A potential Unrestricted File Upload vulnerability is found in Apex Central.

The web console does not display properly on the Internet Explorer web browser.

Potential Cross-Site Scripting (XSS) security issues are found in the Endpoint Encryption Plug-in in Apex Central.

A potential remote code execution vulnerability is found in the Dashboard module.

A potential cross-site scripting (XSS) vulnerability is found in the Dashboard module.

A potential cross-site scripting (XSS) vulnerability is found in the Virtual Analyzer module.

An issue prevents the system from displaying the product tree for policy configuration on the Apex Central web console.

The system generates false-positive alerts when Data Loss Prevention (DLP) detects social security numbers (SSNs) in the data.

A potential remote code execution vulnerability is found in the DLP module.

A potential cross-site scripting (XSS) vulnerability is found in the DLP module.

When a policy is created with the "Operating Systems" filter, the system does not display agent search results for policy settings.

The system does not display the correct version information for applications in the Application Reputation List on the Application Control Criteria settings screen.

When Assessment Mode is enabled, event logs for Application Control detections may contain incorrect action type information.

A system resource issue may prevent Apex One from uninstalling third-party applications.

When configuring Device Control policy settings in the Apex Central web console, a display limitation in the search field may prevent users from searching accounts based on user names.

When the Data Protection feature is enabled, Apex One Security Agent may block a Sony imaging device that is incorrectly identified as a mobile device.

Apex One Security Agent may not block wireless USB network adapters based on the Device Control settings.

When Data Loss Prevention (DLP) is configured to monitor Skype messages, Apex One Security Agent does not apply the specified action for "OpenFile" operations.

When managing Apex One firewall rules in the Security Agent console, the system may unexpectedly modify firewall rule settings and remove applications specified in the rules.

An issue related to the Apex One Common Client Solution Framework ("TmCCSF.exe") service may cause the Advanced Threat Correlation and Predictive Machine Learning Local File Model patterns to occupy excessive disk space on Security Agent endpoints.

An issue related to proxy server connections may result in excessive network bandwidth usage on Security Agent endpoints.

Users may not be able to delete endpoint groups in the Endpoint Inventory app in the Trend Vision One console.

The Trend Micro Common Client Log ("LogServer.exe") service may stop unexpectedly.

After the June 7, 2023 maintenance update (Build v14.0.12571), an issue related to product registry key cleanup may prevent the system from uninstalling the Apex One Security Agent on endpoints successfully.

This Patch enables the system to automatically purge old report files when the maximum threshold is reached.

This Patch enhances the isolation API to include the "allowList" parameter that allows you to configure the allowed traffic list for isolated Security Agent endpoints.

This Patch enables Apex Central to synchronize suspicious object lists from Trend Vision One to enhance product integration.

This Hotfix provides the option to disable the pop-up notification for USB Autorun events.

This Hotfix updates the Apex One Security Agent program to protect against the Origin Validation Error Local Privilege Escalation Vulnerability.

This Hotfix updates the Apex One Client Plug-in Service Manager module to protect against the Origin Validation Error Local Privilege Escalation Vulnerability.

This Hotfix updates the Apex One server program to resolve a potential Local File Inclusion Local Privilege Escalation Vulnerability.

This Hotfix adds the Advanced Malware Detection feature that uses machine learning to detect security threats in portable executable files.

For more information, see the online help: "https://docs.trendmicro.com/en-us/enterprise/apex-central-as-a-service-widget-and-policy-management-guide/officescan-agent-pol/anti-malware-policy-/real-time-scan_001/configuring-real-tim/real-time-scan-actio.aspx".

This Hotfix updates the Trend Micro URL Filtering Engine to version 5.0.1042 with the latest OpenSSL library version to enhance product security.

This Hotfix enhances Trend Vision One integration by enabling Apex One Security Agent to redeploy the Trend Micro Endpoint Basecamp service after moving to another Apex One server.

This Hotfix updates the Behavior Monitoring Core Service module to version 2.98.1960 to enhance the Security Agent self-protection capabilities.

This Hotfix enables Apex One (Mac) Security Agents to send uninstallation event logs to the Apex One (Mac) server.

This Hotfix allows administrators to customize device control policy violation notification message on the Apex One (Mac) console for Security Agents.

This Hotfix updates the virus scan engine in Apex One (Mac) Security Agent to enhance scanning capabilities.

This Hotfix updates the core engine in Apex One (Mac) Security Agent to enhance product security.

Security Agent consoles running build 13.95 display an incorrect policy name. To resolve this issue, upgrade the Security Agent to 14.0. After the Security Agent contacts the server, the policy name displays correctly.

Off-premises and Security Agents in Independent mode cannot update the Certified Safe Software Pattern from external update sources.

Coexist mode Security Agents on endpoints with Windows Defender may experience installation issues or be unable to upload data to the Apex One server due to a file locking issue. To resolve this issue, add Endpoint Sensor (ESEServiceShell.exe and ESClient.exe) in the exclusions list of Windows Defender to prevent the locking issue.

After copying a file to a remote server using a relative path as the source, Apex One is unable to translate the relative path into the full system directory.

The quality of RCA analysis chain image files is reduced when viewing the files using Windows 10 Photo Viewer.

When attempting to start a Historical Investigation from the Attack Discovery Detections widget that includes Registry value name or Registry value data criteria, the Historical Investigation displays an error message if the length of the Registry value name exceeds 260 characters or the Registry value data exceeds 64 characters.

After updating the Attack Discovery Pattern file (tmesadp.ptn) on Security Agents, a database schema error may occur that causes the Endpoint Sensor feature to continuously report the same detections to the server during each synchronization. This causes duplicate records to display on the Apex Central server.

Root Cause Analysis email attachment results may also include temporary files created when the user saved the file.

The number of matched endpoints that display on a Root Cause Analysis chain may appear to be greater than the total if the Security Agent on an endpoint was uninstalled or no longer reports to the same managing server.

The Endpoint Sensor service may have high memory usage.

The Endpoint Sensor may have high peak CPU usage occasionally.

Endpoint Sensor has CPU peak during Windows Update phase.

The user or account name in ADE detection may be empty.

The EC module may stop responding while handling NULL data which may cause the ESEService and ADE functionality to behave abnormally.

In rare conditions, ESEService stops responding while unloading.

After enabling the Scan Time Machine option for Manual Scan and Scheduled Scan, Apex One (Mac) cannot perform any actions (clean, quarantine, or delete) on detected malware threats due to a permission limitation in Mac OS. Configured scan actions are displayed as unsuccessful in the product logs.

When performing a historical investigation on Apex One (Mac) endpoints, the system replaces a slash (/) with a colon (:) in file names, preventing users from searching for file names that contain backslashes in investigation results.

To resolve this issue, use a colon (:) to search for the files.