_short_name-s_003.html *
product_short_name-s_004.html *
product_short_name-s_005.html *
product_short_name-s_006.html *
product_short_name-s_007.html *
product_short_name-w.html *
program-and-componen.html *
programs-list.html *
programs.html *
protect-files-in-the.html *
protect-trend_client.html *
protect-trend_client_001.html *
protect-trend_client_002.html *
protecting-against-u_001.html *
protecting-computers_001.html *
protecting-off-premi_001.html *
protecting-trend_cli.html *
providing-additional.html *
proxy-for-product_sh.html *
proxy-for-trend_clie.html *
proxy-server.html *
pure-ipv6-server-lim.html *
quarantine-manager.html *
ransomware-summary-w.html *
real-time-scan.html *
recommended-post-ins.html *
recording-the-integr.html *
reference-servers.html *
register-to-an-apex-.html *
remind-users-of-the-.html *
removing-guids-from-.html *
renew-a-self-signed-.html *
requirements-for-ope.html *
resolving-conflicts.html *
restoring-quarantine.html *
restoring-spyware_gr.html *
restoring-the-previo.html *
restricting-access-t.html *
resume-scheduled-sca.html *
revoking-the-schedul.html *
role-based-administr.html *
role-based-administr_001.html *
rollback_proc_client.html *
rollback_screen-----.html *
rolling-back-compone.html *
rolling-back-the-pro.html *
rpc.html *
rule-1_-maximum-size.html *
rule-2_-maximum-comp.html *
rule-3_-maximum-numb.html *
running-agent-mover.html *
running-server-tuner.html *
running-the-trend_cl.html *
sample-submission.html *
saving-the-policy-ex.html *
scan-actions.html *
scan-compliance.html *
scan-criteria.html *
scan-exclusion-list-.html *
scan-exclusion-list-_001.html *
scan-exclusions.html *
scan-for-cookies.html *
scan-logs.html *
scan-method-guidelin.html *
scan-method-types.html *
scan-methods-compare.html *
scan-now.html *
scan-privileges-and-.html *
scan-process-exclusi.html *
scan-settings-sectio.html *
scan-types.html *
scanning-for-network.html *
scanning-for-securit_001.html *
scan_set_cmn_act_dcs.html *
scan_set_cmn_act_not.html *
scan_set_cmn_act_not_001.html *
scan_set_cmn_act_qua.html *
scan_set_cmn_act_res.html *
scan_set_cmn_act_vir.html *
scan_set_cmn_cri_fil.html *
scan_set_cmn_cri_sca.html *
scan_set_cmn_exc_lis.html *
scan_set_spy.html *
scan_set_spy_list_ma.html *
scan_set_spy_notify.html *
scan_types_manual_cn.html *
scan_types_real_cnfg.html *
scan_types_scannow_c.html *
scan_types_sched_cnf.html *
schedule-based-updat.html *
schedule.html *
scheduled-compliance.html *
scheduled-scan-privi.html *
scheduled-scan-privi_001.html *
scheduled-scan-setti.html *
scheduled-scan.html *
scheduling-updates-f.html *
screens-that-display.html *
sc_pv_mail.html *
sc_pv_mail_grant.html *
sc_pv_sch_grant.html *
sc_pv_sch_postpone.html *
security-compliance-.html *
security-compliance-_001.html *
security-compliance-_002.html *
security-compliance.html *
security-patch.html *
security-risk-detect.html *
security-risk-logs.html *
security-risk-notifi.html *
security-risk-notifi_001.html *
security-risk-outbre.html *
security-risk-outbre_001.html *
security-threats---r.html *
securityriskdetectio.html *
securityrisklogsscre.html *
sending-suspicious-c.html *
server-agent-communi.html *
server-debug-logs-us.html *
server-polling.html *
server-tuner.html *
serverprotect-normal.html *
service-pack.html *
services.html *
setting-up-smart-pro.html *
settings-common-to-a.html *
settings.html *
skip-and-stop-schedu.html *
skip-scheduled-scan-.html *
smart-feedback.html *
smart-protection-net.html *
smart-protection-pat.html *
smart-protection-pat_001.html *
smart-protection-ser.html *
smart-protection-ser_001.html *
smart-protection-ser_002.html *
smart-protection-sou.html *
smart-protection-sou_001.html *
smart-protection-sou_002.html *
smart-protection-sou_003.html *
smart-scan-agent-pat.html *
smart-scan-icons.html *
smart-scan-pattern.html *
smart_feedback_about.html *
smtp.html *
snmp-trap.html *
snmp.html *
software_hardware-sp.html *
solutions-to-issues-.html *
specifying-a-digital.html *
specifying-the-trend.html *
speeding-up-the-supp.html *
spyware-and-grayware.html *
spyware_grayware-app.html *
spyware_grayware-sca.html *
spyware_grayware_gua.html *
sql-server-migration.html *
sql_tool_alert.html *
sql_tool_use.html *
srs_not_cl.html *
ssl-certificate.html *
ssl.html *
standalone-smart-pro.html *
standard-update-sour.html *
stateful-inspection.html *
stopping-the-collect.html *
summary-tab-widgets.html *
support-intelligence.html *
supported-control_ma.html *
supported-system-var.html *
supported-virtualiza.html *
suspicious-connectio.html *
suspicious-connectio_001.html *
suspicious-objects-c.html *
switching-from-conve.html *
synchronization-soft.html *
synchronizing-data-w.html *
system-event-logs.html *
tabs-and-widgets.html *
tcp.html *
technical-support_001.html *
telnet.html *
test-scan-using-the-.html *
testing-the-product_.html *
the-need-for-a-new-s.html *
the-plug_in_prog_par.html *
the-server-migration.html *
the-summary.html *
the-trend_client_pro.html *
the-web-console-bann.html *
the-web-console.html *
the-windows-server-2.html *
threat-encyclopedia.html *
top-ransomware-detec.html *
topdatalosprevention.html *
traffic-filtering.html *
transmission-scope-a.html *
transport-driver-int.html *
trend-micro-performa.html *
trend_client_program.html *
trend_client_program_001.html *
trend_client_program_002.html *
trend_client_program_003.html *
trend_client_program_004.html *
trend_client_program_005.html *
trend_client_program_006.html *
trend_client_program_007.html *
trend_client_program_008.html *
trend_client_program_009.html *
trend_client_program_010.html *
trend_client_program_011.html *
trend_client_program_012.html *
trend_client_program_013.html *
trend_client_program_014.html *
trend_client_program_015.html *
trend_client_program_016.html *
trend_client_program_017.html *
trend_client_program_018.html *
trend_client_program_019.html *
trend_client_program_020.html *
trend_client_program_021.html *
trend_client_program_022.html *
trend_client_program_023.html *
trend_client_program_024.html *
trend_client_program_025.html *
trojan-port.html *
troubleshooting-micr.html *
troubleshooting-plug.html *
troubleshooting-reso_001.html *
troubleshooting-reso_002.html *
trusted-port.html *
trusted-programs-pri.html *
two-way-communicatio.html *
udp.html *
uncleanable-files.html *
uninstalling-data-pr.html *
uninstalling-data-pr_001.html *
uninstalling-plug-in.html *
uninstalling-plug_in.html *
uninstalling-the-tre.html *
uninstall_program_gr.html *
unknown-threat-logs.html *
unreachable-client_c.html *
unregister-from-an-a.html *
update-agent-analyti.html *
update-agent-compone.html *
update-agent-configu.html *
update-agent-system-.html *
update-agents.html *
update-methods-for-u.html *
update-overview.html *
update-sources-for-u.html *
update-status-for-tr.html *
update_agent_process.html *
update_priv_sttng_cf.html *
updating-an-isolated.html *
updating-the-integra.html *
updating-the-scan-en.html *
updating-trend_clien.html *
upgrade_hot-fix-logs.html *
upgrading-the-edge-r.html *
usage-of-smart-prote.html *
use-a-specific-actio.html *
use-activeaction.html *
use-the-same-action-.html *
user-accounts.html *
user-activity-on-fil.html *
user-roles.html *
using-authentication.html *
using-behavior-monit_001.html *
using-company_name-s.html *
using-data-loss-prev_001.html *
using-device-control_001.html *
using-gateway-settin.html *
using-plug-in-manage_001.html *
using-smart-protecti.html *
using-the-company_na.html *
using-the-domains-sc.html *
using-the-edge-serve.html *
using-the-product_sh.html *
using-the-scheduled-.html *
using-the-server-mig.html *
using-the-serverprot.html *
using-the-support-po.html *
vdi-pre-scan-templat.html *
verifying-client_com.html *
viewing-behavior-mon.html *
viewing-campampc-cal.html *
viewing-central-quar.html *
viewing-connection-v.html *
viewing-data-loss-pr.html *
viewing-device-contr.html *
viewing-dlp-license.html *
viewing-firewall-log.html *
viewing-license-info.html *
viewing-predictive-m.html *
viewing-product-lice.html *
viewing-sample-submi.html *
viewing-settings-for.html *
viewing-spyware_gray.html *
viewing-spyware_gray_001.html *
viewing-suspicious-c.html *
viewing-suspicious-f.html *
viewing-system-event.html *
viewing-the-query-re.html *
viewing-the-update-l.html *
viewing-trend_client.html *
viewing-trend_client_001.html *
viewing-virus_malwar.html *
viewing-web-reputati.html *
virtual-desktop-supp.html *
virtual-desktop-supp_001.html *
virtual-desktop-supp_002.html *
virtual-server-conne.html *
virus-scan-engine-lo.html *
viruses-and-malware.html *
virus_malware-scan-r.html *
vsencrypt-logs.html *
vulnerability-scan-m.html *
vulnerability-scan-r.html *
vulnerability-scan-s.html *
vulnerability-scanne.html *
vulner_scan_guide.html *
vulner_scan_meth_man.html *
vul_stg_srvr.html *
web-blocking-list.html *
web-console-password.html *
web-reputation-and-p.html *
web-reputation-compo.html *
web-reputation-logs.html *
web-reputation-polic.html *
web-reputation-servi.html *
web-reputation.html *
web-threat-logs.html *
web-threat-notificat.html *
webmail.html *
whats-new.html *
widgets.html *
wildcard-exceptions.html *
windows-clipboard.html *
windows-event-logs.html *
windows-server-core-_001.html *
windows-server-core-_002.html *
windows-server-core-_003.html *
working-with-tabs.html *
working-with-widgets.html *
write-protected-infe.html *
wrs_policy_config.html *
_outbreaks_-widget.html *
__activating-the-plug_-2.html *
Apex One\PCCSRV\web_osce\web_console\html\help\webhelp\_wh
-------------------------------------------------------------------
index.js *
search.js *
toc.js *
Apex One\PCCSRV\web_osce\web_console\html\help\webhelp\_wh\user
-------------------------------------------------------------------
tm.css *
Apex One\PCCSRV\web_osce\web_console\html\logs
-------------------------------------------------------------------
logs_ccca.htm *
logs_delete.htm *
logs_fa_file_view.htm *
logs_pfw.htm *
logs_pfw_view.htm *
logs_spyware.htm *
logs_spyware_apply.htm *
logs_spyware_detail.htm *
logs_websecurity.htm *
logs_widget_dlp_top_violation.htm *
log_maintenance.htm *
Apex One\PCCSRV\web_osce\web_console\html\notify
-------------------------------------------------------------------
notify_standardalert.htm *
Apex One\PCCSRV\web_osce\web_console\html\outbreak
-------------------------------------------------------------------
opp_deny_write.htm *
opp_port_blocking.htm *
opp_port_blocking_add.htm *
opp_port_blocking_edit.htm *
opp_restore.htm *
opp_shared_folder.htm *
Apex One\PCCSRV\web_osce\web_console\html\pfw
-------------------------------------------------------------------
policy_edit.htm *
policy_list.htm *
profile_edit.htm *
profile_list.htm *
Apex One\PCCSRV\web_osce\web_console\html\root
-------------------------------------------------------------------
about.htm *
atxenc.cab *
help_start.htm *
index.htm *
license_attributions.htm *
logon.htm *
menu.html *
ssofail.htm *
top.htm *
turn_debug_onoff.htm *
Apex One\PCCSRV\web_osce\web_console\html\serveradm
-------------------------------------------------------------------
server_cmagent_saas.htm *
server_console_settings.htm *
server_migration.htm *
server_proxy.htm *
Apex One\PCCSRV\web_osce\web_console\html\summary
-------------------------------------------------------------------
summary_top10_osce.htm *
Apex One\PCCSRV\web_osce\web_console\html\tools
-------------------------------------------------------------------
tools_admin_clients.htm *
Apex One\PCCSRV\web_osce\web_console\html\update
-------------------------------------------------------------------
client_deployment_automatic.htm *
client_deployment_manual.htm *
update_rollback.htm *
xbc_server_program_update.htm *
Apex One\PCCSRV\web_osce\web_console\html\vdi
-------------------------------------------------------------------
vdi_display_ac.htm *
Apex One\PCCSRV\web_osce\web_console\remoteinstallcgi
-------------------------------------------------------------------
cgigetntclient.exe 14.0.0.9204
cgigetntdomain.exe 14.0.0.9204
cgiocommon.dll 14.0.0.9204
cgiremoteinstall.exe 14.0.0.9204
cgires.dll 14.0.0.9204
cgiresutf8.dll 14.0.0.9204
cgishare.dll 14.0.0.9204
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.21
loadhttp.dll 14.0.0.9179
setupman.dll 14.0.0.9204
sso_pkihelper.dll 5.0.0.2363
svcmgr.dll 14.0.0.9204
svcrunap.exe 14.0.0.9204
timestring.dll 14.0.0.9179
tmdbg20.dll 14.0.0.9179
wizard.exe 14.0.0.9179
wizard_64x.exe 14.0.0.9179
Apex One\PCCSRV\web_osce\web_console\sso\html\common\images
-------------------------------------------------------------------
ico_warning.svg *
Apex One\PCCSRV\web_osce\web_console\sso\html\common\l10n
-------------------------------------------------------------------
l10n.root.js *
Apex One\PCCSRV\web_osce\web_console\sso\html\root
-------------------------------------------------------------------
ssofail.htm *
bin
-------------------------------------------------------------------
backupenhance.ini *
cgiresutf8.dll 14.0.0.9204
cgishare.dll 14.0.0.9204
check_mmc.bat *
check_msxml6.bat *
check_php.bat *
cmagentctrl.dll 2.53.0.1015
commandline.dll 2.7.82.0
convert_ver2dec.bat *
cvefixer.exe *
dacframework_x64.msi *
data1.cab *
data1.hdr *
databasemigrate.dll 14.0.0.9204
delete_chart_files.bat *
dzip32.dll 3.0.0.15
hfsetuppsscript.bat *
hfsetuppsscript.ps1 *
hotfixdetectiontool.exe 14.0.0.9204
hotfixtool.exe 14.0.0.9204
installmsxml6.bat *
libeay32.dll 1.0.2.21
libnetctrl.dll 14.0.0.9179
loadhttp.dll 14.0.0.9179
msxml6.msi *
msxml6_x64.msi *
ofcshare.dll 14.0.0.9204
pccwfwmo.dll 1.0.0.1002
posttmpatch.exe *
replacewidgetxml.bat *
setratingserver.exe *
setup.inx *
starttmsm.bat *
stopprocess.bat *
stopprocess.ps1 *
stoptmsm.bat *
svrsetup.dll 14.0.0.9204
svrsvcsetup.exe 14.0.0.9204
svrsvcsetup_64x.exe 14.0.0.9204
tmicfgapi.dll 1.11.0.1012
tmtouch.exe 14.0.0.9179
turn_logsvr.bat *
update_jdk.bat *
update_jdk.ps1 *
vsapi32.dll 12.500.0.1004
web_setting.bat *
zlib.dll 1.31.0.1708
zlibwapi.dll 1.2.11.1002
bin\logserver
-------------------------------------------------------------------
ofcdebug.ini *
ofcdebugex.ini *
iac
-------------------------------------------------------------------
placeholder.txt *
run.bat *
iac\iachotfix\agentpackage
-------------------------------------------------------------------
hfx_iac.zip *
hfx_iac.zip.cat *
hfx_iac_x64.zip *
hfx_iac_x64.zip.cat *
instupg_iac.zip *
instupg_iac.zip.cat *
instupg_iac_x64.zip *
instupg_iac_x64.zip.cat *
iserviceinst.ini *
iserviceupd.ini *
iac\iachotfix\serverpackage
-------------------------------------------------------------------
config.xml *
databaseonpremises.dacpac *
databasesaas.dacpac *
icsharpcode.sharpziplib.dll 0.86.0.518
microsoft.web.administration.dll 6.1.7601.17514
newtonsoft.json.dll 9.0.1.19813
tmaccore.dll 3.0.0.3042
tmacosce.dll 3.0.0.3042
tmacpersistence.dll 3.0.0.3042
tmacutility.dll 3.0.0.3042
tmiacsetup.exe 3.0.0.3042
tmiacsvc.exe 3.0.0.3042
version.ini *
iac\iachotfix\serverpackage\web\acserverwebapp
-------------------------------------------------------------------
global.asax *
web.config *
iac\iachotfix\serverpackage\web\acserverwebapp\bin
-------------------------------------------------------------------
acserverwebapp.dll 3.0.0.3042
icsharpcode.sharpziplib.dll 0.86.0.518
newtonsoft.json.dll 9.0.1.19813
system.net.http.formatting.dll 5.2.30128.0
system.web.http.dll 5.2.30128.0
system.web.http.webhost.dll 5.2.30128.0
tmacutility.dll 3.0.0.3042
iac\iachotfix\serverpackage\web\osfchannel
-------------------------------------------------------------------
global.asax *
web.config *
iac\iachotfix\serverpackage\web\osfchannel\bin
-------------------------------------------------------------------
icsharpcode.sharpziplib.dll 0.86.0.518
newtonsoft.json.dll 9.0.1.19813
osfchannel.dll 3.0.0.3042
system.net.http.formatting.dll 5.2.30128.0
system.web.http.dll 5.2.30128.0
system.web.http.webhost.dll 5.2.30128.0
tmacutility.dll 3.0.0.3042
iatas
-------------------------------------------------------------------
placeholder.txt *
run.bat *
iatas\iatashotfix\agentpackage
-------------------------------------------------------------------
dlliataspatchagent.zip *
dlliataspatchagent_x64.zip *
iatas\iatashotfix\agentpackage\atas_agent_hotfix_x64
-------------------------------------------------------------------
atasagent.exe 1.7.0.1045
datfhs.dll 14.0.0.5092
hc_help.dll 1.64.0.1067
libeay32.dll 1.0.2.16
libexpatw.dll *
ofcpipc_64x.dll 14.0.0.5092
osfagent_64x.dll 14.0.0.5092
iatas\iatashotfix\agentpackage\atas_agent_hotfix_x86
-------------------------------------------------------------------
atasagent.exe 1.7.0.1045
datfhs.dll 14.0.0.5092
hc_help.dll 1.64.0.1067
libeay32.dll 1.0.2.16
libexpatw.dll *
ofcpipc.dll 14.0.0.5092
osfagent.dll 14.0.0.5092
iatas\iatashotfix\agentpackage\atas_agent_x64
-------------------------------------------------------------------
atasagent.exe 1.7.0.1045
datfhs.dll 14.0.0.5092
hc_help.dll 1.64.0.1067
libeay32.dll 1.0.2.16
libexpatw.dll *
ofcpipc_64x.dll 14.0.0.5092
osfagent_64x.dll 14.0.0.5092
iatas\iatashotfix\agentpackage\atas_agent_x64\apthealthcheckup
-------------------------------------------------------------------
aptcheck64.exe 1.64.0.1067
aptptn_10002500.zip *
iatas\iatashotfix\agentpackage\atas_agent_x64\newcomponent
-------------------------------------------------------------------
aptptn_10002500.zip *
iatas\iatashotfix\agentpackage\atas_agent_x86
-------------------------------------------------------------------
atasagent.exe 1.7.0.1045
datfhs.dll 14.0.0.5092
hc_help.dll 1.64.0.1067
libeay32.dll 1.0.2.16
libexpatw.dll *
ofcpipc.dll 14.0.0.5092
osfagent.dll 14.0.0.5092
iatas\iatashotfix\agentpackage\atas_agent_x86\apthealthcheckup
-------------------------------------------------------------------
aptcheck32.exe 1.64.0.1067
aptptn_10002500.zip *
iatas\iatashotfix\agentpackage\atas_agent_x86\newcomponent
-------------------------------------------------------------------
aptptn_10002500.zip *
iatas\iatashotfix\bin
-------------------------------------------------------------------
atas_forensicmanager.exe 1.7.0.1045
atas_messagereceiver.exe 1.7.0.1045
atas_service.exe 1.7.0.1045
libcurl.dll 7.66.0.0
sisv3.dll 1.7.0.1045
trend.ddak.pr.dll 1.7.0.1045
trend.sis.utility.dll 1.7.0.1045
trendosf.dll 1.7.0.1045
iatas\iatashotfix\setup
-------------------------------------------------------------------
curlsharp.dll 1.0.6737.23568
endector.dll 1.7.0.1045
iatassetup.exe 1.7.0.1045
iatassetup.exe.config *
ionic.zip.dll 1.9.1.8
log4net.dll 1.2.11.0
microsoft.web.administration.dll 10.0.14393.0
newtonsoft.json.dll 5.0.6.16206
trend.sis.utility.dll 1.7.0.1045
trendatasactiveupdate.dll 1.7.0.1045
ies
-------------------------------------------------------------------
placeholder.txt *
run.bat *
ies\ieshotfix
-------------------------------------------------------------------
commondefinition.dll 3.0.0.1611
config.dll 3.0.0.1611
config.xml *
cryptography.dll 3.0.0.1611
debugmsg.dll 3.0.0.1611
excp4rcc.xml *
google.protocolbuffers.dll 2.4.1.555
google.protocolbuffers.serialization.dll 2.4.1.555
icsharpcode.sharpziplib.dll 0.86.0.518
log4net.config *
log4net.dll 1.2.15.0
mefplugininterfaces.dll 3.0.0.1611
mefpluginmgr.dll 3.0.0.1611
newtonsoft.json.dll 8.0.2.19309
pattern_info.txt *
pipelines.sockets.unofficial.dll 1.0.7.56431
protobuflist.dll 3.0.0.1611
remoteobject.dll 3.0.0.1611
stackexchange.redis.dll 2.0.519.65453
svg.dll 2.2.1.39233
system.buffers.dll 4.6.25519.3
system.diagnostics.performancecounter.dll 4.6.26515.6
system.io.pipelines.dll 4.6.26814.2
system.memory.dll 4.6.26606.5
system.numerics.vectors.dll 4.6.25519.3
system.runtime.compilerservices.unsafe.dll *
system.threading.channels.dll 4.6.26515.6
system.threading.tasks.extensions.dll 4.6.26606.5
tmslcore.dll 3.0.0.1611
tmufeclient.dll 3.0.0.1611
tmufeng.dll 3.91.0.1006
trendmicroendpointsensorservice.exe 3.0.0.1611
trendmicroendpointsensorservice.exe.config *
utility.dll 3.0.0.1611
webcommunication.dll 3.0.0.1611
ies\ieshotfix\agentpackage
-------------------------------------------------------------------
instupg_ies.zip *
instupg_ies.zip.cat *
instupg_ies_x64.zip *
instupg_ies_x64.zip.cat *
iserviceinst.ini *
iserviceupd.ini *
osfext_iesclient.dll 3.5.0.1194
osfext_iesclient_x64.dll 3.5.0.1194
ies\ieshotfix\cmdtool\ioctool
-------------------------------------------------------------------
ioctool.exe 3.0.0.1611
mandiantioc.xsd *
openioc.xsd *
ies\ieshotfix\cmdtool\yara
-------------------------------------------------------------------
yara.exe *
ies\ieshotfix\plugins
-------------------------------------------------------------------
agentstorage.dll 3.0.0.1611
attackdiscoverymanager.dll 3.0.0.1611
bifmanager.dll 3.0.0.1611
commandmanager.dll 3.0.0.1611
filemanager.dll 3.0.0.1611
pluginutil.dll 3.0.0.1611
policymanager.dll 3.0.0.1611
scanmanager.dll 3.0.0.1611
servermanager.dll 3.0.0.1611
servermetaquery.dll 3.0.0.1611
servermetastorage.dll 3.0.0.1611
taskmanager.dll 3.0.0.1611
tmufemanager.dll 3.0.0.1611
wineventlogmanager.dll 3.0.0.1611
ies\ieshotfix\plugins\dbschema\onpremise
-------------------------------------------------------------------
agentstorage.dacpac *
bifmanager.dacpac *
commandmanager.dacpac *
filemanager.dacpac *
policymanager.dacpac *
scanmanager.dacpac *
servermanager.dacpac *
servermetastorage.dacpac *
taskmanager.dacpac *
ies\ieshotfix\plugins\dbschema\saas
-------------------------------------------------------------------
agentstorage.dacpac *
bifmanager.dacpac *
commandmanager.dacpac *
filemanager.dacpac *
policymanager.dacpac *
scanmanager.dacpac *
servermanager.dacpac *
servermetastorage.dacpac *
taskmanager.dacpac *
ies\ieshotfix\pr\x64
-------------------------------------------------------------------
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.20
ssleay32.dll 1.0.2.20
tmprapi.dll 1.2.0.1158
zlibwapi.dll 1.2.11.0
ies\ieshotfix\pr\x86
-------------------------------------------------------------------
libcurl.dll 7.66.0.0
libeay32.dll 1.0.2.20
ssleay32.dll 1.0.2.20
tmprapi.dll 1.2.0.1162
zlibwapi.dll 1.2.11.0
ies\ieshotfix\setup
-------------------------------------------------------------------
config.dll 3.0.0.1611
cryptography.dll 3.0.0.1611
debugmsg.dll 3.0.0.1611
google.protocolbuffers.dll 2.4.1.555
google.protocolbuffers.serialization.dll 2.4.1.555
log4net.config *
log4net.dll 1.2.15.0
newtonsoft.json.dll 8.0.2.19309
redis-x64-3.0.504.msi *
setup.exe 3.0.0.1611
setup.exe.config *
utility.dll 3.0.0.1611
ies\ieshotfix\tool
-------------------------------------------------------------------
config.xml *
debugmsg.dll 3.0.0.1611
log4net.config *
log4net.dll 1.2.15.0
trendmicroendpointsensorhelper.exe 3.0.0.1611
ies\ieshotfix\web\consolechannel
-------------------------------------------------------------------
config.xml *
log4net.config *
web.config *
ies\ieshotfix\web\consolechannel\bin
-------------------------------------------------------------------
apihelper.dll 3.0.0.1611
apirouting.dll 3.0.0.1611
commondefinition.dll 3.0.0.1611
config.dll 3.0.0.1611
consolechannel.dll 3.0.0.1611
debugmsg.dll 3.0.0.1611
google.protocolbuffers.dll 2.4.1.555
google.protocolbuffers.serialization.dll 2.4.1.555
icsharpcode.sharpziplib.dll 0.86.0.518
log4net.dll 1.2.15.0
newtonsoft.json.dll 8.0.2.19309
newtonsoft.json.schema.dll 2.0.2.19309
protobuflist.dll 3.0.0.1611
remoteobject.dll 3.0.0.1611
svg.dll 2.2.1.39233
utility.dll 3.0.0.1611
ies\ieshotfix\web\fastlanechannel
-------------------------------------------------------------------
config.xml *
log4net.config *
web.config *
ies\ieshotfix\web\fastlanechannel\bin
-------------------------------------------------------------------
apihelper.dll 3.0.0.1611
apirouting.dll 3.0.0.1611
commondefinition.dll 3.0.0.1611
debugmsg.dll 3.0.0.1611
fastlanechannel.dll 3.0.0.1611
google.protocolbuffers.dll 2.4.1.555
google.protocolbuffers.serialization.dll 2.4.1.555
icsharpcode.sharpziplib.dll 0.86.0.518
log4net.dll 1.2.15.0
newtonsoft.json.dll 8.0.2.19309
newtonsoft.json.schema.dll 2.0.2.19309
protobuflist.dll 3.0.0.1611
remoteobject.dll 3.0.0.1611
svg.dll 2.2.1.39233
utility.dll 3.0.0.1611
ies\ieshotfix\web\osfchannel
-------------------------------------------------------------------
config.xml *
log4net.config *
web.config *
ies\ieshotfix\web\osfchannel\bin
-------------------------------------------------------------------
apihelper.dll 3.0.0.1611
apirouting.dll 3.0.0.1611
commondefinition.dll 3.0.0.1611
config.dll 3.0.0.1611
debugmsg.dll 3.0.0.1611
google.protocolbuffers.dll 2.4.1.555
google.protocolbuffers.serialization.dll 2.4.1.555
icsharpcode.sharpziplib.dll 0.86.0.518
log4net.dll 1.2.15.0
newtonsoft.json.dll 8.0.2.19309
newtonsoft.json.schema.dll 2.0.2.19309
osfchannel.dll 3.0.0.1611
protobuflist.dll 3.0.0.1611
remoteobject.dll 3.0.0.1611
svg.dll 2.2.1.39233
utility.dll 3.0.0.1611
ies\ieshotfix\xslt
-------------------------------------------------------------------
diskioc-filter.xslt *
invscan-to-table.xslt *
invscan-transform-specified.xslt *
invscan-transform.xslt *
ioc-filter.xslt *
native-ioc-filter.xslt *
quickinvioc-filter.xslt *
sweepioc-filter.xslt *
xml-to-detaillist.xslt *
xml2json.xsl *
ivp
-------------------------------------------------------------------
placeholder.txt *
run.bat *
ivp\ivphotfix
-------------------------------------------------------------------
ivpserverinstaller.exe 3.0.0.2752
ivp\ivphotfix\agentpackage
-------------------------------------------------------------------
hfx_ivp.zip *
hfx_ivp.zip.cat *
hfx_ivp_x64.zip *
hfx_ivp_x64.zip.cat *
instupg_ivp.zip *
instupg_ivp.zip.cat *
instupg_ivp_x64.zip *
instupg_ivp_x64.zip.cat *
iserviceinst.ini *
iserviceupd.ini *
ivp\ivphotfix\script
-------------------------------------------------------------------
uploadlog.ps1 *
openjdk
-------------------------------------------------------------------
bundledjava.zip *
B. Network Traffic Required in Deployment
-------------------------------------------------------------------
Estimated size (in terms of bandwidth) of deployed agent files
in this Critical Patch.
- 32-bit agent total = 202.6 MB
- 64-bit agent total = 206.1 MB
2. Documentation Set
To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com
- Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product.
To access the Online Help, go to http://docs.trendmicro.com
- Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product.
- Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product.
- Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'.
- Support Portal: The Support Portal contains information on troubleshooting and resolving known issues.
- To access the Support Portal, go to http://success.trendmicro.com
3. System Requirements
1. Trend Micro Apex One Build 1062 - English - Windows - x32-x64
4. Installation
Installing
To install:
- Copy the Critical Patch executable file to a temporary folder on the server, for example, "C:\temp".
- Double-click the file. The modules are automatically copied to the correct destination.
This Critical Patch installation package automatically rolls back the Apex One server to its previous configuration if there are problems during installation. If you encounter problems after installation, do a manual rollback.
Uninstalling
To manually roll back to the previous build:
- Locate the backup folder that the Critical Patch package created in the "\PCCSRV\Backup\Critical Patch_B9204" directory.
- Stop the Apex One Master Service.
- Stop "LogServer.exe" to disable debugging mode if "LogServer.exe" is running at this time.
- Stop the Apex One Apex Central Agent Service.
- Stop the Apex One Plug-in Manager Service.
- Stop the World Wide Web Publishing Service.
- Back up the "libSQLDatabaseUpgrade.dll" and "oscedbt.exe" files under the "\PCCSRV\Admin\Utility\SQL" folder.
- Copy the backup modules to the original folders.
- Restore the backup "libSQLDatabaseUpgrade.dll" and "oscedbt.exe" files to the "\PCCSRV\Admin\Utility\SQL" folder. The file version of "libSQLDatabaseUpgrade.dll" and "oscedbt.exe" is "14.0.0.9204".
- Open a command prompt using an account with administrator privileges, and navigate to the "PCCSRV\Admin\Utility\SQL" folder of the Apex One server installation directory.
- Run the "UpgradeSQLSchema.bat" file.
- Locate the backup folder in the "\PCCSRV\Backup" directory.
- Open a command prompt using an account with administrator privileges, and navigate to the "PCCSRV\Backup" folder of the Apex One server installation directory.
- Run the following command in a single line: reg.exe restore HKLM\SOFTWARE\Wow6432Node\TrendMicro\OfficeScan\service RegBak_Critical Patch_B9204.reg
- Start the World Wide Web Publishing Service.
- Start the Apex One Plug-in Manager Service.
- Start the Apex One Apex Central Agent Service.
- Start the Apex One Master Service.
5. Post-installation Configuration
No post-installation steps are required.
NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product.
6. Known Issues
Known issues in this release:
Known issue 1
The user or account name in Attack Discovery logs may be empty.
Known issue 2
The signer info in the Attack Discovery logs may be empty.
Known issue 3
Apex One Patch 4 only supports importing user role files (DAT extension) from other Apex One Patch 4 servers. You cannot import user roles from older server versions.
7. Release History
Prior Hotfixes
Only this Critical Patch was tested for this release. Prior hotfixes were tested at the time of their release.
Issue
Hotfix 9175
(SEG-97928)
After configuring Data Protection keys that monitor file uploads to websites, Security Agents may still randomly block file uploads to approved sites.
Solution
This Hotfix updates the Data Protection module to resolve this issue.
Issue
Hotfix 9175
(SEG-97398)
When users run a third-party inventory scanning software on a security agent computer, the Apex One Security Agent does not report the correct product version properly.
Solution
This Hotfix updates the Apex One Security Agent program to resolve this issue.
Issue
Hotfix 9175
(SEG-94764)
The Microsoft Windows login screen may stop unexpectedly after migrating an OfficeScan XG Security Agent to Trend Micro Apex One.
Solution
This Hotfix updates the Apex One Security Agent program to resolve this issue.
Issue
Hotfix 9175
(SEG-98669)
An Update Agent running on a 64-bit operating system and which updates agent programs from itself may not be able to upgrade from OfficeScan XG Service Pack 1 to Trend Micro Apex One successfully.
Solution
This Hotfix updates the Security Agent program to resolve this issue.
Enhancement
Hotfix 9175
(VRTS-5529), (VRTS-5528)
This Hotfix resolves a payload execution security issue.
Enhancement
Hotfix 9175
(SEG-96964)
This Hotfix helps ensure that Apex One Security agents do not send duplicate virus logs to the server.
Issue
Critical Patch 9167
(SEG-85262)
An issue causes Apex One Security Agents to appear offline after an agent upgrade.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Procedure
To apply the solution:
- Install this Critical Patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the following keys and values.
- Save the changes and close the file.
- [Global Setting]
- DelayedAutostartListen=1
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to clients. The Apex One server deploys the command to Security Agent and adds the following registry entry on all Security Agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro \PC-cillinNTCorp\CurrentVersion\Misc.
- Key: DelayedAutostartListen
- Type: DWORD
- value: 1
Issue
Critical Patch 9167
(SEG-94922), (SEG-95940)
An issue prevents Apex One Security Agents from applying hotfixes successfully from the Apex One server.
Solution
This Critical Patch updates the Firewall module in Security Agents to resolve this issue.
Issue
Critical Patch 9167
(SEG-95045)
Microsoft™ Word stops unexpectedly on Apex One Security Agent computers.
Solution
This Critical Patch resolves this issue.
Issue
Critical Patch 9167
(SEG-85525)
Pop-up windows from internal websites do not display when Web Reputation is enabled on Security Agents.
Solution
This Critical Patch updates the Apex One Security Agent program and allows users to configure Apex One to skip certain events that cause the issue.
Procedure
To configure Apex One to skip certain events that cause pop-up windows to be blocked, deploy the following solution globally:
- Install this Critical Patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
- Under the "Global Setting" section, manually add the "OspreyAsyncServerLookup" key and "UmPassThruFlags" key and set the following values:
- [Global Setting]
- OspreyAsyncServerLookup=0
- UmPassThruFlags=256
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entries on all Apex One agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\Osprey\Scan\Common\HttpManager\config
- Key: AsyncServerLookup
- Type: DWORD
- Value: 0
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
- Key: UmPassThruFlags
- Type: DWORD
- Value: 0x100 (256)
- Restart the Apex One Security Agent.
Issue
Critical Patch 9167
(SEG-94795)
An issue related to the "cgiChkMasterPwd.exe" process may cause the Apex One server to stop unexpectedly.
Solution
This Critical Patch updates the Apex One server program to resolve the issue.
Issue
Critical Patch 9167
(SEG-94931)
"Svrsvcsetup.exe" may stop unexpectedly during installation of Apex One Patch 3 and any later build.
Solution
This Critical Patch updates the Apex One server program to resolve the issue.
Issue
Critical Patch 9167
(SEG-89026)
An Apex One server with Security Agent installed uses the agent proxy settings automatically which prevents Apex One from subscribing to the Suspicious Object lists on the registered Apex Central server.
Solution
This Critical Patch updates the Apex One program to resolve the issue.
Issue
Critical Patch 9167
(SEG-94991)
When connecting to the census server, Security Agents do not bypass the proxy server even when configured to do so through the proxy auto-configuration (PAC) script file.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Critical Patch 9167
(VRTS-5072), (VRTS-5055)
An issue related to the VSAPI decompress function may cause a vulnerability in the Apex One program.
Solution
This Critical Patch resolves the issue to remove the vulnerability.
Issue
Critical Patch 9167
(SEG-95443)
The Apex One server uses SSL port "4343" for server-agent communication, but the "TmCCSF.exe" agent process connects to the Apex One server port "443" in certain scenarios.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Critical Patch 9167
(VRTS-5380)
The spyware scan feature of Manual Scan in Apex One Security Agents is affected by an Improper Access Control Privilege Escalation vulnerability.
Solution
This Critical Patch updates the Apex One Security Agent program to remove the vulnerability.
Enhancement
Critical Patch 9167
(SEG-95408)
This Critical Patch enables Apex One to support the application filter hash matching feature for the Firewall Policy Exception so that users are able to specify applications to use the file hash value on.
Procedure
To enable the new settings:
- Install this Critical Patch (see "Installation").
- Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the "EnableHashMatch" key and set its value to "1".
- [Global Setting]
- EnableHashMatch=1
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entry on all Apex One security agent computers:
- Path:
- For x64 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\PFW\
- For x86 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\PFW\
- Key: EnableHashMatch
- Type: REG_DWORD
- Value: 1
Enhancement
Critical Patch 9167
(VRTS-5155)
This Critical Patch resolves an Out-Of-Bounds Write security issue in Apex One.
Enhancement
Critical Patch 9167
(VRTS-5035)
This Critical Patch resolves a Server-Side Request Forgery Information Disclosure security issue in Apex One.
Enhancement
Critical Patch 9167
(VRTS-4920), (VRTS-4932), (VRTS-4945), (VRTS-4954), (VRTS-5120), (VRTS-4942), (VRTS-5234), (VRTS-5147), (VRTS-5242), (VRTS-4948), (VRTS-4991), (VRTS-5064), (VRTS-5068)
This Critical Patch fixes the exposure of sensitive information to an unauthorized actor security issue.
Enhancement
Critical Patch 9167
(VRTS-5135)
This Critical Patch resolves an Out-Of-Bounds Read security issue in Apex One.
Issue
Hotfix 9158
(SEG-86706)
The Active Directory (AD) structure cannot be synchronized successfully with the Apex One server when the AD forest is large.
Solution
This Hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 9158
(SEG-88352), (SEG-87454)
Apex One Off-premise Security Agents may still appear "Offline" on the Apex One web console even when these agents are already connected to the Edge Relay Server and are able to successfully receive the enhanced security policies across the network.
Solution
This Hotfix updates the Apex One SQL package to resolve the issue.
Issue
Hotfix 9158
(PDGJIRA-94429)
The domain users and groups used in User-Defined Rules for Application Control criteria can't take correct action based on criteria settings.
Solution
This Hotfix updates the Application Control files to resolve this issue.
Issue
Hotfix 9158
(SEG-88550)
Certain applications may take a long time to launch while the Device Control feature is enabled on a protected computer.
Solution
This Hotfix updates the Behavior Monitoring module to resolve this issue.
Procedure
To apply and deploy the solution globally:
- Install this Hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the following key and set its value to "1".
- [Global Setting]
- AegisSkipExplorerCreateMutant=1
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entry on all security agent endpoints:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
- Key: SkipExplorerCreateMutant
- Type: DWORD
- Value: 1
Issue
Hotfix 9158
(SEG-82231)
The "Summary/Dashboard" screen of the Apex One web console displays as a blank page. This happens because the specified Microsoft™ Windows™ account does not have sufficient web service framework access permissions.
Solution
This Hotfix updates the Apex One server program to resolve the issue.
Issue
Hotfix 9158
(SEG-93559)
After applying Trend Micro Apex One Patch 3, the Security Agent status may not display accurately on the Apex One web console. This occurs if the existing Apex One SQL database was not migrated correctly which may corrupt the database.
Solution
This Hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 9158
(SEG-94718)
Users cannot install the Security Agent remotely from the Apex One Web Console and get the "An error occured. Make sure your network connection is active and that the Apex One service is running. If you encounter this error again, contact your support provider for troubleshooting assistance." message appearance.
Solution
This Hotfix updates the Apex One server program to resolve this issue.
Enhancement
Hotfix 9158
(SEG-86911)
This Hotfix enables users to configure the Apex One console to only display the Summary/Dashboard screen to users who log on using the "root" account. Enabling this feature will prevent all other accounts from viewing any dashboard widgets/data after logging on to the Apex One console.
Procedure
To configure Apex One to restrict access to the Dashboard to "root" account users:
- Install this Hotfix (see "Installation").
- Open the "ofcserver.ini" file in the "\PCCSRV\Private" folder on the Apex One server installation directory.
- Under the "INI_SERVER_SECTION" section, manually add the "HideDashboardForNonRoot" key and set its value to "1".
- [INI_SERVER_SECTION]
- HideDashboardForNonRoot=1
- Save the changes and close the file.
Issue
Patch 9120
(SEG-89335)
Users may not be able to view Predictive Machine Learning Log Details on the Apex One web console when the file name or the file path contains Japanese characters.
Solution
This Patch updates the Apex One server program and SQL package to resolve the issue.
Issue
Patch 9120
(SEG-89493)
Users will not be able to uninstall a security agent using the "PccNTMon.exe -m <uninstallation password>" command if the agent uninstallation password contains "-c".
Solution
This Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Patch 9120
(SEG-88775)
The following error occurs when users run the "autopcc.exe -f -u" command on an agent computer.
"Unable to upgrade/update the Apex One Security Agent. At least one file cannot be replaced. Unload the Apex One Security Agent and try again."
Solution
This Patch updates the Apex One server program to resolve this issue.
Issue
Patch 9120
(SEG-89519)
When an incorrectly formatted Device Control settings file is loaded, Apex One Real-time Scan does not start as expected.
Solution
This Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Patch 9120
(SEG-81376)
Apex One cannot retrieve the correct domain information for agents that are in the Read-Only Domain Controller (RODC).
Solution
This Patch updates the Apex One agent program to resolve this issue.
Issue
Patch 9120
(SEG-89394)
The Apex One Master Service stops responding repeatedly after Apex One Patch 3 Build 8378 is applied.
Solution
This Patch updates the Apex One server program to resolve this issue.
Issue
Patch 9120
(SEG-84875)
Sometimes, an issue related to the "tmescore.sys" and "tmesutil.sys" drivers of the Apex One Endpoint sensor may trigger blue screen of death (BSOD) on Dell laptops.
Solution
This Patch updates the Apex One security agent program to resolve this issue.
Issue
Patch 9120
(SEG-87227)
The Apex One server may not display Security Agent logs on the web console.
Solution
This Patch updates the Apex One server program to prevent this issue.
Issue
Patch 9120
(SEG-92310)
The Apex One Common Client Solution Framework service may stop unexpectedly and create multiple dump files due to a threading issue.
Solution
This Patch updates the Apex One Security Agent program to resolve the issue.
Issue
Patch 9120
(SEG-92213)
The Apex One Common Client Solution Framework may stop unexpectedly on the Security Agents.
Solution
This Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Patch 9120
(VRTS-4681), (VRTS-4687), (VRTS-4691), (VRTS-4692), (VRTS-4694), (VRTS-4698), (VRTS-4699), (VRTS-4685), (VRTS-4686), (VRTS-4688), (VRTS-4689), (VRTS-4690), (VRTS-4693), (VRTS-4695), (VRTS-4696), (VRTS-4697), (VRTS-4700), (VRTS-4701), (VRTS-4702)
Apex One uses a version of PHP that may cause vulnerabilities.
Solution
This Patch upgrades PHP to version 7.4.9 to prevent these vulnerabilities.
Issue
Patch 9120
(SEG-94725)
Policy deployment failure issue when upgrade from Apex One B2xxx or earlier build.
Solution
This Patch updates the Apex One server program to resolve this issue.
Issue
Patch 9120
(VRTS-5167)
An issue prevents External Agents from querying the Global Web Rating server using HTTPS.
Solution
This Patch resolves the issue so External Agents can query the Global Web Rating server using HTTPS normally.
Enhancement
Patch 9120
(SEG-84275)
When Apex One Security Agents are installed in Virtual Desktop Infrastructure (VDI) environment, virtual desktops are created and abandoned quickly which leaves a large number of duplicate machine name entries on the Apex One server web console. The entries will not have the same IP Address and MAC Address. This makes the total security agent count inaccurate. This Patch enables Apex One to delete duplicate machine name entries.
Procedure
To configure Apex One to delete the duplicate machine name entries:
- Install this Patch (see "Installation").
- Open the "ofcserver.ini" file in the "\PCCSRV\Private" folder on the Apex One server installation directory.
- Under the "INI_SERVER_SECTION" section, manually add the "EnableCheckClientComputerName" key and set its value to "1".
- [INI_SERVER_SECTION]
- EnableCheckClientComputerName=1
- Save the changes and close the file.
- Restart the Apex One Master Service.
- Perform a restart on the affected Apex One security agents.
Enhancement
Patch 9120
(SEG-70548)
This Patch updates the Server Migration tool program to prevent binary version mismatch issues.
Enhancement
Patch 9120
Security Agent installation support for the Windows 10 October 2020 Update (20H2).
Enhancement
Patch 9120
(SEG-84212), (PDGJIRA-7779)
Installing Trend Micro Apex One Patch 3 also installs the Support Connector tool by default. This tool creates a scheduled task "Trend Micro Apex One Security Services Support Connector" and runs an hourly poll on the backend. This Patch allows users to disable the polling behavior. Refer to "https://success.trendmicro.com/solution/000232603" for details.
Enhancement
Patch 9120
This Patch adds the SQL Transfer Tool to provide support to move the Endpoint Sensor database (if installed on the same SQL Server as the Apex One database).
Enhancement
Patch 9120
(SEG-92365)
This Patch improves the Data Loss Prevention forensic data upload to increase the maximum uploaded file size to 100MB. To better facilitate the import of larger files, the queue mechanism has been enhanced to minimize the risk of upload timeouts. In order to enable the larger file size upload, some manual configuration steps are required on the Apex One and Apex Central servers. For the detailed steps, see https://success.trendmicro.com/solution/000282727.
Enhancement
Patch 9120
(SEG-93143)
This Patch updates the Apex One information in the server and changes the default installation folder name to "Security Agent" for freshly installed agents.
Enhancement
Patch 9120
This Patch adds Enhanced Support Services for Apex One server. This is part of a future update channel that will be used for rapid deployment of solution patches. Refer to the following website for more details. https://success.trendmicro.com/solution/000283789
Issue
Critical Patch 8422
(SEG-91038)
An issue prevents the Trend Micro Apex One Data Protection Service from starting after Apex One Critical Patch 8417 is applied on a computer running on the Microsoft™ Windows™ 7 platform.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8422
(SEG-89876)
When the Apex One Data Protection Service is enabled on the Apex One Security Agent, sharing files over a network may be delayed or blocked.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8422
(SEG-89725)
DLP Violation Detection alerts may be generated through the HTTP/HTTPS channels when users drag files onto web browsers and the action is not for file upload.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8422
(SEG-91538)
An issue related to the Apex One Data Protection Service can disable the Wireless NIC interface unexpectedly when users start the Mozilla(R) Firefox(R) web browser on protected computers.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8417
(SEG-85427)
It may take a long time to share files between protected computers over a network when the Apex One Data Protection Service is enabled on the Apex One security agent.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8417
(SEG-82303)
Sometimes, the Dashboard page of the Apex One web console appears as a blank page.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8417
(SEG-86813)
After applying Apex One Patch 3, users may not receive email notifications for security risk detections.
Solution
This Critical Patch updates the TMNotify module to resolve this issue.
Issue
Critical Patch 8417
(SEG-88791)
An ADOexception error on the Apex One Database Service may cause inaccurate agent count information to display on the "Managed Agents" group of the Endpoint Status Widget and on the "Total number of agents" field on the "Update Summary" page of the Apex One web console.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8417
(SEG-86363)
Garbled characters may appear under the "Infected File/Object" column in Virus/Malware Logs on the Apex One web console.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Critical Patch 8417
(SEG-87443)
"Google Drive" displays in the "Channel" field in Trend Micro Data Loss Prevention™ (DLP) logs when it should be "OneDrive".
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8417
(SEG-87886)
On the "Agents > Agent Management > Status" page of the Apex One web console, the platform information of agents installed on the Microsoft™ Windows™ Server 2019 platform appear as Windows Server 2016.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8417
(SEG-89434)
After applying Apex One Critical Patch 8400, users cannot save changes to the Web Reputation Settings on the web console.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8417
(SEG-89437)
After applying Apex One Critical Patch 8400, the confirmation message does not display after users click "Save" on the "Spyware/Grayware Approved List" page.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8417
(SEG-86887)
After applying Apex One Patch 3, the "Logs > System Events" page of the Apex One web console displays a blank page.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8417
(SEG-75487)
Sometimes, an issue related to the Apex One Data Protection feature prevents users from opening an encrypted file through a third-party software.
Solution
This Critical Patch updates the Data Protection module to resolve the issue.
Issue
Critical Patch 8400
(SEG-72675)
The Trend Micro Data Loss Prevention™ (DLP) module cannot block webmail in "Outlook.com" on any web browser.
Solution
This Critical Patch updates the DLP module to resolve this issue.
Issue
Critical Patch 8400
(SEG-73398)
After an Apex One agent switches scan methods from smart scan to conventional scan, it becomes a conventional scan agent but its information still appear in the update logs of the Smart Scan Agent Pattern.
Solution
This Critical Patch resolves this issue by enabling Apex One to check the scan method of agents before writing agent component update logs.
Issue
Critical Patch 8400
(SEG-79420), (SEG-82039)
After applying Apex One Patch 2, you may not be able to save new custom Security Agent domain names or group names on the "Add IP Address Grouping" screen if the name contains certain characters. Existing domains containing the characters may also appear garbled on the "Add IP Address Grouping" screen.
Solution
This Critical Patch updates the Apex One server program to prevent this issue.
Issue
Critical Patch 8400
(SEG-79662)
The Apex One Behavior Monitoring feature may cause high CPU usage issues in protected computers.
Solution
This Critical Patch updates the Behavior Monitoring module to resolve the issue.
Issue
Critical Patch 8400
(SEG-79258)
An issue prevents the Server Migration tool from importing the Trend Micro OfficeScan™ 11.0 Service Pack 1 server settings to Apex One.
Solution
This Critical Patch updates the Server Migration tool program to resolve this issue.
Issue
Critical Patch 8400
(SEG-82128)
An issue prevents users from relocating Apex One agents to another server or another directory on the same server using the Apex Central Automation API.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8400
(SEG-84009)
After applying Apex One Patch 3, users cannot move Security Agents to another server using the EnableMoveNATClient feature. This happens due to an enhanced security check mechanism for moving Security Agents in Patch 3.
Solution
This Critical Patch updates the security check mechanism to ensure that you can move Security Agents using the EnableMoveNATClient feature.
Issue
Critical Patch 8400
(SEG-73197)
Users may receive false positive C&C callback alerts on Apex One security agents. This happens because the Network Content Inspection Engine (NCIE) reloads every few seconds.
Solution
This Critical Patch resolves the issue by updating the Apex One agent program.
Issue
Critical Patch 8400
(SEG-79144)
The memory usage of the Apex One Security Agent console process "PccNt.exe" increases unexpectedly when it runs for a long time.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Critical Patch 8400
(SEG-83394)
The Trend Micro Unauthorized Change Prevention Service may slow down the performance of Microsoft™ Word applications when the officeatwork Add-In is enabled.
Solution
This Critical Patch updates the Behavior Monitoring module and enables users to configure Apex One to skip certain events to help prevent the issue.
Procedure
To configure Apex One to skip certain events to help prevent the issue and deploy the solution globally:
- Install this Critical Patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder in the Apex One server installation directory.
- Under the "Global Setting" section, manually add the "DisableLoadImageNotify" key and "AegisDisablePostCloseSync" key and set both to "1".
- [Global Setting]
- DisableLoadImageNotify=1
- AegisDisablePostCloseSync=1
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entries on all Apex One agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
- Key: DisablePostCloseSync
- Key: DisableLoadImageNotify
- Type: DWORD
- Value: 1
- Restart the Apex One security agent.
Issue
Critical Patch 8400
(SEG-78128)
Users may not be able to send enhanced security policies to Security Agents across the network successfully when managing the Apex One server from the Apex Central web console. This happens because the specified Microsoft Windows account that manages the existing Apex One SQL database does not have sufficient web service framework access permissions when writing the related debug logs.
Solution
This Critical Patch updates the Apex One server program to prevent this issue from occurring.
Issue
Critical Patch 8400
(SEG-82278), (SEG-81147)
Sometimes, users may not be able to run a security assessment on Security Compliance for Unmanaged Endpoints successfully.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8400
(SEG-74385)
Certain third-party web applications may not work properly on endpoints with the Apex One Firewall enabled.
Solution
This Critical Patch resolves the issue by updating the Apex One Security Agent program and adjusting the service flow of the Trend Micro NDIS 6.0 Filter Driver (TmLWF.sys) in the Apex One Firewall.
Issue
Critical Patch 8400
(SEG-82928)
There is a typographical error in the "Initiate Unloading" button on the "Agent Uninstallation" page of the Apex One French web console.
Solution
This Critical Patch updates the Apex One server files to correct the error.
NOTE: Please refer to the following link for the steps to show how an Administrator can unload single or multiple Apex One agents simultaneously from the Apex One web console if customer need: https://success.trendmicro.com/intkb/solution/1117401
Issue
Critical Patch 8400
(SEG-81688)
On the Windows 10 platform, the SYSTEM process reports a commit size while the DLP service is running on agent computers.
Solution
This Critical Patch updates the DLP module to resolve this issue.
Issue
Critical Patch 8400
(SEG-81246)
The DLP feature may block the USB Scanner application unexpectedly.
Solution
This Critical Patch updates the DLP module to resolve this issue.
Issue
Critical Patch 8400
(SEG-80524)
An issue prevents users from enabling the DLP addin for Microsoft Outlook.
Solution
This Critical Patch updates the DLP module to resolve this issue.
Issue
Critical Patch 8400
(SEG-78150)
A security agent's status may remain "Offline" and its location indicated as "external" even when it is already connected to the Apex One server.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8400
(SEG-84440)
Sometimes, Apex One security agents cannot download pattern files from the Apex One server normally because the Apex One Real-time Scan ("Ntrtscan.exe") service runs into a deadlock situation.
Solution
This Critical Patch updates the Apex One security agent program to resolve the issue.
Issue
Critical Patch 8400
(SEG-79072)
Users that do not have the required permissions may be able to access the Apex One (Mac) plugin console.
Solution
This Critical Patch updates the permission checkpoint logic to resolve the issue.
Issue
Critical Patch 8400
(PDGJIRA-78837)
The Apex One Security Agent cannot retrieve the latest Application Control criteria because the Application Control policy content is incomplete.
Solution
This Critical Patch updates the Application Control policy files to resolve this issue.
Issue
Critical Patch 8400
(PDGJIRA-82292)
An issue prevents users from selecting or deselecting applications in the Application Reputation List of the Application Control Criteria.
Solution
This Critical Patch updates the Application Control files to resolve this issue.
Issue
Critical Patch 8400
(PDGJIRA-77015)
The Application Control certificate criteria does not work normally when matching by certificate types.
Solution
This Critical Patch updates the Application Control files to resolve this issue.
Issue
Critical Patch 8400
(SEG-65917)
Users cannot move agents to a specific domain on the target server using the EnableMoveNATClient feature in the following command format:
- #moveto_<target Server IP or hostname>:HTTP port|HTTPS port\targetdomain
This happens because the backslash "\" prevents the feature from retrieving the full domain name from the SQL database.
Solution
This Critical Patch updates the Apex One agent program to resolve this issue.
Issue
Critical Patch 8400
(SEG-85489)
After applying Apex One Patch 3, the major version of the Virus Scan Engine should be "12", but appears as "10" on the "Update Summary" page.
Solution
This Critical Patch ensures that the correct major version information for the Virus Scan Engine appears on the "Update Summary" page.
Issue
Critical Patch 8400
(SEG-84172)
After a Security Agent unsuccessfully attempts an upgrade, the error log incorrectly displays the Apex One server hostname, not the endpoint hostname.
Solution
This Critical Patch updates the Apex One Security Agent to properly record the endpoint hostname in the error logs.
Issue
Critical Patch 8400
(SEG-85159)
Customized DLP templates disappear after applying Apex One Patch 3, because Patch 3 does not migrate these templates.
Solution
This Critical Patch adds the DLP templates migration process to prevent this issue.
Issue
Critical Patch 8400
(SEG-74746)
On the Apex One web console, firewall logs do not display any process name information for incoming traffic detected.
Solution
This Critical Patch updates the Apex One server program to prevent this issue.
Procedure
To configure Apex One to skip certain events to help prevent the issue and deploy the solution globally:
- Install this Critical Patch (see "Installation").
- Open the "ofcserver.ini" file in the "\PCCSRV\Private" folder in the Apex One server installation directory.
- Under the "INI_SERVER_SECTION" section, manually add the "CFWShowAllPV" key and set it to "1". [INI_SERVER_SECTION] CFWShowAllPV=1
- Save the changes and close the file.
- Restart the Master services.
Issue
Critical Patch 8400
(SEG-85840)
After applying Apex One Patch 3, Apex One agents cannot update the Contextual Intelligence Query Handler component to version 1.100.1073.
Solution
This Critical Patch updates the install process to prevent this issue.
Issue
Critical Patch 8400
(SEG-82901), (SEG-86661)
Outdated Apex One agents do not appear on the dashboard after users click the outdated link.
Solution
This Critical Patch updates the Apex One Server program to prevent this issue.
Issue
Critical Patch 8400
(SEG-84866)
The Apex One scan exclusion setting does not work properly when there are no exclusions at the root level.
Solution
This Critical Patch updates certain SQL stored procedures to solve this issue.
Issue
Critical Patch 8400
(SEG-85456)
Sample files are not sent to the Trend Micro Deep Discovery Analyzer server because the Apex One Deep Discovery service has stopped unexpectedly.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8400
(SEG-80898)
False DLP alerts may be generated when users run "WinScp.exe".
Solution
This Critical Patch updates the DLP module to resolve this issue.
Issue
Critical Patch 8400
(VRTS-4574), (VRTS-4575)
An issue related to the Trend Micro Browser Exploit Prevention module may cause an Out-of-bounds Read vulnerability.
Solution
This Critical Patch updates the Trend Micro Browser Exploit Prevention module to resolve the vulnerability.
Issue
Critical Patch 8400
(VRTS-4890), (VRTS-4892), (VRTS-4894), (VRTS-4924), (VRTS-4928)
Apex One is affected by an Improper Access Control Information Disclosure vulnerability.
Solution
This Critical Patch updates the Apex One server program to remove the vulnerability.
Issue
Critical Patch 8400
(SEG-86581)
The Suspicious Connection Service stops after Apex One Patch 3 is installed on an external agent that does not directly connect to the Apex One server.
Solution
This Critical Patch updates the Apex One Security Agent program to resolve the issue.
Issue
Critical Patch 8400
(SEG-86170)
After applying Apex One Patch 3, Trend Micro Apex One Antivirus appears multiple times in the query results when users check for antivirus software on a system using the following command:
wmic /namespace:\\root\securitycenter2 path antivirusProduct get /format:list
Solution
This Critical Patch updates the Apex One agent program to resolve this issue.
Issue
Critical Patch 8400
(SEG-82876)
Third-party FTP applications may experience slow file transfer when the Apex One Data Protection Service is enabled on the Security Agent.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8400
(SEG-84526)
After configuring the Data Protection keys that monitor file uploads to websites, Data Protection appears to randomly block uploads to any website.
Solution
This Critical Patch updates the Data Protection module to resolve this issue.
Issue
Critical Patch 8400
(SEG-85641)
The Apex One Master Service stops unexpectedly after users upgrade an OfficeScan XG server to Apex One Patch 3.
Solution
This Critical Patch updates the Apex One server program to resolve this issue.
Issue
Critical Patch 8400
(SEG-84643), (SEG-86956)
An issue prevents users from migrating an Apex One SQL server using SQL 2008 R2.
Solution
This Critical Patch updates the Apex One SQL program to prevent this issue.
Issue
Critical Patch 8400
(SEG-88193)
Users may still be able to access USB storage devices even after setting the Device Control permissions for USB Storage Devices to "Block".
Solution
This Critical Patch updates DLP Endpoint SDK 6.2 to add a switch that responds when a device status changes to help prevent the issue from occurring.
Procedure
To enable the switch to respond when the device status changes:
- Install this Critical Patch (see "Installation").
- Open the "dlp.ini" file in the "\PCCSRV\Private\" folder of the Apex One server installation directory using a text editor.
- Under the "Configure" section, manually add the "DEVICE_CHANGE_QUICK_RESP" key and set its value to "true".
- [Configure]
- DEVICE_CHANGE_QUICK_RESP=true
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Agent Management > Select domains or agents > Settings > DLP settings" screen.
- Click "Save" to deploy the setting to agents". The Apex One server deploys the setting to Apex One agents and adds the following key in the "dsa.pro" file in the "\Windows\System32\dgagent\" folder:
- DEVICE_CHANGE_QUICK_RESP=true
- Restart the Apex One agent machines.
Issue
Critical Patch 8400
(SEG-83326)
Security Agent computers running on Microsoft™ Windows™ 10 May 2020 Update (20H1) may experience blue screen of death (BSOD) after waking up from sleep mode.
Solution
This Critical Patch updates the Behavior Monitoring module to resolve the issue.
Enhancement
Critical Patch 8400
(SEG-65917)
This Critical Patch allows administrators to move agents to a specific domain on the target server using the EnableMoveNATClient feature by creating domain hierarchy under the "#moveto_<target Server IP or hostname>:HTTP port|HTTPS port" domain on the source server.
Procedure
To move agents to a specific domain on the target server using the EnableMoveNATClient feature:
- Install this Critical Patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Add the following keys under the "Global Setting" section and set the following values:
- [Global Setting]
- EnableMoveNATClient=1, enables administrators to move unreachable clients between servers
- MoveNATClientDomainPrefix=#moveto_, (default) domain prefix for moving unreachable clients
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entries on all security agent computers:
- Path: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.\
- Key: EnableMoveNATClient
- Value: 1
- Path: HKLM\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.\
- Key: MoveNATClientDomainPrefix
- Value: #moveto_
- Open the Apex One web console and go to the "Agents > Agent Management > Manage Agent Tree > Add Domain" page.
- Specify the domain name "#moveto_<target Server IP or hostname>:HTTP port|HTTPS port". For example, "#moveto_10.1.1.1:80|443" or "#moveto_serverB:8080|4343".
- NOTES:
- Use the target Server IP if Apex One agents identify the server by IP while installing the target server.
- Use the target Server hostname if Apex One agents identify the server by hostname while installing the target server.
- Create the domain hierarchy under "#moveto_<target Server IP or hostname>:HTTP port|HTTPS port" domain or drop existing domain to "#moveto_<target Server IP or hostname>:HTTP port|HTTPS port" domain.
For example,
- Apex One Server
- ----- #moveto_serverB:8080|4343
- ---------- | subdomain1 |
- --------------- | subdomain2 |
- Move the agent to the specific domain in the domain hierarchy created in step 9.
For example, put agent in subdomain2 domain
- Apex One Server
- ----- #moveto_serverB:8080|4343
- ---------- | subdomain1 |
- --------------- | subdomain2 | agent
- NOTES: You may skip this step if you drop existing domain in step 9 and the agent has existed in the domain.
- The agent will be moved to the specific domain on the target server.
For example,
- Apex One Server
- ----- | subdomain1 |
- ---------- | subdomain2 | agent
Enhancement
Critical Patch 8400
(SEG-86154), (SEG-97609)
This Critical Patch enables the Behavior Monitoring feature to handle "svchost.exe" events and adds the following registry entry on all Security Agent computers.
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmactmon\Parameters
- Key: SendCreateProcessFromInspectionProcess
- Type: DWORD
- Value: 1
Issue
Patch 8378
(SEG-73829)
The Apex One Web Reputation feature cannot block websites in the Microsoft™ Edge™ Chromium web browser.
Solution
This Patch resolves the issue by enabling Apex One to support the Edge Chromium web browser.
Issue
Patch 8378
(SEG-76027)
The Trend Micro Data Loss Prevention™ (DLP) module generates two violation logs for a single Webmail action.
Solution
This Patch updates the DLP module to resolve this issue.
Procedure
To configure the Sync mode cache (for blocking action) setting:
- Install this hotfix (see "Installation")
- Open the "dlp.ini" file in the "\PCCSRV\Private\" folder on the Apex One server.
- Under the "Configure" section, manually add the following setting.
- [Configure]
- SYNC_MODE_FILE_CACHE=true
- Save the changes and close the file.
- Open the Apex One web console and click "Agents > Agent Management > Select domains or agents > Settings > DLP settings".
- Click "Save" to deploy the settings to agents.
- The Apex One server deploys the settings to Apex One agents.
Issue
Patch 8378
(SEG-79854)
The Apex One firewall service may block the connection to version 2.4.8 of OpenVPN.
Solution
This Patch updates the Apex One Security Agent program to resolve this issue.
Issue
Patch 8378
Installation of Trend Micro Apex One Patch 3 may be unsuccessful due to required files being locked by unknown processes.
Solution
This patch resolves the issue by ensuring that the necessary files can be released and updated.
Issue
Patch 8378
(SEG-81213)
After installing Trend Micro Apex One Patch 3, Apex One (Mac) users were unable to log on to the console if the latest version of Apex One (Mac) was not installed.
Solution
This patch resolves the issue and ensures users can continue to access the Apex One (Mac) console.
Issue
Patch 8378
During installation of Trend Micro Apex One Patch 3, an error may occur that prevented the necessary upgrade of Application Control files.
Solution
This patch resolves the Application Control issue.
Issue
Patch 8378
(VRTS-4792)
A possible vulnerability existed that could allow an attacker to inject arbitrary files into an update file path if the Apex One server updated from a local directory.
Solution
This patch fixes the vulnerability.
Issue
Patch 8378
(VRTS-4376)
Trend Micro Apex One was found to have the Improper Access Control Privilege Escalation Vulnerability.
Solution
This patch fixes the vulnerability.
Issue
Patch 8378
(SEG-81877)
vcruntime140.dll missing error when upgrading agents from OfficeScan XG / XG SP1
Solution
This patch resolves the agent upgrade issue.
Issue
Patch 8378
(SEG-74284)
If the following two keys have been added to an agent, the "PccNTMon.exe -n <password>" command will not work to unload the agent.
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tmactmon\Parameters
- Keys: SkipVirtualHarddisk
- Type: DWORD
- Value: 1 or 0
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\tmevtmgr\Parameters
- Keys: SkipDeviceVolume
- Type: DWORD
- Value: 1 or 0
Solution
This Patch updates the Behavior Monitoring Module to resolve this issue.
Issue
Patch 8378
(SEG-74894), (SEG-78875)
In non-English Apex One versions, garbled characters appear in the exported CSV file of certain logs.
Solution
This Patch updates the Apex One server program to resolve this issue.
Enhancement
Patch 8378
Security Agents can prevent ransomware attacks that leverage a vulnerability in the Encrypting File System (EFS) for Windows.
Enhancement
Patch 8378
This Patch removes the "Exclude the Apex One server database folder from Real-time Scan" option from the "Security Settings" tab on the "Global Agent Settings" page of the Apex One web console since Apex One no longer uses Codebase database.
Enhancement
Patch 8378
Apex One supports Security Agent installation on the Windows 10 May 2020 Update (20H1).
Enhancement
Patch 8378
The Apex One server and Security Agents collect Windows event logs related to critical system events (move Security Agent, uninstall Security Agent, reset password) and sends the logs to Apex Central Product Auditing Event logs.
Enhancement
Patch 8378
The Unload and Uninstall Security Agent feature includes enhanced password complexity requirements for better security.
Enhancement
Patch 8378
Support Connector Tool can assist in deploying a dedicated Support Connector Package for performing further troubleshooting steps upon the customers authorization.
Please refer to https://success.trendmicro.com/solution/000232603
Issue
Hotfix 2170
(VRTS-4541)
Except for the administrator account created during installation, user account passwords for the web console can be updated even when users have provided the wrong current password.
Solution
This hotfix updates the Apex One server program to remove the vulnerability.
Issue
Hotfix 2170
(SEG-75213)
When users set "bypass_itunes_nonstor_usb_dc=true" in the "dlp.ini" file of the Apex One server, they should be able to charge an iPhone on a Microsoft Windows™ 10 computer even when the device is set to "Block" Mobile Devices under the Device Control settings but users should not be able to access the iPhone. However, users can still access the iPhone under this configuration.
Solution
This hotfix updates the Data Protection module to ensure that when "bypass_itunes_nonstor_usb_dc=true", users may be able to charge an iPhone but not access it.
Issue
Hotfix 2170
(SEG-77543)
When the DLP service is enabled on Apex One security agent computers, Google Chrome 80 and higher versions may stop unexpectedly while users upload file attachments in Webmail.
Solution
This hotfix updates the DLP module to resolve this issue and enable it to block the upload of file attachments in Webmail on Google Chrome.
Enhancement
Hotfix 2170
(SEG-72598)
This hotfix updates the Apex One Security Agent program to allow users to disable the system balloon notification.
Procedure
To disable the system balloon notification:
- Install this hotfix (see "Installation").
- Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the following keys and values.
- [Global Settings]
- SkipBalloonNum=x, the number of notifications to disable
- SkipBalloonID0=yyy, balloon ID of the first notification
- SkipBalloonID1=zzz, balloon ID of the next notification
NOTE: Specify the balloon IDs of each notification to be disabled.
For example, to disable the following three notifications, set:
- [Global Setting]
- SkipBalloonNum=3
- SkipBalloonID0=101
- SkipBalloonID2=102
- SkipBalloonID3=103
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to clients. The Apex One server deploys the command to Security Agent and adds the following registry entry on all Security Agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro \PC-cillinNTCorp\CurrentVersion\Misc.
- Key: SkipBalloonNum
- Type: DWORD
- Value: x
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro \PC-cillinNTCorp\CurrentVersion\Misc.
- Key: SkipBalloonID0
- Type: DWORD
- Value: yyy
Enhancement
Hotfix 2170
(SEG-74790)
This hotfix updates the Apex One Master Service to change the callback address token in C&C callback alert email notifications from "http/https" to "hxxp/hxxps".
Procedure
To apply the solution:
- Install this hotfix (see "Installation").
- Open the "ofcserver.ini" file in the "\PCCSRV\Private" folder in the Apex One server installation directory.
- Under the "CCCA" section, manually add the following key and set it to "1":
- [CCCA]
- EnabledReplaceURL=1
- Save the changes and close the file.
- Restart the Apex One Master Service
Enhancement
Hotfix 2170
(SEG-68986)
This hotfix adds the "UK: RD&E Hospital Number" field to the DLP module rule template.
Issue
Hotfix 2165
(SEG-75111)
After upgrading to Apex One Patch 2 Build 2146 and any higher version, users cannot register Apex One successfully to Trend Micro Apex Central™ using certificates.
Solution
After applying the hotfix, users can successfully register Apex One to Apex Central using certificates.
Issue
Hotfix 2165
(SEG-75824)
Endpoints with "VMware Airwatch Tunnel" connected may experience a performance issue with web browsers due to a signature issue with the Windows Antimalware Scan Interface (AMSI) integration feature.
Solution
This hotfix updates the signature on the AMSI provider to resolve this issue.
Issue
Hotfix 2165
(SEG-55330)
An issue prevents the Security Risk Detections Over Time Widget from working normally.
Solution
This hotfix updates the Upgrade SQL Schema to resolve the issue so the Security Risk Detections Over Time Widget works normally.
Issue
Hotfix 2165
(SEG-73263)
A manual update may take an unusually long time to complete when launched by right-clicking the Security Agent icon in the Windows Task Bar and then selecting "Update Now".
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2165
(SEG-73842)
The following message appears on the notification panel of the Apex One Dashboard even when the Apex One server has already registered to an Apex Central server.
"Apex Central recommended. Your product license includes additional security features managed directly from the Apex Central console. Integrate with Apex Central to start using Vulnerability Protection and Application Control."
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2165
(SEG-72548)
The Apex One Predictive Machine Learning (PML) feature may prevent users from running scripts to write files normally.
Solution
This hotfix resolves the issue by allowing PML to follow the Real-time Scan Exclusion settings to bypass certain file I/O events that are hooked by the Behavior Monitoring module.
Issue
Hotfix 2165
(SEG-75127)
Sometimes, enhanced security policies cannot be sent to Security Agents across the network successfully when the Apex One server is managed from the Apex Central web console. This may happen when some settings on the Microsoft Internet Information Service (IIS) Application Server Manager have not been set properly. However, there are no relevant debug logs for tracing this issue.
Solution
This hotfix updates the Apex One server program to enhance debug log visibility for this issue.
Issue
Hotfix 2165
(SEG-65187)
If the "Enable CVE exploit scanning for files downloaded through web and email channels" option of the Real-time Scan Settings is enabled, users may experience high CPU usage issues on protected computers when an on-demand Manual Scan, Scan Now, or Scheduled Scan starts.
Solution
This hotfix updates the Apex One security agent program to resolve the issue.
Enhancement
Hotfix 2165
(SEG-49767)
A restart is required to complete updates for certain drivers. This hotfix enables administrators to configure how frequent the "Restart Computer" notification pops up on the agent console.
Procedure
To set the interval and number of times of "Restart Computer" notification which is popped up from agent console.
- Install this hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the following keys and set a preferred value for each.
- [Global Setting]
- EnableUserDefinedPopupNotify=1, to disable the feature, set this key to "0".
- UserDefinedPopupCount=X, the "Restart Computer" notification will pop up X times before users restart the computer, supports any integer from 1. NOTE: When administrators modify and re-deploy these three keys to the security agent or when the agent is reloaded, the number of times the "Restart Computer" notification pops up will be reset to zero.
- UserDefinedPopupNotifyIntervalMinute=Y, the "Restart Computer" notification will pop up about every Y minutes before users restart the computer, supports any integer from 1.
For example, to set the "Restart Computer" notification to popup every 30 minutes up to three times when ignored by the user, set:
- [Global Setting]
- EnableUserDefinedPopupNotify=1
- UserDefinedPopupCount=3
- UserDefinedPopupNotifyIntervalMinute=30
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entry on all security agent computers:
- Path:
- For x64 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.\
- For x86 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\Misc.\
- Key: EnableUserDefinedPopupNotify
- Type: DWORD
- Value: 1
- Key: UserDefinedPopupNotifyCount
- Type: DWORD
- Value: X
- Key: UserDefinedPopupNotifyIntervalMinute
- Type: DWORD
- Value: Y
Issue
Hotfix 2161
(SEG-74678)
Under certain extreme conditions, the CRC full pattern update process goes into an endless loop and causes a high CPU usage issue.
Solution
This hotfix adds a new iCRC engine in Apex One to resolve this issue.
Issue
Hotfix 2161
(SEG-74600)
When disabling Windows Defender, the Apex One agent program always checks whether it is still running or has stopped. If it is still running, the Apex One agent calls the API to disable it and displays a "Restart Required" message on the Apex One agent console.
Solution
This hotfix updates the Apex One agent program to remove this checking mechanism so it does not trigger the "Restart Required" message on the Apex One agent console.
Enhancement
Hotfix 2161
(SEG-73227)
This hotfix provides a way to prevent Apex One from applying the settings of a new domain on automatically grouped agents. This means that when a group of agents are transferred to a new domain, the agents will retain the existing policy settings instead of following the settings of the new domain.
Procedure
To prevent Apex One from applying the settings of a new domain on automatically grouped agents:
- Install this hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the "SkipApplyNewDomainSettings" key and set its value to "1".
- [Global Setting]
- SkipApplyNewDomainSettings=1
- Save the changes and close the file.
NOTE: After applying this key, security agents that were automatically moved to new domains will not apply the settings of the new domain and will retain the existing policy settings.
Issue
Hotfix 2160
(SEG-64968)
Microsoft™ Windows™ updates take longer to complete and use up more CPU resources on computers where the Apex One on-prem agent program is installed.
Solution
This hotfix updates the Apex One security agent program to resolve this issue.
Issue
Hotfix 2160
(SEG-74506)
A buffer overrun issue prevents users from uninstalling the German version of the Apex One Security Agent successfully.
Solution
This hotfix resolves the buffer overrun issue.
Issue
Hotfix 2160
(SEG-60823)
When OfficeScan XG agents are migrated from an OfficeScan XG server to an Apex One server, the agent upgrade process may encounter a looping issue which prevents the agent program from upgrading to Apex One.
Solution
This hotfix resolves the issue by ensuring that the Apex One server program handles legacy files properly.
Issue
Hotfix 2160
(SEG-73118)
When users upgrade OfficeScan 11 agents to Apex One agents using an upgrade package generated by the Agent Packager tool, some files under the agent installation folder are not updated.
Solution
This hotfix updates the Apex One server program to ensure that the Agent Packager includes all the necessary binaries in the Apex One security agent "Setup" installer package.
Issue
Hotfix 2157
(SEG-72143)
The update source for the Integrated Smart Protection Server is automatically set to "Trend Micro Apex Central" in the "Apex Central" settings page.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2157
(SEG-71848)
An exception error triggers the Apex One Master Service to stop unexpectedly while extracting a pattern file from a compressed file.
Solution
This hotfix updates the Apex One server program to enable it to handle the exception.
Issue
Hotfix 2157
(SEG-67691)
The Vulnerability Protection (VP) policy cannot be deployed because the Apex One VP agent program does not support customized installation paths (C:).
Solution
This hotfix updates the Apex One VP agent program to support customized installation paths.
Issue
Hotfix 2157
(SEG-71194)
It may take a long time to log on to Apex One security agent computers after start up.
Solution
This hotfix allows users to set the following three drivers that are related to the Virus Scan Engine to "on-demand start" on the Apex One security agent:
- TmFilter.sys
- TmPreFilter.sys
- VSApiNt.sys
Procedure
To set the three drivers related to Virus Scan Engine to "on-demand start" on Apex One security agents:
- Install this hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the following key and set its value to "1".
- [Global Setting]
- VSAPIServiceStartOnDemand=1 NOTE: To disable the setting, set this key to "0". The three drivers will be set to the default action "automatic start".
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and changes the following registry values from "2" (default) to "3" on all Apex One security agent computers:
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TmFilter
- Key: Start
- Type: DWORD
- Value: 3
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\TmPreFilter
- Key: Start
- Type: DWORD
- Value: 3
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\VSApiNt
- Key: Start
- Type: DWORD
- Value: 3
- Restart the Apex One security agent computers.
Issue
Hotfix 2157
(SEG-71178)
Third-party applications may experience a performance issue when Behavior Monitoring is enabled on the Security Agent.
Solution
This hotfix updates the Behavior Monitoring module to resolve this issue.
Issue
Hotfix 2157
(SEG-62880)
After synchronizing Active Directory domains, some selected groups on the "Unmanaged Endpoints > Active Directory / IP Address Scope" screen are no longer selected.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2157
(SEG-70611)
The attack discovery rule for "Winlogon execute sethc" triggers too many alerts.
Solution
This hotfix updates the rule to minimize alerts.
Issue
Hotfix 2157
(SEG-70765)
Endpoint Sensor returns an "upload file format incorrect" error if the YARA rule uses the hash module.
Solution
This hotfix updates the YARA library in both the server and agent program to resolve this issue.
Issue
Hotfix 2157
(SEG-68881)
Users may encounter a "Windows upgrade failed" error on an Apex One agent computer running on the Microsoft™ Windows™ 10 platform. This happens when the Apex One agent ever acted as an Update Agent (UA) and some existing files match the blocking software range in Microsoft Windows.
Solution
This hotfix updates the Apex One agent program and adds a folder checking mechanism to resolve the issue.
Issue
Hotfix 2157
(SEG-69981)
The Behavior Monitoring program inspection feature still blocks certain applications on Apex One security agent computers even after users have added these applications into the Trusted Programs List or the approved list of the Behavior Monitoring Exceptions on security agents.
Solution
This hotfix updates the Apex One security agent program to resolve this issue.
Issue
Hotfix 2157
(SEG-70740)
The "The To field must be between 1 to 256 characters." error message displays on the "Administration > Notifications > Administrator > Email" tab when users click on the "Save" button after ticking the following options in the Virus/Malware Detections, Spyware/Grayware Detections, or C&C Callbacks section.
- Enable notification via email
- Send notifications to users with agent tree domain permissions
Solution
This hotfix updates the Apex One server program to prevent the error and ensure that users can update and save the notification settings normally.
Issue
Hotfix 2157
(SEG-63719), (SEG-66773)
Apex One may not be able to download the Web Blocking List component from smart protection sources because the Trend Micro Local Web Classification Server service stops unexpectedly.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2157
(SEG-65172)
The Trend Micro Data Loss Prevention™ (DLP) service does not work normally in Google Chrome and Microsoft Internet Explorer™ with HTTPS.
Solution
This hotfix updates the DLP module to resolve this issue.
Issue
Hotfix 2157
(SEG-71519)
In the Traditional Chinese version, garbled characters appear in the exported CSV file of DLP logs.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2157
(SEG-70970)
The Apex One Master Service may stop unexpectedly because the allocated memory was not released properly.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2157
(SEG-73960)
After Patch 2146 is applied, users encounter an error while manually deleting logs from the "Log Criteria" on the "Agents > Agent Management > Logs > Delete Logs" and "Logs > Agents > Security Risks > Delete Logs" pages.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Enhancement
Hotfix 2157
(SEG-68068)
This hotfix allows the Apex One agent to bypass the proxy settings when connecting to the Apex One server if it detects a proxy exception. This hotfix also improves the duration of manual updates on Apex One agents.
Enhancement
Hotfix 2157
(SEG-62098)
This hotfix provides a way to configure Apex One to keep track of when USB storage devices are plugged into Apex One security agent computers. The logs can be queried in the Device Control violations on the Apex Central web console. These events are also recorded in the "UsbInsert_yyyymmdd.log" file on the Apex One server "\PCCSRV\Log" folder.
NOTES:
- The logs in the "UsbInsert_yyyymmdd.log" file will appear in the following format: [Timestamp] [Log Generation Time] [Agent GUID] [Computer Name] [Action] [USB:Vendor:Model:Serial ID]
- The "UsbInsert_yyyymmdd.log" file will be deleted regularly according to the "Logs to Delete" and "Log Deletion Schedule" settings in the "Log Maintenance" page on the Apex One web console. You need to ensure that the "Enable scheduled deletion of logs" feature is enabled with the "Device Control Logs" log type selected.
Procedure
To configure Apex One to keep track of when USB storage devices are plugged into Apex One security agent computers:
- Install this hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the following key and set its value to "1".
- [Global Setting]
- EnableUsbLogging=1
NOTE: To disable the setting, set this key to "0".
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One security agents and adds the following registry entry on all Apex One security agent computers:
- Path:
- 32-bit: \HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\DlpLite
- 64-bit: \HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\DlpLite
- Key: EnableUsbLogging
- Type: DWORD
- Value: 1
Issue
Patch 2146
(SEG-69739)
The Apex One Behavior Monitoring feature may use up a huge amount of memory on certain protected computers.
Solution
This patch updates the Behavior Monitoring module to resolve this issue.
Issue
Patch 2146
(SEG-71284)
The following two issues related to the Apex One Data Protection Service may occur on protected computers:
- Users may have trouble accessing the https://fast.com website.
- Agents cannot connect to VPN through the Cisco AnyConnect Secure Mobility Client.
Solution
This patch updates the Data Loss Prevention™ (DLP) module to resolve this issue.
Issue
Patch 2146
(SEG-68249)
The DLP module cannot properly block users from uploading file attachments on endpoints running Microsoft™ Windows™ 10 Redstone 5 (version 1809).
Solution
This patch updates the DLP module to resolve this issue.
Enhancement
Patch 2146
(SEG-70427), (SEG-70432)
This patch applies updates to improve the security of Apex One server operations.
Enhancement
Patch 2146
(SEG-56267)
This patch enables users to configure Apex One to use a customized OfcOSFWebApp certificate.
Procedure
To configure Apex One to use a customized OfcOSFWebApp certificate:
- Install this patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "INI_SERVER_SECTION" section, manually add the "CN_OSFWebApp=" key and specify the customized certificate.
- [INI_SERVER_SECTION]
- CN_OSFWebApp=customized CN
- Save the changes and close the file.
NOTE: Please contact Trend Micro Support for the procedures to adding a customized OfcOSFWebApp certificate.
Issue
Hotfix 2121
(SEG-69437)
An issue prevents the Application Control agent service from initializing the Digital Signature Pattern (tmwlchk.ptn) in lockdown mode. Application Control needs this pattern to determine which applications are from trusted Trend Micro vendors to be able to allow these applications to run from a protected computer.
Solution
This hotfix updates the Application Control files to resolve this issue.
Issue
Hotfix 2121
(SEG-67737)
Executable files take a long time to launch on network drives when the Behavior Monitoring service is enabled.
Solution
This hotfix updates the Behavior Monitoring module to resolve this interoperability issue.
Procedure
To apply and deploy the solution globally:
- Install this hotfix (see "Installation").
- Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the following key and set its value to "1".
- [Global Setting]
- AegisSkipNotificationEvent=1
- AegisSkipCreateProcessWithCmdLineEvent=1
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entry on all security agent endpoints:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
- Key: SkipNotificationEvent
- Key: SkipCreateProcessWithCmdLineEvent
- Type: DWORD
- Value: 1
Issue
Hotfix 2121
(SEG-68399)
The Apex One firewall service may block the connection to version 12.1.51.19 of the Citrix Gateway.
Solution
This hotfix updates the Apex One security agent program to ensure that the firewall policy exception list works normally.
Issue
Hotfix 2121
(SEG-68762)
The exceed unmanaged agents IP ranges logs cannot be displayed when there are more than 201 sets of IP ranges.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2121
(SEG-69025)
An issue prevents Apex One security agents from updating the Data Loss Prevention™ (DLP) policy successfully.
Solution
This hotfix updates the DLP module to resolve this issue.
Issue
Hotfix 2121
(SEG-68228)
The DLP service triggers an alert on a single instance of Movement Reference Number (MRN) when sending as an email.
Solution
This hotfix updates the DLP module to resolve this issue.
Issue
Hotfix 2121
(SEG-66114)
The link on the Apex One server dashboard notification redirects to an unavailable website.
Solution
This hotfix updates the Apex One server HTML files to ensure that the link redirects to the correct website.
Issue
Hotfix 2121
(SEG-69559)
Security Agents should use the configured Smart Protection Service Proxy settings when querying Smart Protection sources for the Predictive Machine Learning and the Behavior Monitoring features. However, Security Agents still use the proxy settings configured in Microsoft™ Internet Explorer™ to access the network even when the Smart Protection Service Proxy is enabled.
Solution
This hotfix updates the Apex One agent program to resolve this issue.
Issue
Hotfix 2121
(SEG-68933)
An Apex One agent installed on Microsoft Windows™ Server 2016 may appear "Offline" on the Apex One web console. This happens because the HTTPS communication port of the agent cannot be successfully initialized for listening while the protected computer starts.
Solution
This hotfix updates the Apex One agent program to prevent this issue from occurring.
Issue
Hotfix 2121
(SEG-66141)
An ADOexception error appears in Apex One server's Event Viewer logs when the Apex One Database Service encounters an exception because an invalid GUID was sent to the SQL server.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 2121
(SEG-64532)
If OfficeScan 11.0 or OfficeScan XG Agent (before Service Pack 1) is upgraded to Apex One Agent, clients will not be able to establish a connection to the server because the agent now uses HTTP communication but the server incorrectly recognizes it as HTTPS. As a result, the client appears offline on the web console.
Solution
This hotfix updates the Apex One program to resolve this issue.
Issue
Hotfix 2121
(SEG-69288)
The ASE setting on the agent side switches to "0" unexpectedly.
Solution
This hotfix updates the Apex One security agent program to prevent this issue.
Enhancement
Hotfix 2121
(SEG-68683)
This hotfix extends the validity of Microsoft certificates for some expired DLP drivers.
Issue
Critical Patch 2117
(SEG-65040)
Apex One security agents may encounter a blue screen of death (BSOD) when the Osprey kernel file (tmusa.sys) is unloaded unexpectedly.
Solution
This critical patch updates the Trend Micro EagleEye Driver to resolve this issue.
Issue
Critical Patch 2117
(SEG-66375)
A high CPU usage issue occurs on the Apex One server computer.
Solution
This critical patch updates the Attack Discovery pattern to help prevent the high CPU usage issue on the Apex One server computer.
Issue
Critical Patch 2117
(SEG-64431), (SEG-66778), (SEG-66166)
The PowerShell command line sometimes automatically converts uppercase characters to lowercase.
Solution
This critical patch ensures that the PowerShell command line does not automatically convert uppercase characters to lowercase.
Issue
Critical Patch 2117
(VRTS-3677)
A potential process communication risk in the security agent exists in the Apex One server.
Solution
This critical patch updates the Apex One server program to remove this vulnerability.
Issue
Critical Patch 2117
(VRTS-3745), (VRTS-3746)
A potential file deletion issue with system privileges exists via a Directory Traversal vulnerability in security agents.
Solution
This critical patch updates the Apex One server program to remove this vulnerability.
Issue
Critical Patch 2117
(VRTS-3790)
A potential issue with file uploads exists via a Directory Traversal vulnerability in security agents.
Solution
This critical patch updates the Apex One server program to remove this vulnerability.
Issue
Critical Patch 2117
(SEG-68495)
The "Plug-ins" page does not display normally when users Single Sign-On (SSO) to the Apex One web console from the Apex Central web console.
Solution
This critical patch updates the Apex One server files to resolve this issue.
Enhancement
Critical Patch 2117
(SEG-62472)
This critical patch integrates Windows Antimalware Scan Interface (AMSI) with Apex One to improve protection against malicious scripts.
Procedure
To enable the new settings:
- Install this critical patch (see "Installation").
- Open the Apex One web console and go to the "Agent > agent management" page.
- Right-click to select the specific domain or agents and go to the "Settings > Behavior Monitoring Settings" screen.
- Tick the "Enable program inspection to detect and block compromised executable files" and "Terminate programs that exhibit abnormal behavior associated with exploit attacks".
- Save the changes.
- The Apex One server deploys the following registry entry on the selected security agent computers:
- Path:
- For x64 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS\
- For x86 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS\
- Key: EnableUMH / EnableUMHExploit
- Type: REG_DWORD
- Value: 1 (0x00000001)
Enhancement
Critical Patch 2117
(VRTS-4061)
This critical patch enhances the security of the Server Migration Tool.
Enhancement
Critical Patch 2117
(VRTS-4060)
This critical patch updates the program update checking logic on Apex One security agents to help ensure that only authentic program updates are applied.
Enhancement
Critical Patch 2117
(SEG-69438)
This critical patch adds Endpoint Sensor features by enabling the use of on-premises Apex Central to manage on-premises Apex One servers. This enhancement requires users to upgrade on-premises Apex One servers to Build 2117 and on-premises Apex Central servers to Build 4363 or any higher build.
Issue
Hotfix 2103
(SEG-65326)
The Application Control agent service is dependent on some Microsoft™ Windows™ services. If some Windows services are not running, the system does not start the Application Control agent service.
Solution
This hotfix resolves the Application Control agent service dependency issue. After applying this hotfix, the Application Control agent service starts some Windows services automatically as it is starts up.
Issue
Hotfix 2103
(SEG-67082)
The system cannot successfully install the Application Control server if the SQL server contains a semi-colon (";") in its password.
Solution
This hotfix resolves this issue so that the system can install the Application Control server successfully.
Issue
Hotfix 2103
(SEG-64933)
Data Loss Prevention™ (DLP) feature may slow down the performance of certain web applications on the Apex One Security agent.
Solution
This hotfix updates the DLP module to resolve this issue.
NOTE: Please refer to the following link for the steps to manually set the monitored websites if customer need: https://success.trendmicro.com/intkb/solution/1120248
Issue
Hotfix 2103
(SEG-62262)
The 3rd-party ICE WebStart program cannot be launched while the Apex One Firewall service is running.
Solution
This hotfix updates the Trend Micro Apex One Firewall components and provides a way to prevent this issue from occurring.
Procedure
To enable the new settings:
- Install this hotfix (see "Installation").
- Open the "Ofcscan.ini" file in the "\PCCSRV\" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the following key and set its value to "256".
- [Global Setting]
- PFW_KEventMaxCount=256
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One agents and adds the following registry entry on all Apex One agent endpoints:
- Path: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\tmWfp\Parameters
- Key: KEventMaxCount
- Type: REG_DWORD
- Value: 256 (0x100)
- Restart the Apex One agent machines.
Issue
Hotfix 2103
(SEG-57361)
The Apex One Behavior Monitoring feature may prevent users from opening Microsoft Office applications normally and may cause high CPU usage issues on protected computers.
Solution
This hotfix updates the Apex One agent program to resolve this issue.
Procedure
To apply and deploy the solution globally:
- Install this hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the "UnregUMHEventList" key and set its value to "140".
- [Global Setting]
- UnregUMHEventList=140
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entry on all security agent computers:
- Path:
- For x64 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS\
- For x86 platforms: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS\
- Key: UnregUMHEventList
- Type: String
- Value: "The encrypted string with the prefix !CRYPTEX!"
- Restart the Apex One security agent.
Enhancement
Hotfix 2103
(SEG-64723)
This hotfix enables the Apex One server to download the list of approved mobile devices and USB storage devices from the Device Control settings in the Apex Central server and to deploy the list to Apex One security agents.
Procedure
To configure Apex One server to download and deploy the Device Control approved list of mobile devices and USB storage devices from the Apex Central server to all Apex One security agents:
- Run the Device List Tool (listDeviceInfo.exe) to retrieve the device information. The tool provides Vendor, Model, Serial ID, and Device information for each device.
- Make a Device Control approved list in CSV file format specifying the Vendor, Model, Serial ID, and Device information of mobile devices and USB storage devices.
For example:
- 05AC,12A8,35AD13C948ECD47904B2B7AD4D5E8AFBF4C70C48,Mobile Devices
- ADATA,DC1A,285252344010000C,USB Storage Devices
NOTE: The "Device" field is optional, if there is no device type listed in the CSV file, it will be treated as "USB Storage Devices".
- Copy the CSV file to the Apex Central server in the "\Trend Micro\Control Manager\WebUI\WebApp\widget\repository\widgetPool\product\OSCE\" folder and rename the CSV file as "dc_dev_exception.csv".
NOTE: Users can import the Device Control approved list from the "Policies > Policy Resources > Device Control Allowed Devices" page of the Apex Central console.
- Deploy an Apex One Security Agent policy with Device Control setting to agents from the Apex Central console. All agents will receive the approved list.
NOTE: On the Apex One server, users can check the "DC_GLOBAL_DEV_EXCEPTION" section in "dlp.ini" file under the "\PCCSRV\Private" folder.
For example:
- [DC_GLOBAL_DEV_EXCEPTION]
- DevExceptionGlobalCount=2
- DevExceptionGlobal_00000000= VendorName,Model,serialNo,1(USB Storage Devices)
- DevExceptionGlobal_00000001=VendorName,Model,serialNo,2097152(Mobile Devices)
On the Apex One security agent, users can check the "dc_in.xml" and "dc_out.xml" file under the "\Security Agent\dlplite" folder.
For example:
- <usbException exceptionDeviceType="0x00000001"(USB Storage Devices) serialNo="xxxxxxxx" model=" xxxxxxxx " vendorName="xxxxxxxx "/>
- <usbException exceptionDeviceType="0x00200000"(Mobile Devices) serialNo=" xxxxxxxx " model=" xxxxxxxx " vendorName="xxxxxxxx "/>
Enhancement
Hotfix 2103
(SEG-64515)
This hotfix removes the "Enable debug log" check box from the "Debug Log Setting" window in the Apex One console.
Issue
Hotfix 2099
(SEG-66016)
When administrators set the Internet proxy settings from the browser, the Apex One Security proxy always applies the Internet proxy settings to update components from the Trend Micro Global ActiveUpdate server instead of the Apex One server.
Solution
This hotfix enables the Security Agent console to allow administrators the option to choose and apply "Use Windows Internet Options Settings" when updating components.
By default, the system does not apply and update components from the Apex One server.
Issue
Hotfix 2097
(SEG-65916)
On computers with low specifications, the Application Control agent may run into performance issues when several applications installed on the computer match the Application Control criteria.
Solution
This hotfix helps prevent the performance issues by enabling the Application Control agent to store matched applications in the criteria cache after these applications run for the first time.
Issue
Hotfix 2097
(SEG-64308), (SEG-65121)
A "Failed to get server certificate." error appears on the installation log during Advanced Threat Assessment Service installation.
Solution
This hotfix resolves the error so the Advanced Threat Assessment Service can be installed successfully.
Issue
Hotfix 2097
(SEG-63775)
The real-time scan exception settings from the Apex One security agent are restored unexpectedly after an Apex One security agent update.
Solution
This hotfix updates the Apex One security agent program to preserve the current real-time scan exception settings after an Apex One security agent update.
Enhancement
Hotfix 2097
(SEG-49768)
The Apex One agent keeps track of un-scanned files but does not send the information to the server, so users do not see the information on the Apex One server.
This hotfix enables Apex One agents to upload un-scanned file logs to the "C:\Program Files (x86)\Trend Micro\Apex One\PCCSRV\Log\UnScanFile" folder on the server.
Issue
Patch 2087
(SEG-61011)
The Apex One Vulnerability Protection service cannot start successfully on the Turkish version of the Microsoft™ Windows™ server platform because it uses the all caps version of the database column name, "SYSTEMVERSÄ°ONID".
Solution
This patch updates the database column name in the Apex One Vulnerability Protection server to "SystemVersionID" to resolve this issue.
Issue
Patch 2087
(SEG-54980)
A program on an endpoint triggers the Behavior Monitoring module.
Solution
This patch adds a command related to the program to the exception list to solve this issue.
Procedure
To apply and deploy the solution globally:
- Install this patch (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the following keys and values.
- [Global Setting]
- AegisSPSetCMDCount=1
- AegisSPSetCMDSubImagePath0=C:\Windows\System32\cmd.exe
- AegisSPSetCMDImagePath0=certutil.exe
- AegisSPSetCMDCmdLine0=-urlcache-splithttpzip*
- AegisSPSetCMDAct0=0
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the settings to agents. The Apex One server deploys the command to security agents and adds the following registry entries on all security agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS
- Key: AegisSPSetCMDCount
- Type: DWORD
- Value: 1
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS
- Key: AegisSPSetCMDSubImagePath0
- Type: REG_SZ
- Value: C:\Windows\System32\cmd.exe
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS
- Key: AegisSPSetCMDCmdLine0
- Type: REG_SZ
- Value: -urlcache-splithttpzip*
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS
- Key: AegisSPSetCMDImagePath0
- Type: REG_SZ
- Value: certutil.exe
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS
- Key: AegisSPSetCMDAct0
- Type: DWORD
- Value: 0
- Restart the security agent
Enhancement
Patch 2087
(SEG-63171)
This patch enables the Apex One security agent program to support Microsoft Windows™ 10 (version 1909) November 2019 Update.
Enhancement
Patch 2087
(SEG-60079)
This patch adds a mechanism that can help reduce the probability of errors during Apex One server and Apex One security agent updates.
Issue
Hotfix 2073
(SEG-58210)
The maximum supported character length of the following registry key on Apex One security agents may be insufficient to save the proxy exceptions list.
- [HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion]
- WinProxySpecifiedProxyBypass
Solution
This hotfix extends the registry key's maximum supported character length to resolve this issue.
Issue
Hotfix 2073
(SEG-59016)
A performance issue occurs on Apex One agent computers because a module generates a large number of logs.
Solution
This hotfix updates the user mode event related module to version 8.5.2065 to solve the issue.
Issue
Hotfix 2073
(SEG-63106)
The Apex One Predictive Machine Learning feature may prevent users from running scripts through a third-party application normally.
Solution
This hotfix provides a way for users to make and edit a list of approved programs to run with deferred scanning by Predictive Machine Learning to prevent these issues.
Procedure
To create and edit the list of approved programs to run with deferred scanning by Predictive Machine Learning:
- Install this hotfix (see "Installation").
- Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the following keys and specify each approved program separately.
- [Global Setting]
- DS_ProcessCount=the number of programs in the approved list, supports any integer from 1 to 1000
- DS_ProcessName000=process name of the approved program, where "000" notes the first item on the list
For example:
- [Global Setting]
- DS_ProcessCount=2
- DS_ProcessName000=cscript.exe
- DS_ProcessName001=wscript.exe
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following entries of TXS.ini on all security agent computers:
- [TrendX_Settings]
- DS_ProcessCount=2
- DS_ProcessName000="The encrypted string of the preferred program"
- DS_ProcessName001="The encrypted string of the preferred program"
Issue
Hotfix 2069
(SEG-58250)
The Trend Micro Vulnerability Scanner (TMVS) cannot perform remote installation when the logon account password includes special characters.
Solution
This hotfix updates TMVS to resolve this issue.
Issue
Hotfix 2069
(VRTS-3564)
On the Apex One web console, users may be able to view the user account that have just been logged out by pressing the back button of the web browser.
Solution
This hotfix updates the Apex One server program to prevent this issue from occurring.
Issue
Hotfix 2069
(VRTS-3567), (VRTS-3605)
On the Apex One web console, the "PHPSESSID" and "wf_CSRF_token" cookies are the same for every logon session.
Solution
This hotfix ensures that the widget framework generates new "PHPSESSID" and "wf_CSRF_token" cookies for each new logon session.
Issue
Hotfix 2069
(SEG-62734)
An issue prevents the Apex One server from deploying the following settings to Apex One security agents properly.
Under the "Privileges and Other Settings > Other Settings".
- Do not allow users to access the Security Agent console from the system tray or Windows Start menu
Solution
This hotfix updates the Apex One server program to resolve the issue.
Issue
Hotfix 2060
(SEG-61081)
The Apex One security agent does not send the "Logon User" information to the Apex One server when the Apex One server restricts the user's access to the security agent console only from the system tray or from the Microsoft™ Windows™ "Start" menu.
Solution
This hotfix updates the Apex One security agent program to ensure that Apex One security agents send the "Logon User" information to the Apex One server under the scenario described above.
Issue
Hotfix 2060
(SEG-57796)
The Apex One Endpoint Sensor receives several user mode events that can prevent Microsoft™ RemoteApp from updating the event source.
Solution
The Apex One Endpoint Sensor changes the event source from User mode to kernel mode to resolve this issue.
Issue
Hotfix 2060
(SEG-60179)
The Export Info Tool stops unexpectedly when querying virus logs.
Solution
This hotfix updates the Apex One server program to resolve the issue.
Issue
Hotfix 2060
(SEG-58746)
Users may not be able to activate managed product licenses (Application Control, Endpoint Sensor, Vulnerability Protection) across the network successfully when managing the Apex One server from the Apex Central web console. This happens because the Apex One server does not handle the license key string properly.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Enhancement
Hotfix 2060
(SEG-46847)
The Apex One NT Listener service (TmListen.exe) may cause a high CPU usage issue on security agents.
Procedure
To apply and deploy the solution globally:
- Install this hotfix (see "Installation").
- Open the "Ofcscan.ini" file in the "\PCCSRV" folder of the Apex One server installation directory using a text editor.
- Under the "Global Setting" section, manually add the following key and set its value to "1".
- [Global Setting]
- IgnoreScanIncompleteFlagFromServer=1
- Save the changes and close the file.
- Open the Apex One Web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to Apex One agents and adds the following registry entry on all Apex One agent endpoints:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\TrendMicro\PC-cillinNTCorp\CurrentVersion\URL Filtering
- Key: IgnoreScanIncompleteFlagFromServer
- Type: DWORD
- Value: 1
Issue
Critical Patch 2049
(VRTS-3681)
A directory traversal vulnerability may allow an attacker to log on to the Apex One Management Console as a root user.
Solution
This critical patch updates the Apex One server program to remove the vulnerability.
Issue
Critical Patch 2049
(VRTS-3708)
A command injection vulnerability may allow an attacker to extract files from an arbitrary zip file to the specific folder in Apex One server.
Solution
This critical patch updates the Apex One server program to remove the vulnerability.
Enhancement
Critical Patch 2049
(SEG-50003)
This hotfix provides a way to delay Application Control hooking events while an endpoint computer starts up.
Procedure
To apply this solution:
- Install this hotfix (see "Installation").
- Unload the Apex One security agent.
- Open the registry editor, add the following key, and specify the preferred time delay in minutes:
- Key: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\iACAgent\DelayLoadAC
- Type: DWORD
- Valid Range: 0-10 (min)
- Restart the Apex One security agent.
Issue
Hotfix 2047
(SEG-58126)
In certain environments, the Behavior Monitoring feature may add the "csrss.exe" file to the kernel exception later than expected which can then cause an interoperability issue that can trigger security agent computers to stop unexpectedly.
Solution
This hotfix updates the Behavior Monitoring module and enables users to configure the Behavior Monitoring feature to add "csrss.exe" to the kernel exception earlier to prevent the interoperability issue.
Procedure
To apply and deploy the solution globally:
- Install this hotfix (see "Installation").
- Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
- Under the "Global Setting" section, manually add the "AegisAsyncCsrssEvent" key and set its value to "1".
- [Global Setting]
- AegisAsyncCsrssEvent=1
- Save the changes and close the file.
- Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
- Click "Save" to deploy the setting to agents. The Apex One server deploys the command to security agents and adds the following registry entry on all security agent computers:
- Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\AEGIS
- Key: AsyncCsrssEvent
- Type: DWORD
- Value: 1
- Restart the security agent
Issue
Hotfix 2047
(SEG-60611)
Enhanced security policies may not be sent to Security Agents across the network successfully when users manage the Apex One server from the Apex Central web console. This happens when the Apex One SQL database is installed on a Microsoft™ SQL Server that users a collation method other than the default "SQL_Latin1_General_CP1_CI_AS".
Solution
This hotfix updates the Apex One server program to resolve this issue.
Enhancement
Hotfix 2047
(SEG-58737)
This hotfix enables users to query the OSFWebApp web service status through the "svrsvcsetup.exe" tool using the following command on the Apex One server command prompt.
svrsvcsetup.exe -testosfwebapp
Enhancement
Hotfix 2047
(SEG-58056)
This hotfix enables users to search for multiple agents on the "Agent Management" page by specifying multiple agent names in the "Search for endpoints" text box.
NOTES:
- Use a blank character " " delimiter to separate each agent name in the "Search for endpoints" text box.
- The field supports wildcard characters. Use a question mark "?" to represent a single character and an asterisk "*" to represent several characters.
- The field supports a maximum of 256 characters.
Issue
Hotfix 2040
(SEG-51255)
After a built-in Active Directory (AD) user group, for example "Administrators", is added in the "User Accounts" settings, and users login to Apex One using an AD account in this group, the Apex One console will not display any user or domain in "Agent Management" view.
Solution
This hotfix updates Apex One server program to resolve the issue.
Enhancement
Hotfix 2040
(SEG-59191)
This hotfix enables Apex One to support Microsoft Windows 8.0.
NOTE: If the security agent has been installed on Windows 8.0, it will be registered to the Apex One server after it restarts.
Enhancement
Hotfix 2040
(SEG-59816)
This hotfix updates the Trend Micro Data Loss Prevention™ (DLP) module to ensure that it can block drag-and-drop file operations in Google Chrome 76 and 77.
Issue
Hotfix 2030
(SEG-58478)
The Apex One Security Agent service stops responding while starting after Apex One Hotfix 1141 is applied.
Solution
This hotfix updates the Apex One security agent program to resolve this issue.
Issue
Hotfix 2030
(SEG-57057), (SEG-59380)
An issue prevents users from successfully installing the Application Control agent on endpoints with Chinese computer names.
Solution
This hotfix resolves the issue so the Application Control can be installed successfully on affected endpoints.
Issue
Hotfix 2030
(SEG-59297)
The information in the "action" column on Data Loss Prevention™ (DLP) logs in Apex One server is not consistent with the corresponding information in the DLP logs on Apex Central server.
Solution
This hotfix resolves the issue by modifying the wording in the "action" column in DLP logs on both the Apex One server and agents.
Issue
Hotfix 2030
(SEG-58872), (SEG-59531)
An issue prevents the Trend Micro Advanced Threat Assessment Service from starting successfully.
Solution
This hotfix resolves the issue.
Issue
Hotfix 2030
(SEG-58404)
Garbled characters may appear in syslog if the language setting of the operating system contains Big-5 characters.
Solution
This hotfix resolves the issue.
Issue
Hotfix 2030
(SEG-53929)
The Apex One Endpoint Sensor cannot detect the dump of lsass.exe (Local Security Authority Process).
Solution
This hotfix resolves this issue by adding hooking points for event correlation to detect the suspicious attack behavior.
Enhancement
Hotfix 2030
(SEG-59121)
Advanced Threat Assessment has a new process that collects additional information.
Issue
Hotfix 2022
(SEG-54758)
The device control function does not work if the policy is deployed for a specific user and the username contains Hebrew characters.
Solution
This hotfix updates Apex One security agent program to resolve the issue.
Issue
Hotfix 2022
(SEG-57436)
The Smart Scan Service may behave abnormally on Apex One Security Agents when multiple proxy servers have been configured for each protocol (HTTP, Secure, FTP, Socks) in the Microsoft™ Internet Explorer™.
Solution
This hotfix updates the Apex One Security Agent program to ensure that the Smart Scan Service works normally when multiple proxy servers are configured for Internet Explorer.
Issue
Hotfix 2022
(SEG-56322)
Users may not be able to activate managed product licenses (Application Control, Endpoint Sensor, Vulnerability Protection) or may not be able to send the enhanced security policies to Security Agents across the network successfully when managing the Apex One server from the Apex Central web console. This happens because the specified Microsoft Windows™ account that manages the existing Apex One SQL database does not have sufficient web service framework access permissions.
Solution
This hotfix resolves the issue by updating the SQL Server Database Configuration Tool to add the Windows account to the IIS_IUSRS group to obtain the correct permissions.
Procedure
To add the Windows account to the IIS_IUSRS group to obtain the correct permissions:
- Install this hotfix (see "Installation").
- On the Apex One server computer, browse to "<Server installation folder>\PCCSRV\Admin\Utility\SQL".
- Double-click "SQLTxfr.exe" to run the tool.
- Provide the authentication credentials of the Windows account for the SQL Server database. IMPORTANT: The user account must belong to the local administrator group or Active Directory (AD) built-in administrator.
- Click "Start" to apply the configuration changes.
Issue
Hotfix 2022
(SEG-55537)
Users may not be able to activate managed product licenses (Application Control, Endpoint Sensor, Vulnerability Protection) or may not be able to send the enhanced security policies to Security Agents across the network successfully when managing the Apex One server from the Apex Central web console. This happens because:
- The specified Windows account that manages the existing Apex One SQL database changes the logon credentials used to connect to the existing database.
- Users change the Authentication Type of the existing Apex One SQL database from "Windows Account" to "SQL Server Account".
Solution
This hotfix updates the SQL Server Database Configuration Tool to ensure that the Apex One server uses the correct authentication credentials for the SQL Server database.
Procedure
To ensure that the Apex One server uses the correct authentication credentials for the SQL Server database:
- Install this hotfix (see "Installation").
- On the Apex One server computer, browse to "<Server installation folder>\PCCSRV\Admin\Utility\SQL".
- Double-click "SQLTxfr.exe" to run the tool.
- Provide the authentication credentials for the SQL Server database. IMPORTANT: The user account must belong to the local administrator group or AD built-in administrator.
- Click "Start" to apply the configuration changes.
Enhancement
Hotfix 2022
(SEG-58926)
This hotfix improves the accuracy of the Apex One Application Control version reporting to Apex Central.
Issue
Hotfix 2021
(VRTS-3537)
The "Active Directory Integration" page may expose the credential key when the page is opened with developer tools on a web browser.
Solution
This hotfix updates the Apex One server program to remove the vulnerability.
Issue
Hotfix 2021
(SEG-56341), (SEG-57814)
When the Trend Micro Data Loss Prevention™ (DLP) service is enabled on Apex One security agent computers, Google Chrome version 75 and higher versions may stop unexpectedly while accessing certain URLs.
Solution
This hotfix updates the DLP module to resolve this issue.
Issue
Hotfix 2021
(SEG-56100)
On the web console, "Advanced Search" from "Agents > Agent Management" page yields inaccurate results when the "Restart Required" is enabled and both "Update" and "Cleanup" options are selected.
Solution
This hotfix updates the Apex One server program to resolve the problem.
Issue
Hotfix 2021
(SEG-57258)
In Microsoft™ Windows™ 10, the new system process "MemCompression" may incorrectly trigger a false detection for violating the Device Access Control (DAC) policies.
Solution
This hotfix updates the DAC policies to prevent the false alarms.
Issue
Hotfix 2021
(SEG-58435)
Users are able to change to a password that contains German Umlaut characters but will not be allowed to log in to the web console after the change. The pop-up error message is not triggered that prevents from saving invalid password.
Solution
This hotfix updates the server program to ensure that the corresponding pop-up error message that prevents users from saving invalid passwords is triggered correctly.
Issue
Hotfix 2021
When users deploy an agent policy to enable or disable the Endpoint Sensor feature while registering or unregistering from the TIC at the same time, the policy deployment will fail.
Solution
This hotfix updates the policy deployment mechanism to solve the policy conflict issue.
Issue
Hotfix 2021
(SEG-58818)
After a hotfix is applied, the pattern version and last update time of "Certified Safe Software pattern" are reset to "0", and as a result, the wrong pattern information appears on the Apex Central dashboard.
Solution
This hotfix updates the Apex One server files to resolve this issue.
Enhancement
Hotfix 2021
This hotfix integrates an Antimalware Scan Interface (AMSI) for suspicious PowerShell detection to the Endpoint Sensor.
Issue
Hotfix 2014
(SEG-55353)
During license key deployment, Endpoint Sensor may not be able to receive the product key and storage key properties.
Solution
This hotfix improves the Apex One server's key deployment mechanism to solve this issue.
Issue
Hotfix 2014
(SEG-55841), (SEG-57122)
Some Security Agents may be unable to retrieve new policy settings from the Apex Central server.
Solution
This hotfix purges old policy records from the policy tracking table to fix this issue.
Issue
Hotfix 2014
(SEG-57410)
The Endpoint Sensor on Apex One agents may not be able to calculate the hash value of a specific process which can prevent the terminate process function from terminating the process.
Solution
This hotfix updates the Endpoint Sensor hash calculation mechanism to resolve this issue.
Enhancement
Hotfix 2014
(SEG-53875)
The Endpoint Sensor feature has been enhanced to only monitor and record memory "Read" events for the lsaas.exe process. All other "Read" events are ignored. In addition, a cache has been implemented for processes that open the memory "Write" event to avoid recording duplicated events that may cause a resource issue on the endpoint.
Issue
Critical Patch 2012
(SEG-55009)
TmListen stops unexpectedly when the Apex One agent queries Suspicious Object (SO) information that contains a null notify setting.
Solution
This critical patch updates Apex One agent program to resolve the issue.
Issue
Critical Patch 2012
(SEG-53351), (SEG-55781)
On the 64-bit Microsoft ™ Windows ™ 10 platform, an error occurs while running a 64-bit debug script in Microsoft Visual Studio 2017.
Solution
This critical patch updates the Behavior Monitoring Module to prevent the error.
Issue
Critical Patch 2012
(SEG-54736)
The Apex One server may not be able to register to the Apex Central server if the TLS 1.2 protocol is enabled on Apex One servers only.
Solution
This critical patch updates the Apex One server program to resolve this issue.
Procedure
To apply the solution:
- Install this critical patch (see "Installation").
- Open the "Agent.ini" file in the "\PCCSRV\CmAgent\" folder on the Apex One server installation directory using a text editor.
- Under the "Network" section, manually modify the value of the following key.
- [Network]
- SSL_Cipher_List=ECDHE-RSA-AES256-GCM-SHA384
- Save the changes and close the file.
- Unregister from the Apex Central server.
- Register the Apex Central again.
Issue
Critical Patch 2012
(SEG-52386)
The Apex One server tool "IpXfer.exe" cannot run properly when the Apex One Security Agent is offline.
Solution
This critical patch updates Apex One server tools to resolve this issue.
Issue
Critical Patch 2012
(SEG-54240)
The Apex One server updates the timestamp of the Last Spyware Scan (Manual) according to the last connection establishment time.
Solution
This critical patch updates the Apex One server program to ensure that the last Spyware Scan (Manual) time is updated accurately.
Issue
Critical Patch 2012
(SEG-54167)
When users create a "Setup" installer package for the Apex One security agent using Agent Packager, the Vulnerability Protection and Application Control agent installers are not included by default.
Solution
This critical patch updates the Apex One server program to ensure that the Agent Packager includes both installers in the Apex One security agent "Setup" installer package.
Issue
Critical Patch 2012
(SEG-56087)
The digital signature of some DLP files are expired.
Solution
This critical patch updates the DLP module to update the digital signatures.
Issue
Critical Patch 2012
(SEG-52955)
The DLP module does not work on the Microsoft Edge web browser.
Solution
This critical patch updates the DLP module to resolve this issue.
Procedure
To enable Apex One security agents to block sensitive information on the Edge web browser.
- Install this critical patch (see "Installation").
- Open the "dlp.ini" file in the "\PCCSRV\Private\" folder on the Apex One server.
- Under the "Configure" section, manually add the following key and value.
- [Configure]
- ENABLE_DYNAMIC_CODE_POLICY=true
- Save the changes and close the file.
- Open the Apex One web console and click "Agents > Agent Management > Select domains or agents > Settings > DLP settings".
- Click "Save" to deploy the settings to agents. The Apex One server deploys the settings to Apex One agents and adds the following key in the "dsa.pro" file in the "\Windows\System32\dgagent\" folder:
- enable_dynamic_code_policy=true
Issue
Critical Patch 2012
(SEG-57250), (SEG-57429)
Users cannot expand the domains or add spyware/greyware detections into the approve list on the Apex One server web console.
Solution
This critical patch updates the Apex One server files to resolve this issue.
Issue
Critical Patch 2012
(SEG-55399)
Duplicate Apex One agents appear in the Microsoft Windows Startup console.
Solution
This critical patch updates the Apex One server programs to resolve this issue.
Issue
Critical Patch 2012
(SEG-56828)
When the trust permission of the Application Control Criteria is set to "Inheritable execution rights", the criteria information remains on the Apex One Security Agent database after users remove the criteria from the policy setting.
Solution
This critical patch ensures that the criteria information can be removed normally from Apex One Security Agents.
Issue
Critical Patch 2012
(SEG-57659)
In rare situations, the Apex One Vulnerability Protection program uses up a huge amount of memory when processing a large number of Intrusion Prevention logs.
Solution
This critical patch prevents the high memory usage issue when the Apex One Vulnerability Protection program processes a large number of Intrusion Prevention logs.
Issue
Critical Patch 2012
(SEG-57454)
The Apex One server does not send the policy information to Apex Central after deploying a policy.
Solution
This issue updates the Apex One server program to resolve this issue.
Issue
Critical Patch 2012
(SEG-53295), (SEG-55029)
An access denied error related to a certain component prevents the Trend Micro Advanced Threat Assessment Service (ATAS) from starting successfully.
Solution
This critical patch resolves the error so ATAS can start normally.
Issue
Critical Patch 2012
(SEG-49402), (SEG-53432)
An issue related to the Microsoft™ Monitoring Agent may cause the Apex One Endpoint Sensor Advanced Threat Assessment Service application pool to stop unexpectedly after installing the Apex One server.
Solution
This critical patch prevents the Apex One Endpoint Sensor Advanced Threat Assessment Service compatibility issue with the Microsoft Monitoring Agent.
Issue
Critical Patch 2012
(SEG-50705), (SEG-52219), (SEG-51452), (SEG-51849)
An "Error ID: 420" occurs while the Apex One Endpoint Sensor policy is deployed and the "Unable to get the registered server list. There are no registered servers." error appears on the Apex Central "Preliminary Investigation" page.
Solution
This critical patch helps prevent the Apex One Endpoint Sensor Advanced Threat Assessment Service from being corrupted when Endpoint Sensor is installed using Trend Micro Apex One Installer Maintenance Mode.
Issue
Critical Patch 2012
(SEG-57949), (SEG-53820)
The Trend Micro Vulnerability Protection Service cannot start while processing a specific certificate.
Solution
This critical patch updates the Apex One Vulnerability Protection server to prevent the certificate processing error.
Enhancement
Critical Patch 2012
(SEG-56264)
This critical patch updates some Apex One files to detect inconsistent certifications from the Microsoft Management Console certificate store. If it detects an inconsistency, Apex One will automatically recover the authentication file (OfcIPCer.dat) from the Microsoft Management Console certificate store on the Apex One server.
Issue
Hotfix 1161
(SEG-40590)
An Apex One agent that runs on Windows 7 and automatically detects proxy settings will not be able to connect to the Apex One server.
Solution
This hotfix resolves the issue by updating the Apex One agent program to ensure that it can retrieve the correct proxy configuration.
Issue
Hotfix 1161
(SEG-53180), (SEG-56186)
When the agents call "cgiOnScan.exe" and fails, the system keeps resending the request without waiting. This issue generates lots of records in the IIS log.
Solution
This hotfix updates the Apex One agent program to wait for few seconds before retrying.
Enhancement
Hotfix 1161
(SEG-53304)
This hotfix enables Apex One to send "Dropped" and "Accepted" action results in firewall violation logs to Apex Central. This ensures that both action results display normally on Apex Central instead of being displayed as "unknown".
Issue
Hotfix 1155
(SEG-52978)
An issue prevents the Data Loss Prevention™ (DLP) license from being deployed from Apex Central to Apex One.
Solution
This hotfix adds support for the DLP AC key type to solve this issue.
Issue
Hotfix 1155
(SEG-53295), (SEG-55029)
An access denied error related to a certain component prevents the Trend Micro Advanced Threat Assessment Service (ATAS) from starting successfully.
Solution
This hotfix resolves the error so ATAS can start normally.
Issue
Hotfix 1155
(SEG-53958)
The operating system may stop responding when users switch both the Scan Engine (VSAPI) and the Endpoint Sensor to debug mode at the same time using the Case Diagnostic Tool (CDT).
Solution
This hotfix resolves the issue by ensuring that CDT works normally when both VSAPI and Endpoint Sensor are enabled.
Issue
Hotfix 1151
(SEG-52560)
There is a typographical error in the "Type the full program path" hint on the "Behavior Monitoring Settings" page of the Apex One web console.
Solution
This hotfix updates the Apex One server files to correct the error.
Issue
Hotfix 1151
(SEG-48859)
An issue causes Apex One security agent remote installation to fail.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 1148
(SEG-53904)
Security Agents with the Behavior Monitoring program inspection feature enabled may cause Adobe Acrobat/Reader to stop unexpectedly.
Solution
This hotfix updates the program inspection feature to resolve this issue.
Issue
Hotfix 1148
(SEG-52740)
When users attempt to configure the Device Control settings on an Apex One Security Agent by deploying a policy from the Apex Central web console, the Device Control settings cannot be applied on the agent if Data Loss Prevention™ (DLP) is not enabled on the agent.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 1148
(SEG-52269)
If the activation (AC) key is deployed after its expiration date has been extended, the ES service will still receive the original expiration date.
Solution
This hotfix ensures that the ES service will receive the AC key's new expiration date.
Issue
Hotfix 1148
(SEG-54380)
The Endpoint Sensor may purge the Root Cause Analysis results by mistake when Apex Central is managing more than one Apex One server.
Solution
This hotfix resolves the issue.
Issue
Hotfix 1148
(SEG-52034)
In rare instances, the Endpoint Sensor may receive the investigation results from an agent at the same time that the same agent is being uninstalled. When this happens, the Endpoint Sensor may not be able to send all the results back to TIC.
Solution
This hotfix prevents this issue.
Issue
Hotfix 1148
(SEG-49402), (SEG-53432)
An issue related to the Microsoft™ Monitoring Agent may cause the Apex One Endpoint Sensor Advanced Threat Assessment Service application pool to stop unexpectedly after installing the Apex One server.
Solution
This hotfix prevents the Apex One Endpoint Sensor Advanced Threat Assessment Service compatibility issue with the Microsoft Monitoring Agent.
Issue
Hotfix 1141
(VRTS-3389)
An unquoted service path enumeration vulnerability may allow an attacker administrator privileges to the Apex One security agent service.
Solution
This hotfix updates the Apex One security agent program to remove the vulnerability.
Issue
Hotfix 1141
(SEG-53931)
Coexisting Apex One security agents cannot set the server information of the Smart Protection Service Proxy correctly. When this happens, the coexisting agents do not send query requests through the Smart Protection Service proxy but directly to the Trend Micro Smart Protection Network instead. This may cause a connection issue if the agents cannot connect to the Internet.
Solution
This hotfix updates the Apex One security agent program to resolve the issue.
Issue
Hotfix 1141
(SEG-52575)
The installation status on the "Agent Installation Progress" page of the Apex One web console is inaccurate.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 1141
(SEG-52409)
A specific keyword triggers the DLP template that does not have any criteria specified.
Solution
This hotfix updates the DLP template to resolve this issue.
Issue
Hotfix 1141
(SEG-50435)
The Connection Status (Online/Offline) of an agent on the web console changes each time a user logs on or off from the client computer.
Solution
This hotfix updates the Apex One agent program to resolve the issue.
Issue
Hotfix 1141
(SEG-52048)
Attempting to restart or stop the WMI service (winmgmt) is unsuccessful on endpoints with the Security Agent installed. The tmlisten service of the Security Agent has a dependency with the WMI service.
Solution
This hotfix updates the Security Agent program to remove the WMI service dependency.
Issue
Hotfix 1141
(SEG-52302)
When the Apex One server registers to the Apex Central server, the Apex One Master Service may stop unexpectedly because of an empty private key.
Solution
This hotfix updates the Apex One server program to ensure that it can handle an empty public/private key.
Issue
Hotfix 1141
(SEG-50705), (SEG-52219), (SEG-51452), (SEG-51849)
An "Error ID: 420" occurs while the Apex One Endpoint Sensor policy is deployed and the "Unable to get the registered server list. There are no registered servers." error appears on the Apex Central "Preliminary Investigation" page.
Solution
This hotfix helps prevent the Apex One Endpoint Sensor Advanced Threat Assessment Service from being corrupted when Endpoint Sensor is installed using Trend Micro Apex One Installer Maintenance Mode.
Issue
Hotfix 1141
(SEG-49807)
Users cannot export the Application Control criteria in Microsoft™ Internet Explorer™ or the Edge web browser.
Solution
This hotfix updates the Apex Central files to resolve this issue.
Issue
Hotfix 1141
(SEG-53729)
When the "Do not allow users to access the Security Agent console from the system tray or Windows Start menu setting" option is enabled on the Apex One web console, the Apex One Security Agent console cannot be accessed while "PccNT.exe" is running.
Solution
This hotfix updates a parameter in "wofielauncher.exe" to resolve the issue.
Issue
Hotfix 1141
(SEG-54390)
The Vulnerability Protection server service start up fails on platforms that disable Transport Layer Security (TLS) 1.0.
Solution
This hotfix updates the Vulnerability Protection server to prevent the TLS version issue.
Issue
Hotfix 1141
(SEG-51211)
Vulnerability Protection causes unusual CPU usage on some workstations and servers.
Solution
This hotfix modifies the Vulnerability Protection service to prevent unusual CPU usage.
Enhancement
Hotfix 1141
(VRTS-3314)
This hotfix adds a dynamic share key for Apex One security agents in the encryption and decryption algorithm.
Enhancement
Hotfix 1141
(SEG-51005)
This hotfix adds new Regular Expressions to the Trend Micro Data Loss Prevention™ (DLP) Data Identifiers.
Enhancement
Hotfix 1141
(SEG-47568)
This hotfix updates the Apex Central files to display more information about the Application Control violation log entries.
NOTE: This feature requires the installation of Apex Central hotfix 3919 or above.
Issue
Critical Patch 1132
(SEG-45353)
The Security Agent program may become corrupted when users install it from the MSI installation package (Windows Installer) using the wrong command in the command line.
Solution
This critical patch enables the Apex One security agent installation to abort the MSI installation process if it encounters an unexpected command.
Issue
Critical Patch 1132
(SEG-49936), (SEG-49847)
An issue related to the Microsoft™ Excel™ files with macro content cannot be saved to a network shared folder from an endpoint, some Microsoft Excel temp files cannot be deleted after trying to save the files.
Solution
This critical patch updates the Apex One security agent program to resolve this issue.
Enhancement
Critical Patch 1132
(SEG-50774)
This critical patch enables the Apex One security agent program to support Microsoft Windows™ 10 (version 1903) May 2019 Update.
Issue
Hotfix 1116
(SEG-50319)
Changes in the Google API prevents Data Loss Prevention™ (DLP) from detecting sensitive information sent through Gmail in Google Chrome 73.
Solution
This hotfix resolves the issue by enabling the DLP module to support the "Http/Https" and "Open file dialog" functionality in Google Chrome 73.
Issue
Hotfix 1116
(SEG-49467)
The tmlisten service stops unexpectedly when users add an NIC description in the Personal Firewall (PFW) profile and deploy the profile to agents.
Solution
This hotfix updates the Apex One Security Agent program to resolve the issue.
Issue
Hotfix 1116
(SEG-49381)
The Smart Scan Pattern of File Reputation Services occupies a large amount of disk space on the Apex One server.
Solution
This hotfix updates the Apex One server program to resolve this issue.
Issue
Hotfix 1116
(SEG-48555)
When users install Apex One and use a domain account to connect to the database, the installation will not be able to create a database and iES will not be installed successfully.
Solution
This hotfix updates the impersonate method to solve this issue.
Issue
Hotfix 1116
(SEG-49534)
When the Apex One environment runs an sqlpackage older that 2016 or one that contains both x86 and x64 versions of version 2016, iES will not be able to create the database because of an incompatible sqlpackage version.
Solution
This hotfix resolves the issue by enabling the installer to prioritize the x64 version of the sqlpackage during installation.
Issue
Hotfix 1116
(SEG-50727)
When a user starts a Security Agent outside the corporate network, the Security Agent does not communicate on Online status to the Edge Relay Server.
Solution
This hotfix updates Security Agent program to send an Online status to the Edge Relay Server as soon as the Security Agent program starts.
Issue
Hotfix 1116
(SEG-51198)
The Apex One Application Control lockdown feature does not work after users switch to a different user account.
Solution
This hotfix ensures that the feature works normally.
Enhancement
Hotfix 1116
(SEG-50399)
This hotfix updates the DLP template to reduce the performance impact of Apex One.
Issue
Critical Patch 1101
(VRTS-3171)
A directory traversal vulnerability may allow an attacker to modify arbitrary files on the product's management console.
Solution
This critical patch updates the Apex One server program to remove the vulnerability.
8. Contact Information
A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees.
Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.
https://www.trendmicro.com/en_us/contact.html
NOTE: This information is subject to change without notice.
Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.
https://www.trendmicro.com/en_us/contact.html
NOTE: This information is subject to change without notice.
9. About Trend Micro
Smart, simple, security that fits.
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information.
Copyright 2021, Trend Micro Incorporated. All rights reserved.
Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners.
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information.
Copyright 2021, Trend Micro Incorporated. All rights reserved.
Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners.
10. License Agreement
View information about your license agreement with Trend Micro at:
https://www.trendmicro.com/en_us/about/legal.html
Third-party licensing agreements can be viewed:
Third-party licensing agreements can be viewed:
- By selecting the "About" option in the application user interface
- By referring to the "Legal" page of the Administrator's Guide