<> Trend Micro Incorporated March 8th, 2024 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) InterScan Messaging Security Suite 9.1 - Patch 1 English - Linux - 32-bit / 64-bit Critical Patch - Build 1515 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ================================================================ 1. Overview of This Critical Patch Release 1.1. Issues 1.2. Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1. Installing 4.2. Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ================================================================ 1. Overview of This Critical Patch Release ======================================================================== 1.1. Issues ==================================================================== This Critical Patch resolves the following issue(s): Issue 1: WRSAgent could not properly analyze a certain URL that also contains a URL in its query string part. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves this issue. Enhancement 1: This hotfix updates the AU module to resolve the AU Signature root certificate expiration issue. 1.2. Files Included in This Release ==================================================================== A. Files for Current Issues ------------------------------------------------------------- Filename Build No. ---------------------------------------------------------- imssd 9.1.0.1515 libFilterSpsTmase.so 9.1.0.1515 libIMSSjni.so 9.1.0.1515 imp_exp 9.1.0.1515 Files for issue 1 ---------------------------------------------------------- wrsagent 9.1.0.1515 Files for enhancement 1 ---------------------------------------------------------- libtmactupdate.so 9.1.0.1515 libpatch.so 9.1.0.1515 liblwtpciu32.so 9.1.0.1515 libciuas32.so 9.1.0.1515 expapply.so 9.1.0.1515 cert5.db 9.1.0.1515 AuPatch 9.1.0.1515 aumsg.0 9.1.0.1515 aumsg.932 9.1.0.1515 aumsg.936 9.1.0.1515 aumsg.949 9.1.0.1515 aumsg.950 9.1.0.1515 B. Files for Previous Issues ------------------------------------------------------------- libFilterVirus.so 9.1.0.1510 dtasagent 9.1.0.1510 apache.sh 9.1.0.1504 S99LOGTRANSFER 9.1.0.1504 postfix 9.1.0.1504 postfix_service_mod.sh 9.1.0.1504 openssl 9.1.0.1504 c_rehash 9.1.0.1504 libssl.so 9.1.0.1504 libssl.so.1.1 9.1.0.1504 libcrypto.so 9.1.0.1504 libcrypto.so.1.1 9.1.0.1504 banner.png 9.1.0.1504 welcome_banner2.gif 9.1.0.1504 imsva_banner.gif 9.1.0.1504 os-logosm.gif 9.1.0.1504 imss_banner.gif 9.1.0.1504 python/* 9.1.0.1493 php/* 9.1.0.1493 curl/* 9.1.0.1493 libcurl.so.4 9.1.0.1493 libsasl2.so.3.0.0 9.1.0.1493 libsasl2.so.3 9.1.0.1493 libsasl2.so 9.1.0.1493 libsasl2.so.2 9.1.0.1493 sasl2 9.1.0.1493 OpenLDAP/* 9.1.0.1493 apache/* 9.1.0.1493 dkim-genkey 9.1.0.1493 dkim-genzone 9.1.0.1493 dkim 9.1.0.1493 libopendkim.so.9.0.1 9.1.0.1493 libdkim.so 9.1.0.1493 libGsoapClient.so 9.1.0.1493 libGsoapMtaClient.so 9.1.0.1493 libPolicyCaller.so 9.1.0.1493 soapclient 9.1.0.1493 forceUpdate 9.1.0.1493 imssmgrmon 9.1.0.1493 imssps 9.1.0.1493 libgnutls.so.26 9.1.0.1493 libgnutls.so.26.14.12 9.1.0.1493 libtasn1.so.3 9.1.0.1493 libtasn1.so.3.1.6 9.1.0.1493 dblog_janitor 9.1.0.1493 predata_gen 9.1.0.1493 smart_reporter 9.1.0.1493 traffic_summary_gen 9.1.0.1493 aucmd 9.1.0.1493 certagent 9.1.0.1493 db_maintain 