<> Trend Micro Incorporated September 12th, 2024 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Deep Discovery Email Inspector 5.1 - GM English - Linux - 64 Bits Critical Patch - Build 3327 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ================================================================ 1. Overview of This Critical Patch Release 1.1. Issues 1.2. Enhancements 1.3. Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1. Installing 4.2. Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ================================================================ 1. Overview of This Critical Patch Release ======================================================================== 1.1. Issues ==================================================================== This Critical Patch resolves the following issue(s): Issue 1: Potential vulnerabilities are found in the Apache module used in Deep Discovery Email Inspector. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Critical Patch updates the module to protect against the vulnerabilities. Issue 2: Potential vulnerabilities are found in the glibc module used in Deep Discovery Email Inspector. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Critical Patch updates the module to protect against the vulnerabilities. Issue 3: Deep Discovery Email Inspector may not insert message stamps properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Critical Patch resolves this issue. 1.2. Enhancements ==================================================================== The following enhancements are included in this Critical Patch: Enhancement 1: This Critical Patch increases the maximum package size to 3GB for product hotfix and patch updates on the web console. Enhancement 2: This Critical Patch enables Deep Discovery Email Inspector to release quarantined messages to selected recipients on the web console. Enhancement 3: This Critical Patch enhances the Sender Filtering feature to allow up to 5000 entries for the blocked and approved lists. Enhancement 4: This Critical Patch enables Deep Discovery Email Inspector to synchronize suspicious object lists from Apex Central when Deep Discovery Email Inspector is also registered to Deep Discovery Director or Trend Vision One. 1.3. Files Included in This Release ==================================================================== There are no files included in this Critical Patch release. 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. - To access the Support Portal, go to http://success.trendmicro.com 3. System Requirements ======================================================================== 1. Deep Discovery Email Inspector 5.1 GM Build 3149 - English - Linux - x64 4. Installation ======================================================================== This section explains key steps for installing the Critical Patch. 4.1. Installing ==================================================================== No special instructions are provided. 4.2. Uninstalling ==================================================================== No special instructions are provided. 5. Post-installation Configuration ======================================================================== No post-installation steps are required. 6. Known Issues ======================================================================== There are no known issues for this Critical Patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download Prior Hotfixes ==================================================================== Only this Critical Patch was tested for this release. Prior hotfixes were tested at the time of their release. [Hotfix 3289] Issue 1: A potential vulnerability (CVE-2024-6387) is found in the OpenSSH component used in Deep Discovery Email Inspector. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates the OpenSSH component to enhance product security. Issue 2: An issue related to the local LDAP service may prevent LDAP users from accessing the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: The system may not send detection logs containing suspicious URLs analyzed by the Virtual Analyzer to Deep Discovery Director. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. Issue 4: When the system contains more than 1000 user email addresses, users are unable to add new address groups in the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves the issue. Issue 5: The system is unable to import private key files containing "BEGIN PRIVATE KEY" and "END PRIVATE KEY" in Certificate Management. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix resolves the issue. Issue 6: The system displays the "Unknown" file type for AutoCAD files on the Detections screens. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This Hotfix resolves the issue. Issue 7: The network teaming feature does not function properly on Nutanix and KVM platforms. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This Hotfix resolves the issue. Enhancement 1: This Hotfix updates the EUQ approved list to match the email "From" header to enhance email message release process. [Hotfix 3270] Enhancement 1: This Hotfix adds support for image-based QR code scan in mail body and attachment. [Hotfix 3254] Issue 1: When the "Reject messages to unknown recipients" setting is enabled, Deep Discovery Email Inspector may block authentic email messages from known recipients. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: An issue in Deep Discovery Email Inspector may prevent the system from displaying the screenshot image of a detected email message in the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: The postfix service may be stopped in Linux due to insufficient system memory. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. Enhancement 1: This Hotfix increases the limit for the Permitted Senders of Relayed Mail setting. [Hotfix 3240] Issue 1: The system may generate scheduled reports with empty pages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: The system may not be able to search the message queue for some email samples in the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: Potential vulnerabilities (CVE-2023-28708 and CVE-2023-46589) are found in the Tomcat component used in Deep Discovery Email Inspector. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix updates the Tomcat component to enhance product security. Enhancement 1: This Hotfix updates the Password Analyzer module to enhance analysis capabilities. [Hotfix 3218] Issue 1: Potential vulnerabilities are found in the Apache module used in Deep Discovery Email Inspector. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates the module to protect against the vulnerabilities. Issue 2: An issue may prevent LDAP account users from logging into the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Enhancement 1: This Hotfix increases the maximum number of delivery profiles from 512 to 5000 on the Message Delivery screen. Enhancement 2: This Hotfix allows Deep Discovery Email Inspector to integrate with Trend Vision One through the system proxy server. [Hotfix 3210] Issue 1: The system may not apply content filtering rules for some compressed files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: A missing script file may cause an internal process to become unresponsive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: The system may bypass malware detection for JPG files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. Issue 4: The sender field is empty on DDAN web console when submit sample to DDAN. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves the issue. Issue 5: The system may not display Time-of-Click logs in the web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix resolves the issue. Enhancement 1: This Hotfix updates Virtual Analyzer to enhance the DNS query process. Enhancement 2: This Hotfix enables Deep Discovery Email Inspector to analyze QR codes in PDF attachments in email messages. [Hotfix 3204] Issue 1: The action information does not match in the web console and the exported log file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: Deep Discovery Email Inspector may not save the NTP server configuration settings properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: Deep Discovery Email Inspector is unable to analyze some encrypted PDF files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. Issue 4: The system may not display the a preview of quarantined spam messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves the issue. Issue 5: The system may not apply policy exceptions based on email or LDAP addresses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix resolves the issue. Issue 6: After rolling back a hotfix, the system may not save configuration information on hidden configuration screens. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This Hotfix resolves the issue. Enhancement 1: This Hotfix includes the option to allow Deep Discovery Email Inspector to forward detection logs to Trend Vision One. Enhancement 2: This Hotfix updates the risk level wording from "No risk" to "No risk detected" in the web console. [Hotfix 3178] Issue 1: The system may not apply custom regular expression rules properly on content with Cyrillic characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: The system may display the "Queued for sandbox analysis" status for pending message tracking tasks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: When network teaming is enabled, the system may not display correct value for the network traffic. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. Issue 4: The system is unable to submit email samples with special characters to Deep Discovery Analyzer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves the issue. Issue 5: The SNMP service may not work properly using SNMPv3. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix resolves the issue. [Hotfix 3153] Issue 1: The prefilter feature for the internal Virtual Analyzer does not operate properly for custom network types. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: The system may not apply policy exceptions based on email or LDAP addresses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: LDAP Kerberos authentication may not work properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. Issue 4: Deep Discovery Email Inspector may not apply the network interface name correctly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves the issue. Issue 5: After deleting an LDAP server entry in the web console, the system may not remove the entry properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix resolves the issue. Enhancement 1: This Hotfix enables Deep Discovery Email Inspector to include message size information in detection logs. Enhancement 2: This Hotfix updates the related modules to enhance the SNMP service performance. 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. https://www.trendmicro.com/en_us/contact.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits. As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2024, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide