Contents
1. Critical Patch Release Information 
Resolved Known Issues
This Critical Patch resolves the following issue(s):
TmListen stops unexpectedly when the Apex One agent queries Suspicious Object (SO) information that contains a null notify setting.
Solution:
This critical patch updates Apex One agent program to resolve the issue.
On the 64-bit Microsoft (TM) Windows (TM) 10 platform, an error occurs while running a 64-bit debug script in Microsoft Visual Studio 2017.
Solution:
This critical patch updates the Behavior Monitoring Module to prevent the error.
The Apex One server may not be able to register to the Apex Central server if the TLS 1.2 protocol is enabled on Apex One servers only.
Solution:
This critical patch updates the Apex One server program to resolve this issue.
Procedure:
To apply the solution:
- Install this critical patch (see "Installation").
- Open the "Agent.ini" file in the "\PCCSRV\CmAgent\" folder on the Apex One server installation directory using a text editor.
- Under the "Network" section, manually modify the value of the following key.
- [Network]
- SSL_Cipher_List=ECDHE-RSA-AES256-GCM-SHA384
- Save the changes and close the file.
- Unregister from the Apex Central server.
- Register the Apex Central again.
The Apex One server tool "IpXfer.exe" cannot run properly when the Apex One Security Agent is offline.
Solution:
This critical patch updates Apex One server tools to resolve this issue.
The Apex One server updates the timestamp of the Last Spyware Scan (Manual) according to the last connection establishment time.
Solution:
This critical patch updates the Apex One server program to ensure that the last Spyware Scan (Manual) time is updated accurately.
When users create a "Setup" installer package for the Apex One security agent using Agent Packager, the Vulnerability Protection and Application Control agent installers are not included by default.
Solution:
This critical patch updates the Apex One server program to ensure that the Agent Packager includes both installers in the Apex One security agent "Setup" installer package.
The digital signature of some DLP files are expired.
Solution:
This critical patch updates the DLP module to update the digital signatures.
The DLP module does not work on the Microsoft Edge web browser.
Solution:
This critical patch updates the DLP module to resolve this issue.
Procedure:
To enable Apex One security agents to block sensitive information on the Edge web browser.
- Install this critical patch (see "Installation").
- Open the "dlp.ini" file in the "\PCCSRV\Private\" folder on the Apex One server.
- Under the "Configure" section, manually add the following key and value.
- [Configure]
- ENABLE_DYNAMIC_CODE_POLICY=true
- Save the changes and close the file.
- Open the Apex One web console and click "Agents > Agent Management > Select domains or agents > Settings > DLP settings".
- Click "Save" to deploy the settings to agents. The Apex One server deploys the settings to Apex One agents and adds the following key in the "dsa.pro" file in the "\Windows\System32\dgagent\" folder:
- enable_dynamic_code_policy=true
Users cannot expand the domains or add spyware/greyware detections into the approve list on the Apex One server web console.
Solution:
This critical patch updates the Apex One server files to resolve this issue.
Duplicate Apex One agents appear in the Microsoft Windows Startup console.
Solution:
This critical patch updates the Apex One server programs to resolve this issue.
When the trust permission of the Application Control Criteria is set to "Inheritable execution rights", the criteria information remains on the Apex One Security Agent database after users remove the criteria from the policy setting.
Solution:
This critical patch ensures that the criteria information can be removed normally from Apex One Security Agents.
In rare situations, the Apex One Vulnerability Protection program uses up a huge amount of memory when processing a large number of Intrusion Prevention logs.
Solution:
This critical patch prevents the high memory usage issue when the Apex One Vulnerability Protection program processes a large number of Intrusion Prevention logs.
The Apex One server does not send the policy information to Apex Central after deploying a policy.
Solution:
This issue updates the Apex One server program to resolve this issue.
An access denied error related to a certain component prevents the Trend Micro Advanced Threat Assessment Service (ATAS) from starting successfully.
Solution:
This critical patch resolves the error so ATAS can start normally.
An issue related to the Microsoft(TM) Monitoring Agent may cause the Apex One Endpoint Sensor Advanced Threat Assessment Service application pool to stop unexpectedly after installing the Apex One server.
Solution:
This critical patch prevents the Apex One Endpoint Sensor Advanced Threat Assessment Service compatibility issue with the Microsoft Monitoring Agent.
An "Error ID: 420" occurs while the Apex One Endpoint Sensor policy is deployed and the "Unable to get the registered server list. There are no registered servers." error appears on the Apex Central "Preliminary Investigation" page.
Solution:
This critical patch helps prevent the Apex One Endpoint Sensor Advanced Threat Assessment Service from being corrupted when Endpoint Sensor is installed using Trend Micro Apex One Installer Maintenance Mode.
The Trend Micro Vulnerability Protection Service cannot start while processing a specific certificate.
Solution:
This critical patch updates the Apex One Vulnerability Protection server to prevent the certificate processing error.
Enhancements
The following enhancements are included in this Critical Patch:
This critical patch updates some Apex One files to detect inconsistent certifications from the Microsoft Management Console certificate store. If it detects an inconsistency, Apex One will automatically recover the authentication file (OfcIPCer.dat) from the Microsoft Management Console certificate store on the Apex One server.
Files Included in this Release
A. Files for Current Issue(s)
-------------------------------------------------------------------
Filename Build Number
------------------------------ ------------
Apex One\PCCSRV\Admin\Utility\EdgeServer\*.*
Apex One\PCCSRV\Admin\Utility\SQL\*.*
Apex One\PCCSRV\Pccnt\Disk1\*.*
Apex One\PCCSRV\
-------------------------------------------------------------------
AUTOPCC.MSG *
CGIResUTF8.dll 14.0.0.2012
DatFHS.dll 14.0.0.2002
ofc_loadhttp.dll 14.0.0.2002
OfcPfwCommon.dll 14.0.0.2002
OfcPIPC.dll 14.0.0.2002
readme.htm *
Apex One\PCCSRV\Admin\
-------------------------------------------------------------------
InstReg.exe 14.0.0.2002
ofc_loadhttp.dll 14.0.0.2002
SetupMan.dll 14.0.0.2012
TSC.exe 7.5.0.1136
TSC64.exe 7.5.0.1136
Wizard.exe 14.0.0.2002
Wizard_64x.exe 14.0.0.2002
Apex One\PCCSRV\Admin\Utility\ClientPackager\
-------------------------------------------------------------------
CLIENTMSISETUP_MSI *
ClnPack.exe 14.0.0.2012
ClnPack.ini *
OfcPfwCommon.dll 14.0.0.2002
Apex One\PCCSRV\Admin\Utility\IpXfer\
-------------------------------------------------------------------
IpXfer.exe 14.0.0.2002
IpXfer_x64.exe 14.0.0.2002
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Client\x64\
-------------------------------------------------------------------
osfExt_iACClient_x64.dll 3.0.0.1122
osfExt_iESClient_x64.dll 3.0.0.1499
osfExt_iVPClient_x64.dll 3.0.0.2030
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Client\x86\
-------------------------------------------------------------------
osfExt_iACClient.dll 3.0.0.1122
osfExt_iESClient.dll 3.0.0.1499
osfExt_iVPClient.dll 3.0.0.2030
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iAC\
-------------------------------------------------------------------
osfExt_iACCMAGENT.dll 3.0.0.1122
osfExt_iACMasterService.dll 3.0.0.1122
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iES\
-------------------------------------------------------------------
osfExt_iESCMAGENT.dll 3.0.0.1499
osfExt_iESMasterService.dll 3.0.0.1499
Apex One\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iVP\
-------------------------------------------------------------------
osfExt_iVPCMAGENT.dll 3.0.0.2030
osfExt_iVPMasterService.dll 3.0.0.2030
Apex One\PCCSRV\Admin\Utility\ListDeviceInfo\
-------------------------------------------------------------------
listDeviceInfo.conf.ini *
listDeviceInfo.exe 6.2.0.1249
Apex One\PCCSRV\Admin\Utility\MessageQueue\
-------------------------------------------------------------------
libOsceMsmq.dll 14.0.0.2012
Apex One\PCCSRV\Admin\Utility\PolicyExportTool\
-------------------------------------------------------------------
ApexOneSettingsExportTool.exe 14.0.0.2012
CGIResUTF8.dll 14.0.0.2012
ServerMigrationTool.ex_ 14.0.0.2012
Apex One\PCCSRV\Admin\Utility\ServerMigrationTool\
-------------------------------------------------------------------
CGIOCommon.dll 14.0.0.2012
CGIResUTF8.dll 14.0.0.2012
ServerMigrationTool.exe 14.0.0.2012
Apex One\PCCSRV\Admin\Utility\TCacheGen\
-------------------------------------------------------------------
TCacheGen.exe 14.0.0.2012
TCacheGen_x64.exe 14.0.0.2012
TCacheGenCli.exe 14.0.0.2012
TCacheGenCli_x64.exe 14.0.0.2012
Apex One\PCCSRV\Admin\Utility\TMVS\
-------------------------------------------------------------------
DatFHS.dll 14.0.0.2002
Apex One\PCCSRV\CmAgent\
-------------------------------------------------------------------
CGIResUTF8.dll 14.0.0.2012
DatFHS.dll 14.0.0.2002
ProductLibrary.dll 14.0.0.2012
ProductUI.zip *
Apex One\PCCSRV\Download\Engine\
-------------------------------------------------------------------
dce-exe-mssign-32x64-v75-1136.sig *
dce-exe-mssign-32x64-v75-1136.zip *
dce-exe-mssign-v75-1136.sig *
dce-exe-mssign-v75-1136.zip *
Apex One\PCCSRV\Download\Product\
-------------------------------------------------------------------
DlpLite.sig *
DlpLite_Common.zip *
DlpLite_Common_x64.zip *
DlpLite_x64.sig *
Apex One\PCCSRV\Engine\
-------------------------------------------------------------------
TmAegisSysEvt.dll 2.98.0.1201
TMBMCLI.dll 2.98.0.1201
TMBMSRV.exe 2.98.0.1201
tmcomeng.dll 2.98.0.1201
TmEngDrv.dll 2.98.0.1201
TMPEM.dll 2.98.0.1201
TmSysEvt.dll 8.20.0.1028
tmwlutil.dll 2.98.0.1201
Apex One\PCCSRV\Engine\x64\
-------------------------------------------------------------------
TmAegisSysEvt.dll 2.98.0.1201
TMBMCLI.dll 2.98.0.1201
TMBMSRV.exe 2.98.0.1201
tmcomeng.dll 2.98.0.1201
TmEngDrv.dll 2.98.0.1201
TMPEM.dll 2.98.0.1201
TmSysEvt.dll 8.20.0.1028
tmwlutil.dll 2.98.0.1201
TSC64.exe 7.5.0.1136
Apex One\PCCSRV\OSF_Extension\iAC\
-------------------------------------------------------------------
osfExt_iACCMAGENT.dll 3.0.0.1122
osfExt_iACMasterService.dll 3.0.0.1122
Apex One\PCCSRV\OSF_Extension\iES\
-------------------------------------------------------------------
osfExt_iESCMAGENT.dll 3.0.0.1499
osfExt_iESMasterService.dll 3.0.0.1499
Apex One\PCCSRV\OSF_Extension\iVP\
-------------------------------------------------------------------
osfExt_iVPCMAGENT.dll 3.0.0.2030
osfExt_iVPMasterService.dll 3.0.0.2030
Apex One\PCCSRV\Pccnt\
-------------------------------------------------------------------
ClientConsole.zip *
NTRtScan.exe 14.0.0.2004
Apex One\PCCSRV\Pccnt\Common\
-------------------------------------------------------------------
CCSF_WIN32.zip *
crc0filter.dll 2.83.0.1013
DatFHS.dll 14.0.0.2002
fcWofieUI.dll 14.0.0.2002
ICRCHdler.dll 2.83.0.1013
libCNTTmPollingModule.dll 14.0.0.2002
libcurl.dll 7.64.0.0
libeay32.dll 1.0.2.18
NTRmv.exe 14.0.0.2002
ofc_loadhttp.dll 14.0.0.2002
OfcCCCAUpdate.exe 14.0.0.2002
OfcPfwCommon.dll 14.0.0.2002
OfcPfwSvc.dll 14.0.0.2002
OfcPIPC.dll 14.0.0.2002
osfExt_iACClient.dll 3.0.0.1122
osfExt_iESClient.dll 3.0.0.1499
osfExt_iVPClient.dll 3.0.0.2030
PccNT.exe 14.0.0.2002
PccNTMon.exe 14.0.0.2002
ssleay32.dll 1.0.2.18
TmListen.exe 14.0.0.2002
TmListenShare.dll 14.0.0.2002
TmopCfg.dll 3.7.0.1134
Tmopcfscan.dll 3.7.0.1134
TmopCtl.dll 3.7.0.1134
TmopDbg.dll 3.7.0.1134
TmoppeCertPin.dll 3.7.0.1134
TmoppeEvts.dll 3.7.0.1134
TmoppeHosF.dll 3.7.0.1134
TmoppePDP.dll 3.7.0.1134
TmoppeSAL.dll 3.7.0.1134
TmoppeSsF.dll 3.7.0.1134
TmoppeUrlF.dll 3.7.0.1134
TmoppeVS.dll 3.7.0.1134
TmopphDns.dll 3.7.0.1134
TmopphHttp.dll 3.7.0.1134
TmopphHttp2.dll 3.7.0.1134
TmopphPop3.dll 3.7.0.1134
TmopphSmtp.dll 3.7.0.1134
TmopphSocks.dll 3.7.0.1134
TmopphSvrHello.dll 3.7.0.1134
TmopPlgAdp.dll 3.7.0.1134
Tmopsent.dll 3.7.0.1134
TmopsmHttp.dll 3.7.0.1134
TmopsmMail.dll 3.7.0.1134
TmopsmProxy.dll 3.7.0.1134
TmopsmSvrHello.dll 3.7.0.1134
TmPac.dll 14.0.0.2002
TmSock.dll 14.0.0.2002
TmSSClient.exe 14.0.0.2002
tmufeng.dll 3.91.0.1021
TmWatchdog.dll 14.0.0.2002
TmWatchdog.exe 14.0.0.2002
Upgrade.exe 14.0.0.2002
WofieLauncher.exe 14.0.0.2002
Apex One\PCCSRV\Pccnt\Drv\
-------------------------------------------------------------------
tmactmon.cat *
tmactmon.inf *
tmactmon.sys 2.98.0.1185
tmcomm.cat *
tmcomm.inf *
tmcomm.sys 8.20.0.1028
tmevtmgr.cat *
tmevtmgr.inf *
tmevtmgr.sys 2.98.0.1185
Apex One\PCCSRV\Pccnt\Drv\X64\
-------------------------------------------------------------------
tmactmon.cat *
tmactmon.inf *
tmactmon.sys 2.98.0.1185
tmcomm.cat *
tmcomm.inf *
tmcomm.sys 8.20.0.1028
tmevtmgr.cat *
tmevtmgr.inf *
tmevtmgr.sys 2.98.0.1185
Apex One\PCCSRV\Pccnt\Win64\X64\
-------------------------------------------------------------------
CCSF_X64.zip *
crc0filter.dll 2.83.0.1013
DatFHS.dll 14.0.0.2002
fcWofieUI.dll 14.0.0.2002
ICRCHdler.dll 2.83.0.1013
InstReg.exe 14.0.0.2002
libCNTTmPollingModule_64x.dll 14.0.0.2002
libcurl.dll 7.64.0.0
libeay32.dll 1.0.2.18
NTRmv.exe 14.0.0.2002
Ntrtscan.exe 14.0.0.2004
ofc_loadhttp_64x.dll 14.0.0.2002
OfcCCCAUpdate.exe 14.0.0.2002
OfcPfwCommon_64x.dll 14.0.0.2002
OfcPfwSvc_64x.dll 14.0.0.2002
OfcPIPC_64x.dll 14.0.0.2002
osfExt_iACClient_x64.dll 3.0.0.1122
osfExt_iESClient_x64.dll 3.0.0.1499
osfExt_iVPClient_x64.dll 3.0.0.2030
PccNT.exe 14.0.0.2002
PccNTMon.exe 14.0.0.2002
ssleay32.dll 1.0.2.18
TmListen.exe 14.0.0.2002
TmListenShare_64x.dll 14.0.0.2002
TmopCfg.dll 3.7.0.1134
Tmopcfscan.dll 3.7.0.1134
TmopCtl.dll 3.7.0.1134
TmopDbg.dll 3.7.0.1134
TmoppeCertPin.dll 3.7.0.1134
TmoppeEvts.dll 3.7.0.1134
TmoppeHosF.dll 3.7.0.1134
TmoppePDP.dll 3.7.0.1134
TmoppeSAL.dll 3.7.0.1134
TmoppeSsF.dll 3.7.0.1134
TmoppeUrlF.dll 3.7.0.1134
TmoppeVS.dll 3.7.0.1134
TmopphDns.dll 3.7.0.1134
TmopphHttp.dll 3.7.0.1134
TmopphHttp2.dll 3.7.0.1134
TmopphPop3.dll 3.7.0.1134
TmopphSmtp.dll 3.7.0.1134
TmopphSocks.dll 3.7.0.1134
TmopphSvrHello.dll 3.7.0.1134
TmopPlgAdp.dll 3.7.0.1134
Tmopsent.dll 3.7.0.1134
TmopsmHttp.dll 3.7.0.1134
TmopsmMail.dll 3.7.0.1134
TmopsmProxy.dll 3.7.0.1134
TmopsmSvrHello.dll 3.7.0.1134
TmPac_64x.dll 14.0.0.2002
TmSock_64x.dll 14.0.0.2002
TmSSClient.exe 14.0.0.2002
tmufeng.dll 3.91.0.1021
TmWatchdog.dll 14.0.0.2002
TmWatchdog.exe 14.0.0.2002
Upgrade.exe 14.0.0.2002
WofieLauncher.exe 14.0.0.2002
Apex One\PCCSRV\Private\
-------------------------------------------------------------------
DlpClc.xml *
Apex One\PCCSRV\Web\Service\
-------------------------------------------------------------------
CGIOCommon.dll 14.0.0.2012
CGIResUTF8.dll 14.0.0.2012
CmdHOConsole.dll 14.0.0.2012
DatFHS.dll 14.0.0.2002
DbServer.exe 14.0.0.2012
libCmdHndlrClientV2.dll 14.0.0.2012
libCmdHndlrConsoleV2.dll 14.0.0.2012
libCmdHndlrSA.dll 14.0.0.2012
libLogHandler.dll 14.0.0.2012
libOsceMsmq.dll 14.0.0.2012
libOSFSvcClient.dll 14.0.0.2012
ofc_loadhttp.dll 14.0.0.2002
OfcCCCAUpdate.exe 14.0.0.2002
OfcDBBackup.exe 14.0.0.2012
OfcDownload.dll 14.0.0.2012
OfcHotFix.exe 14.0.0.2012
OfcNotifyQueue.dll 14.0.0.2012
OfcPfwCommon.dll 14.0.0.2002
OfcPurgeLog.dll 14.0.0.2012
OfcService.exe 14.0.0.2012
VerConn.exe 14.0.0.2012
Apex One\PCCSRV\Web_OSCE\Web\CGI\
-------------------------------------------------------------------
CGIOCommon.dll 14.0.0.2012
cgiRecvFile.exe 14.0.0.2012
CGIResUTF8.dll 14.0.0.2012
isapiClient.dll 14.0.0.2012
isapiClientx64.dll 14.0.0.2012
isapiClientX86.dll 14.0.0.2012
OfcPfwCommon.dll 14.0.0.2002
Apex One\PCCSRV\Web_OSCE\Web_Console\CGI\
-------------------------------------------------------------------
cgiAuthManagement.exe 14.0.0.2012
CGIOCommon.dll 14.0.0.2012
CGIResUTF8.dll 14.0.0.2012
cgiShowClientAdm.exe 14.0.0.2012
cgiShowComplianceReport.exe 14.0.0.2012
cgiShowLogs.exe 14.0.0.2012
OfcPfwCommon.dll 14.0.0.2002
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\behavior_monitoring\
-------------------------------------------------------------------
bm_settings.htm *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\clientmag\
-------------------------------------------------------------------
client_list_2.htm *
client_move.htm *
client_ofsc_services.htm *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\common\
-------------------------------------------------------------------
ln_common.js *
ln_logs.js *
trend-ui-opt_list.js *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\common\css\
-------------------------------------------------------------------
l10n-style.css *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\common\l10n\
-------------------------------------------------------------------
l10n.behavior_monitoring.js *
l10n.clientmag.js *
l10n.logs.js *
l10n.vdi.js *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\common\util\
-------------------------------------------------------------------
common.js *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\compliance_report\
-------------------------------------------------------------------
installing_computers.htm *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\dlp\
-------------------------------------------------------------------
dlp_Entities_addedit.htm *
dlp_settings.htm *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\logs\
-------------------------------------------------------------------
logs_ccca.htm *
logs_pfw.htm *
logs_pfw_view.htm *
logs_spyware.htm *
logs_WebSecurity.htm *
Apex One\PCCSRV\WEB_OSCE\Web_Console\HTML\summary\
-------------------------------------------------------------------
summary_top10_osce.htm *
Apex One\PCCSRV\Web_OSCE\Web_console\HTML\tools\
-------------------------------------------------------------------
tools_admin_clients.htm *
Apex One\PCCSRV\WEB_OSCE\Web_Console\HTML\update\
-------------------------------------------------------------------
client_deployment_automatic.htm *
Apex One\PCCSRV\Web_OSCE\Web_Console\RemoteInstallCGI\
-------------------------------------------------------------------
CGIOCommon.dll 14.0.0.2012
CGIResUTF8.dll 14.0.0.2012
SetupMan.dll 14.0.0.2012
Wizard.exe 14.0.0.2002
Wizard_64x.exe 14.0.0.2002
B. Network Traffic Required in Deployment
-------------------------------------------------------------------
Estimated size (in terms of bandwidth) of deployed agent files
in this critical patch.
- 32-bit agent total = 126.9 MB
- 64-bit agent total = 163.8 MB
2. Documentation Set
To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com
- Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product.
To access the Online Help, go to http://docs.trendmicro.com
- Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product.
- Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product.
- Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'.
- Support Portal: The Support Portal contains information on troubleshooting and resolving known issues.
- To access the Support Portal, go to http://esupport.trendmicro.com
3. System Requirements
4. Installation/Uninstallation
Installing
To install:
- Copy the Critical Patch executable file to a temporary folder on the server, for example, "C:\temp".
- Double-click the file. The modules are automatically copied to the correct destination.
This Critical Patch installation package automatically rolls back the Apex One server to its previous configuration if there are problems during installation. If you encounter problems after installation, do a manual rollback.
Uninstalling
To manually roll back to the previous build:
- Locate the backup folder that the Critical Patch package created in the "\PCCSRV\Backup\Critical Patch_B2012" directory.
- Stop the Apex One Master Service.
- Stop the Apex One Apex Central Agent Service.
- Copy the backup modules to the original folders.
- Start the Apex One Apex Central Agent Service.
- Start the Apex One Master Service.
5. Post-installation Configuration
No post-installation steps are required.
NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product.
6. Known Issues
There are no known issues for this Critical Patch release.
7. Release History
Prior Hotfixes
Only this hotfix was tested for this release. Prior hotfixes were tested at the time of their release.
(VRTS-3171)
A directory traversal vulnerability may allow an attacker to modify arbitrary files on the product's management console.
Solution:
This critical patch updates the Apex One server program to remove the vulnerability.
(SEG-50319)
Changes in the Google API prevents Data Loss Prevention(TM) (DLP) from detecting sensitive information sent through Gmail in Google Chrome 73.
Solution:
This hotfix resolves the issue by enabling the DLP module to support the "Http/Https" and "Open file dialog" functionality in Google Chrome 73.
(SEG-49467)
The tmlisten service stops unexpectedly when users add an NIC description in the Personal Firewall (PFW) profile and deploy the profile to agents.
Solution:
This hotfix updates the Apex One Security Agent program to resolve the issue.
(SEG-49381)
The Smart Scan Pattern of File Reputation Services occupies a large amount of disk space on the Apex One server.
Solution:
This hotfix updates the Apex One server program to resolve this issue.
(SEG-48555)
When users install Apex One and use a domain account to connect to the database, the installation will not be able to create a database and iES will not be installed successfully.
Solution:
This hotfix updates the impersonate method to solve this issue.
(SEG-49534)
When the Apex One environment runs an sqlpackage older that 2016 or one that contains both x86 and x64 versions of version 2016, iES will not be able to create the database because of an incompatible sqlpackage version.
Solution:
This hotfix resolves the issue by enabling the installer to prioritize the x64 version of the sqlpackage during installation.
(SEG-50727)
When a user starts a Security Agent outside the corporate network, the Security Agent does not communicate on Online status to the Edge Relay Server.