9.1.0.1493 euqlimpexp 9.1.0.1493 euqop 9.1.0.1493 euqutil 9.1.0.1493 foxdns 9.1.0.1493 ibe_job_doer 9.1.0.1493 ibe_job_getter 9.1.0.1493 ibe_reg 9.1.0.1493 ibes 9.1.0.1493 imssausched 9.1.0.1493 imssauutil 9.1.0.1493 imsscmagent 9.1.0.1493 imssdps 9.1.0.1493 imssmgr 9.1.0.1493 is_euq_enable 9.1.0.1493 localservermgmt 9.1.0.1493 logtransfer 9.1.0.1493 pack_tool 9.1.0.1493 prcmd 9.1.0.1493 purge_by_dbsize 9.1.0.1493 purge_scanner_info 9.1.0.1493 rt_mail_traffic 9.1.0.1493 rtstat 9.1.0.1493 smtp_conn_agent 9.1.0.1493 tlsagent 9.1.0.1493 TmFoxFilter 9.1.0.1493 libEUQjni.so 9.1.0.1493 libImssCommon.so 9.1.0.1493 libImssDAO.so 9.1.0.1493 liblogin.so 9.1.0.1493 libtmau.so 9.1.0.1493 libtmpr.so 9.1.0.1493 cgiCmdNotify 9.1.0.1493 pemverify 9.1.0.1493 imssdump 9.1.0.1493 MTASettingAction* 9.1.0.1493 ldaprep/* 9.1.0.1493 AgentSDK/* 9.1.0.1493 libtmprapid.so 9.1.0.1493 libtmprapi.so 9.1.0.1493 x500.db 9.1.0.1493 libtmufeng.so 9.1.0.1493 libkadm5clnt_mit.so 9.1.0.1493 libkadm5clnt_mit.so.12 9.1.0.1493 libkadm5clnt_mit.so.12.0 9.1.0.1493 libkadm5clnt.so 9.1.0.1493 libgssapi_krb5.so* 9.1.0.1493 libcom_err* 9.1.0.1493 libgssrpc* 9.1.0.1493 libk5crypto* 9.1.0.1493 libkadm5srv_mit* 9.1.0.1493 libkadm5srv.so 9.1.0.1493 libkdb5.so* 9.1.0.1493 libkrad.so* 9.1.0.1493 libkrb5.so* 9.1.0.1493 libkrb5support.so* 9.1.0.1493 libverto.so* 9.1.0.1493 libFilterWrs.so 9.1.0.1493 MsgTracingLogs* 9.1.0.1493 S99MSGTRACING 9.1.0.1493 S99MSGTRACINGMON 9.1.0.1493 AdminListAction.class 9.1.0.1484 MsgTracingLogJNI.class 9.1.0.1484 Utility.class 9.1.0.1478 imssctl.sh 9.1.0.1478 Reprocess.sh 9.1.0.1478 imss6System.properties 9.1.0.1472 imss6System_en.properties 9.1.0.1472 imss.dat 9.1.0.1472 imss.root 9.1.0.1472 root.res 9.1.0.1472 imss6Backup.properties 9.1.0.1472 imss6Backup_en.properties 9.1.0.1472 sys_noti_euq.jsp 9.1.0.1472 SessionKeys.class 9.1.0.1472 NotiEUQForm.class 9.1.0.1472 NotiEUQAction.class 9.1.0.1472 NotiEUQ.class 9.1.0.1472 DailyHourObj.class 9.1.0.1472 DailyHourObj$1.class 9.1.0.1472 virus_rule_action_special.jsp 9.1.0.1457 imssOLH.properties 9.1.0.1457 policy_smart_protection_scanservice.jsp 9.1.0.1457 policy_smart_protection_editsource.jsp 9.1.0.1457 policy_smart_protection_addsource.jsp 9.1.0.1457 postfixctl.sh 9.1.0.1457 libtmmsg.so 9.1.0.1457 libFilterEmgrPlugin.so 9.1.0.1457 left_0530.jsp 9.1.0.1445 AuditLogJNI.class 9.1.0.1445 UIEvtLogDAO.class 9.1.0.1445 imssOLH_en.properties 9.1.0.1445 S99ADMINUI 9.1.0.1445 smartsearch_imss.dat 9.1.0.1445 ExInterface_IMSS.ini 9.1.0.1445 SPFPolicyd.py 9.1.0.1426 libFilterGraymail.so 9.1.0.1426 libImssRule.so 9.1.0.1426 SPFPolicyd/* 9.1.0.1418 tomcat/* 9.1.0.1418 libxml2.so 9.1.0.1416 libFilterAction.so 9.1.0.1416 tables.lua 9.1.0.1404 libtmaseng.so 9.1.0.1379 libtmaseng.so.zip 9.1.0.1379 S99DKIM 9.1.0.1375 libatse.so 9.1.0.1373 libvsapi.so 9.1.0.1373 AddBlockIPAction.class 9.1.0.1371 AddWhiteIPAction.class 9.1.0.1371 BouncedSettingAction.class 9.1.0.1371 ConnSettingAction.class 9.1.0.1371 DelBlockIPAction.class 9.1.0.1371 DelWhiteIPAction.class 9.1.0.1371 DHASettingAction.class 9.1.0.1371 MoveBlockIPAction.class 9.1.0.1371 NRSSettingAction.class 9.1.0.1371 SpamSettingAction.class 9.1.0.1371 UpdateBlockIPAction.class 9.1.0.1371 UpdateWhitelistAction.class 