<> Trend Micro Incorporated March 28th, 2023 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Deep Discovery Analyzer 7.1 - GM English - Linux - 64 Bits Critical Patch - Build 1176 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ================================================================ 1. Critical Patch Release Information 1.1. Resolved Known Issues 1.2. Enhancements 1.3. Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1. Installing 4.2. Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ================================================================ 1. Critical Patch Release Information ======================================================================== 1.1. Resolved Known Issues ==================================================================== This Critical Patch resolves the following issue(s): Issue 1: Component update from ActiveUpdate may fail because the certificate used for file validation is about to expire. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Critical Patch updates the certificate in the ActiveUpdate module to resolve the issue. 1.2. Enhancements ==================================================================== There are no enhancements for this Critical Patch release. 1.3. Files Included in This Release ==================================================================== There are no files included in this Critical Patch release. 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. - To access the Support Portal, go to http://success.trendmicro.com 3. System Requirements ======================================================================== 1. Deep Discovery Analyzer 7.1 GM Critical Patch Build 1149 - English - Linux - x64 4. Installation ======================================================================== This section explains key steps for installing the Critical Patch. 4.1. Installing ==================================================================== To install: 1. Copy the Critical Patch file to a local folder. 2. Open the Deep Discovery Analyzer web console. 3. Go to the "Administration > Updates > Hot Fixes/Patches" page. 4. Click "Browse" and select the Critical Patch file. 5. Click the "Install" button. The computer restarts automatically after the Critical Patch is installed successfully. 4.2. Uninstalling ==================================================================== This Critical Patch cannot be rolled back. 5. Post-installation Configuration ======================================================================== No post-installation steps are required. 6. Known Issues ======================================================================== There are no known issues for this Critical Patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download Prior Hotfixes ==================================================================== Only this Critical Patch was tested for this release. Prior hotfixes were tested at the time of their release. [Hotfix 1175] Issue 1: Deep Discovery Analyzer routes ICMP traffic to an internal IP address through the management port. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates Virtual Analyzer to resolve the issue. Issue 2: Virtual Analyzer is unable to extract URLs from Microsoft Power Point documents. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix updates Virtual Analyzer to resolve the issue. [Hotfix 1172] Enhancement 1: This Hotfix enhances the detection capabilities of Deep Discovery Analyzer to scan for suspicious HTML files in archive files. Enhancement 2: This Hotfix adds support for the ".shtml" file extension in Deep Discovery Analyzer. [Hotfix 1169] Issue 1: The system may not display the accurate source and destination IP address information on the Submissions screens. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates the related modules to resolve this issue. [Hotfix 1164] Issue 1: Virtual Analyzer incorrectly classifies some URLs as malicious. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix upgrades the Usandbox module to version 5.8.1047 with SandCastle 6.0.5302 to resolve this issue. Issue 2: Some malicious URls with a low Web Inspection Service (WIS) risk rating may be classified as no risk. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix upgrades the Usandbox module to version 5.8.1047 with SandCastle 6.0.5302 to resolve this issue. Issue 3: A sample file may stay in the processing queue for an excessive amount of time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix updates the related modules to resolve this issue. Issue 4: Child files in an archive file are not analyzed even when the size of a child field does not exceed the maximum sample size. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix updates the related modules to resolve this issue. Issue 5: The system does not include the total number of URL detections in operational reports. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix updates the related modules to resolve this issue. [Hotfix 1158] Issue 1: Users cannot add more than five (5) Trust Manager servers on the "Administration > System Settings > SNMP" page on the Deep Discovery Analyzer (DDAN) Web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates some internal modules to resolve this issue. Enhancement 1: This Hotfix adds some enhancements that improves the network share scanning function of Deep Discovery Analyzer. Enhancement 2: This Hotfix enhances some internal modules of Deep Discovery Analyzer (DDAN). [Hotfix 1152] Issue 1: Operational Reports display inaccurate infection by image descriptions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates some internal modules to ensure that accurate infection by imgae descriptions display in Operational Reports. Issue 2: Some local time information may not display correctly on the Deep Discovery Analyzer console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix updates an internal module to resolve this issue. Issue 3: An issue causes the error rate of Web Reputation Service (WRS) queries to rise. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix upgrades some internal modules to resolve the issue and improve the error rate of WRS queries. Enhancement 1: This Hotfix updates some internal modules in Deep Discovery Analyzer. [Hotfix 1150] Issue 1: A sample may become stuck when the YARA scan takes a long time to complete. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix upgrades the Usandbox module to version 5.8.1045 with SandCastle 6.0.5215 to resolve this issue. 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. https://www.trendmicro.com/en_us/contact.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits. As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2023, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide