Performance Enhancement

iES

A blank screen appears after clicking "Assess Impact" on the Advanced Discovery Detections widget.

The Trend Micro Deep Discovery Web Inspector product profile cannot be merged successfully because it contains unnecessary ASCII characters.

The number of queried Attach Discovery Detection logs on Log Query differ from the number of forwarded Syslog entries forwarded.

An issue prevents the Syslog Forward function from working under the UDP protocol.

A path traversal vulnerability has been found in Apex Central 2019.

The system does not save non-monitored targets in the Data Loss Prevention(TM) (DLP) policy setting if the target contains uppercase characters.

The intrusion prevention rules are missing on the Apex Central version running on Norway platforms.

An issue prevents the Operation Center from merging custom reporting line circles so it displays random custom reporting line names instead. This issue occurs if the custom reporting lines include an Active Directory user that does not have a manager.

An issue prevents Apex Central from deploying policies after it is upgraded from Control Manager 6.0.

An issue prevents Apex Central from purging Behavior Monitoring Logs.

An issue triggers false rebuild attack discovery detections every hour, which affects Apex Central performance.

The "Database is busy. Please..." error message appears on the "User/Endpoint Directory" page when the SQL server and database use different collation settings.

The Apex Central server times out when the SQL server queries large data sets.

The Apex One Vulnerability Protection agent cannot uninstall the Trend Micro Vulnerability Protection (TMVP) agent completely while its driver is being used by the system.

The wrong date appears in the "Last Update" field on the Attack Discovery and Endpoint Sensor Trusted Pattern widget.

Administrators notice that the policy status may encounter a "Pending: Waiting for Product Agent" message on the Endpoint Sensor for several days when deploying several policy files at the same time.

The system cannot successfully install the Application Control server if the SQL server contains a semi-colon (";") in its password.

The Application Control agent service is dependent on some Microsoft(TM) Windows(TM) services. If some Windows services are not running, the system does not start the Application Control agent service.

Agent computers may encounter a performance issue during Windows updates.

A potential process communication risk in the security agent exists in the Apex One server.

Vulnerability Patches

Apex Central has patched Cross Site Scripting (XSS) vulnerabilities.

Performance Enhancement

Apex One (Mac)

This hotfix enhances the performance of Apex One (Mac) as a Service.

Performance Enhancement

Apex One (Mac)

This hotfix improves the startup speed and startup flow of the Apex One Security Agent to help reduce unexpected errors during Security Agent startup.

New Features

Security Agent Uninstallation

Apex One (Mac) provides enhanced password security for Security Agent uninstallation on endpoints when an uninstallation password is required.

New Features

Policy Management Enhancement

Apex One Security Agent policies support inheritance for Predictive Machine Learning settings.

New Features

Enhanced API Integration

Apex Central supports a new API that forwards detection logs in CEF format to SIEM servers.

This hotfix enables Apex Central to sort policy changing domain agents every 10 minutes instead of at 15:15 everyday.

This hotfix adds a new error message containing the workaround for when Single-Sign On (SSO) fails because the browser cookie length limit has been exceeded.

This hotfix enables Apex One as a Service Hybrid mode to support Data Lake integration for Root Cause Analyses.

This hotfix ensures that logforwarder.exe can forward logs to the SIEM server by using SSL/TLS protocol, but does not upload the server certificate.

This critical patch updates the program update checking logic on Apex One security agents to help ensure that only authentic program updates are applied.

This critical patch enhances the security of the Server Migration Tool.

This hotfix enhances the performance of Apex One (Mac) as a Service.

This hotfix improves the startup speed and startup flow of the Apex One (Mac) Security Agent to help reduce unexpected errors during Security Agent startup.

The file name of the attached ZIP file for a generated report contains garbled text if the report name contains non-alphanumeric characters.

The attached ZIP file for a generated report cannot be opened of the report name contains Traditional Chinese characters.

If Apex Central as a Service is the Node Apex Central of an on-premises Hub Apex Central server, Apex Central as a Service might not be able to receive Suspicious Object Lists from the on-premises Hub Apex Central.

To resolve this issue, contact your support representative.

Security Agent consoles running build 13.95 display an incorrect policy name. To resolve this issue, upgrade the Security Agent to 14.0. After the Security Agent contacts the server, the policy name displays correctly.

Off-premises and Security Agents in Independent mode cannot update the Certified Safe Software Pattern from external update sources.

Coexist mode Security Agents on endpoints with Windows Defender may experience installation issues or be unable to upload data to the Apex One server due to a file locking issue. To resolve this issue, add Endpoint Sensor (ESEServiceShell.exe and ESClient.exe) in the exclusions list of Windows Defender to prevent the locking issue.

After copying a file to a remote server using a relative path as the source, Apex One is unable to translate the relative path into the full system directory.

The quality of RCA analysis chain image files is reduced when viewing the files using Windows 10 Photo Viewer.

When attempting to start a Historical Investigation from the Attack Discovery Detections widget that includes Registry value name or Registry value data criteria, the Historical Investigation displays an error message if the length of the Registry value name exceeds 260 characters or the Registry value data exceeds 64 characters.

After updating the Attack Discovery Pattern file (tmesadp.ptn) on Security Agents, a database schema error may occur that causes the Endpoint Sensor feature to continuously report the same detections to the server during each synchronization. This causes duplicate records to display on the Apex Central server.

After enabling the Scan Time Machine option for Manual Scan and Scheduled Scan, Apex One (Mac) cannot perform any actions (clean, quarantine, or delete) on detected malware threats due to a permission limitation in Mac OS. Configured scan actions are displayed as unsuccessful in the product logs.

When performing a historical investigation on Apex One (Mac) endpoints, the system replaces a backslash (/) with a colon (:) in file names, preventing users from searching for file names that contain backslashes in investigation results.

To resolve this issue, use a colon (:) to search for the files.