Solution:
This hotfix updates Security Agent program to send an Online status to the Edge Relay Server as soon as the Security Agent program starts.
(SEG-51198)
The Apex One Application Control lockdown feature does not work after users switch to a different user account.
Solution:
This hotfix ensures that the feature works normally.
(SEG-50399)
This hotfix updates the DLP template to reduce the performance impact of Apex One.
(SEG-45353)
The Security Agent program may become corrupted when users install it from the MSI installation package (Windows Installer) using the wrong command in the command line.
Solution:
This critical patch enables the Apex One security agent installation to abort the MSI installation process if it encounters an unexpected command.
(SEG-49936), (SEG-49847)
An issue related to the Microsoft(TM) Excel(TM) files with macro content cannot be saved to a network shared folder from an endpoint, some Microsoft Excel temp files cannot be deleted after trying to save the files.
Solution:
This critical patch updates the Apex One security agent program to resolve this issue.
(SEG-50774)
This critical patch enables the Apex One security agent program to support Microsoft Windows(TM) 10 (version 1903) May 2019 Update.
(VRTS-3389)
An unquoted service path enumeration vulnerability may allow an attacker administrator privileges to the Apex One security agent service.
Solution:
This hotfix updates the Apex One security agent program to remove the vulnerability.
(SEG-53931)
Coexisting Apex One security agents cannot set the server information of the Smart Protection Service Proxy correctly. When this happens, the coexisting agents do not send query requests through the Smart Protection Service proxy but directly to the Trend Micro Smart Protection Network instead. This may cause a connection issue if the agents cannot connect to the Internet.
Solution:
This hotfix updates the Apex One security agent program to resolve the issue.
(SEG-52575)
The installation status on the "Agent Installation Progress" page of the Apex One web console is inaccurate.
Solution:
This hotfix updates the Apex One server program to resolve this issue.
(SEG-52409)
A specific keyword triggers the DLP template that does not have any criteria specified.
Solution:
This hotfix updates the DLP template to resolve this issue.
(SEG-50435)
The Connection Status (Online/Offline) of an agent on the web console changes each time a user logs on or off from the client computer.
Solution:
This hotfix updates the Apex One agent program to resolve the issue.
(SEG-52048)
Attempting to restart or stop the WMI service (winmgmt) is unsuccessful on endpoints with the Security Agent installed. The tmlisten service of the Security Agent has a dependency with the WMI service.
Solution:
This hotfix updates the Security Agent program to remove the WMI service dependency.
(SEG-52302)
When the Apex One server registers to the Apex Central server, the Apex One Master Service may stop unexpectedly because of an empty private key.
Solution:
This hotfix updates the Apex One server program to ensure that it can handle an empty public/private key.
(SEG-50705), (SEG-52219), (SEG-51452), (SEG-51849)
An "Error ID: 420" occurs while the Apex One Endpoint Sensor policy is deployed and the "Unable to get the registered server list. There are no registered servers." error appears on the Apex Central "Preliminary Investigation" page.
Solution:
This hotfix helps prevent the Apex One Endpoint Sensor Advanced Threat Assessment Service from being corrupted when Endpoint Sensor is installed using Trend Micro Apex One Installer Maintenance Mode.
(SEG-49807)
Users cannot export the Application Control criteria in Microsoft(TM) Internet Explorer(TM) or the Edge web browser.
Solution:
This hotfix updates the Apex Central files to resolve this issue.
(SEG-53729)
When the "Do not allow users to access the Security Agent console from the system tray or Windows Start menu setting" option is enabled on the Apex One web console, the Apex One Security Agent console cannot be accessed while "PccNT.exe" is running.
Solution:
This hotfix updates a parameter in "wofielauncher.exe" to resolve the issue.
(SEG-54390)
The Vulnerability Protection server service start up fails on platforms that disable Transport Layer Security (TLS) 1.0.
Solution:
This hotfix updates the Vulnerability Protection server to prevent the TLS version issue.
(SEG-51211)
Vulnerability Protection causes unusual CPU usage on some workstations and servers.
Solution:
This hotfix modifies the Vulnerability Protection service to prevent unusual CPU usage.
(VRTS-3314)
This hotfix adds a dynamic share key for Apex One security agents in the encryption and decryption algorithm.
(SEG-51005)
This hotfix adds new Regular Expressions to the Trend Micro Data Loss Prevention(TM) (DLP) Data Identifiers.
(SEG-47568)
This hotfix updates the Apex Central files to display more information about the Application Control violation log entries.
NOTE: This feature requires the installation of Apex Central hotfix 3919 or above.
(SEG-53904)
Security Agents with the Behavior Monitoring program inspection feature enabled may cause Adobe Acrobat/Reader to stop unexpectedly.
Solution:
This hotfix updates the program inspection feature to resolve this issue.
(SEG-52740)
When users attempt to configure the Device Control settings on an Apex One Security Agent by deploying a policy from the Apex Central web console, the Device Control settings cannot be applied on the agent if Data Loss Prevention(TM) (DLP) is not enabled on the agent.
Solution:
This hotfix updates the Apex One server program to resolve this issue.
(SEG-52269)
If the activation (AC) key is deployed after its expiration date has been extended, the ES service will still receive the original expiration date.
Solution:
This hotfix ensures that the ES service will receive the AC key's new expiration date.
(SEG-54380)
The Endpoint Sensor may purge the Root Cause Analysis results by mistake when Apex Central is managing more than one Apex One server.
Solution:
This hotfix resolves the issue.
(SEG-52034)
In rare instances, the Endpoint Sensor may receive the investigation results from an agent at the same time that the same agent is being uninstalled. When this happens, the Endpoint Sensor may not be able to send all the results back to TIC.
Solution:
This hotfix prevents this issue.
(SEG-49402), (SEG-53432)
An issue related to the Microsoft(TM) Monitoring Agent may cause the Apex One Endpoint Sensor Advanced Threat Assessment Service application pool to stop unexpectedly after installing the Apex One server.
Solution:
This hotfix prevents the Apex One Endpoint Sensor Advanced Threat Assessment Service compatibility issue with the Microsoft Monitoring Agent.
(SEG-52560)
There is a typographical error in the "Type the full program path" hint on the "Behavior Monitoring Settings" page of the Apex One web console.
Solution:
This hotfix updates the Apex One server files to correct the error.
(SEG-48859)
An issue causes Apex One security agent remote installation to fail.
Solution:
This hotfix updates the Apex One server program to resolve this issue.
(SEG-52978)
An issue prevents the Data Loss Prevention(TM) (DLP) license from being deployed from Apex Central to Apex One.
Solution:
This hotfix adds support for the DLP AC key type to solve this issue.
(SEG-53295), (SEG-55029)
An access denied error related to a certain component prevents the Trend Micro Advanced Threat Assessment Service (ATAS) from starting successfully.
Solution:
This hotfix resolves the error so ATAS can start normally.
(SEG-53958)
The operating system may stop responding when users switch both the Scan Engine (VSAPI) and the Endpoint Sensor to debug mode at the same time using the Case Diagnostic Tool (CDT).
Solution:
This hotfix resolves the issue by ensuring that CDT works normally when both VSAPI and Endpoint Sensor are enabled.
(SEG-40590)
An Apex One agent that runs on Windows 7 and automatically detects proxy settings will not be able to connect to the Apex One server.
Solution:
This hotfix resolves the issue by updating the Apex One agent program to ensure that it can retrieve the correct proxy configuration.
(SEG-53180), (SEG-56186)
When the agents call "cgiOnScan.exe" and fails, the system keeps resending the request without waiting. This issue generates lots of records in the IIS log.
Solution:
This hotfix updates the Apex One agent program to wait for few seconds before retrying.
(SEG-53304)
This hotfix enables Apex One to send "Dropped" and "Accepted" action results in firewall violation logs to Apex Central. This ensures that both action results display normally on Apex Central instead of being displayed as "unknown".
8. Contact Information
A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees.
Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.
http://www.trendmicro.com/us/about-us/contact/index.html
NOTE: This information is subject to change without notice.
9. About Trend Micro
Smart, simple, security that fits
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information.
Copyright 2019, Trend Micro Incorporated. All rights reserved.
Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners.
10. License Agreement
View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/license-agreements/
Third-party licensing agreements can be viewed:
- By selecting the "About" option in the application user interface
- By referring to the "Legal" page of the Administrator's Guide