9.1.0.1371 VirusSettingAction.class 9.1.0.1371 LogSettingAction.class 9.1.0.1371 LogSyslogSettingAction.class 9.1.0.1371 AdminDBAction.class 9.1.0.1371 AdminDBAction$1.class 9.1.0.1371 SyslogSettingDAO.class 9.1.0.1371 AccountParser$AccountContentHandler.class 9.1.0.1371 AccountParser.class 9.1.0.1371 BatchParser.class 9.1.0.1371 BatchParser$BatchContentHandler.class 9.1.0.1371 BundleParser.class 9.1.0.1371 BundleParser$BundleContentHandler.class 9.1.0.1371 DomainParser$DomainContentHandler.class 9.1.0.1371 DomainParser.class 9.1.0.1371 DomainPolicyParser$DomainPolicyContentHandler.class 9.1.0.1371 DomainPolicyParser.class 9.1.0.1371 DomainSettingParser$DomainSettingContentHandler.class 9.1.0.1371 DomainSettingParser.class 9.1.0.1371 InboundServerParser$InboundServerContentHandler.class 9.1.0.1371 InboundServerParser.class 9.1.0.1371 JobParser.class 9.1.0.1371 JobParser$JobContentHandler.class 9.1.0.1371 MailTrackParser.class 9.1.0.1371 MailTrackParser$MailTrackContentHandler.class 9.1.0.1371 OutboundIPParser.class 9.1.0.1371 OutboundIPParser$OutboundIpContentHandler.class 9.1.0.1371 PrefilterErrorParser.class 9.1.0.1371 PrefilterErrorParser$PrefilterErrorContentHandler.class 9.1.0.1371 RcptDeletedParser.class 9.1.0.1371 RcptDeletedParser$RcptDeletedContentHandler.class 9.1.0.1371 RecipientParser$RecipientContentHandler.class 9.1.0.1371 RecipientParser.class 9.1.0.1371 RegionAddressParser.class 9.1.0.1371 RegionAddressParser$RegionAddressContentHandler.class 9.1.0.1371 SenderParser.class 9.1.0.1371 SenderParser$SenderContentHandler.class 9.1.0.1371 ThreatSummaryParser.class 9.1.0.1371 ThreatSummaryParser$ThreatSummaryContentHandler.class 9.1.0.1371 TotalTrafficParser.class 9.1.0.1371 TotalTrafficParser$TotalTrafficContentHandler.class 9.1.0.1371 DeliveryPolicyDAO.class 9.1.0.1371 PostfixQueueDAO.class 9.1.0.1371 PostfixQueueMail.class 9.1.0.1371 PostfixQueueMailList.class 9.1.0.1371 PostfixQueueQueryTask.class 9.1.0.1371 PostfixQueueOptTask.class 9.1.0.1371 PostfixDAO.class 9.1.0.1371 Postfix.class 9.1.0.1371 PostfixQueueMgmtAction.class 9.1.0.1371 PostfixQueueMgmtForm.class 9.1.0.1371 PostfixJNI.class 9.1.0.1371 MtaSummaryActionTask.class 9.1.0.1371 MtaSummaryAction.class 9.1.0.1371 AddrGroupAction.class 9.1.0.1371 AddRuleAction.class 9.1.0.1371 ComplianceTemplatesAction$EntityComparator.class 9.1.0.1371 ComplianceTemplatesAction.class 9.1.0.1371 DDAServerMgmtAction.class 9.1.0.1371 DDASettingAction$1.class 9.1.0.1371 DDASettingAction.class 9.1.0.1371 DKIMWhiteListSettingAction.class 9.1.0.1371 ExpressionAction.class 9.1.0.1371 FileAttributeAction.class 9.1.0.1371 InterAddrAction.class 9.1.0.1371 KeywordListsAction.class 9.1.0.1371 PwdProtectAction.class 9.1.0.1371 RuleActionNamedObjAction.class 9.1.0.1371 RuleActionNotifyAction.class 9.1.0.1371 RuleActionStampAction.class 9.1.0.1371 RuleActionTagAction.class 9.1.0.1371 RuleAttrAntiSpoofAction.class 9.1.0.1371 RuleAttrCCCAAction.class 9.1.0.1371 RuleAttrComplianceFilterAction.class 9.1.0.1371 RuleAttrDKIMEnforcementAction.class 9.1.0.1371 RuleAttrGraymailAction.class 9.1.0.1371 RuleAttrMIMEAction.class 9.1.0.1371 RuleAttrNameAction.class 9.1.0.1371 RuleAttrSpamAction.class 9.1.0.1371 RuleAttrTimeRangeAction.class 9.1.0.1371 RuleAttrTrueFileAction.class 9.1.0.1371 RuleAttrWrsAction.class 9.1.0.1371 RuleDetailAction.class 9.1.0.1371 RuleListAction.class 9.1.0.1371 ScanModeAction.class 9.1.0.1371 SecViolateAction.class 9.1.0.1371 SmartProtectionLocalSourceAction.class 9.1.0.1371 SmartProtectionLocalSourceAction$1.class 9.1.0.1371 SmartProtectionScanServiceAction.class 9.1.0.1371 SmartProtectionWRServiceAction.class 9.1.0.1371 VirusRuleAction.class 9.1.0.1371 AddDomainAction.class 9.1.0.1371 DomainListAction.class 9.1.0.1371 DstServerListAction.class 9.1.0.1371 QtEditAreaAction.class 9.1.0.1371 QtSettingsAction.class 9.1.0.1371 ConnBasicAction.class 9.1.0.1371 ConnChildIPAction.class 9.1.0.1371 ConnLDAPAction.class 9.1.0.1371 ConnLDAPAction$1.class 9.1.0.1371 ConnNTPAction.class 9.1.0.1371 ConnTMCMAction.class 9.1.0.1371 DkimSignAction$LogLevel.class 9.1.0.1371 DkimSignAction.class 9.1.0.1371 DkimSignAction$1.class 9.1.0.1371 InternalHostAction$PageList.class 9.1.0.1371 InternalHostAction.class 9.1.0.1371 LoginAction.class 9.1.0.1371 ImssCsrfRequestMatcher.class 9.1.0.1371 SessionFilter.class 9.1.0.1371 ComplianceTemplateWSAction.class 9.1.0.1371 DataIdentifierWSAction.class 9.1.0.1371 LdapUserWSAction$1.class 9.1.0.1371 LdapUserWSAction.class 9.1.0.1371 PolicyWSAction.class 9.1.0.1371 XMLAddressGroup.class 9.1.0.1371 XMLArea.class 9.1.0.1371 XMLKeyword.class 9.1.0.1371 XMLNotification.class 9.1.0.1371 XMLStamp.class 9.1.0.1371 SameSiteCheck.xml 9.1.0.1371 EUQAccessAction.class 9.1.0.1371 ConfigDomain.class 9.1.0.1371 ComplianceLogParser.class 9.1.0.1371 ComplianceTemplateInterface.class 9.1.0.1371 DLPExpressionInterface.class 9.1.0.1371 DLPFileAttributeInterface.class 9.1.0.1371 DLPKeywordInterface.class 9.1.0.1371 imsa8WrsCategory.properties 9.1.0.1371 imsa8WrsCategory_en.properties 9.1.0.1371 AdminAccountService.class 9.1.0.1371 AdminAccountDao.class 9.1.0.1371 AdminAccountMapper.class 9.1.0.1371 imsva_pd_util 9.1.0.1371 ip_whitelist_details.jsp 9.1.0.1368 imss6Policy.properties 9.1.0.1368 imss6Policy_en.properties 9.1.0.1368 UI/adminUI/conf/server.xml 9.1.0.1368 UI/euqUI/conf/server.xml 9.1.0.1368 UI/javaJRE/* 9.1.0.1368 S99LOCALSERVERMGMT 9.1.0.1368 release_java.sh 9.1.0.1366 smartsearch.dat 9.1.0.1366 ip_whitelist_add.jsp 9.1.0.1366 ip_whitelist.jsp 9.1.0.1366 left_ipPage.jsp 9.1.0.1366 add_white_list.jsp 9.1.0.1366 dkim_white_list_import.jsp 9.1.0.1366 ApplyWhiteList.class 9.1.0.1366 WhitelistAction.class 9.1.0.1366 libImssCrypto.so 9.1.0.1363 policy_search.jsp 9.1.0.1362 imss7PolicySearch.properties 9.1.0.1362 rule_attr_keyword_list.jsp 9.1.0.1357 imss-resources.xml 9.1.0.1357 policy_search_tool_style.css 9.1.0.1357 query_prev.gif 9.1.0.1357 query_next.gif 9.1.0.1357 query.gif 9.1.0.1357 LogoTrendMicro_3d.gif 9.1.0.1357 PolicySearchAction.class 9.1.0.1357 PolicySearchDAO.class 9.1.0.1357 PolicySearchConstants.class 9.1.0.1357 PolicySearchResult.class 9.1.0.1357 BackupAction$1.class 9.1.0.1357 BackupAction$ConfigFileNameFilter.class 9.1.0.1357 BackupAction.class 9.1.0.1357 libz.so.1 9.1.0.1347 apply_db.sh 9.1.0.1347 imsstasks 9.1.0.1347 TmFoxProxy 9.1.0.1347 libImssPolicy.so 9.1.0.1345 PatchAction.class 9.1.0.1345 RuleAttrKeywordAction.class 9.1.0.1341 LogQueryMsgDAO.class 9.1.0.1341 c2_proxy.jsp 9.1.0.1341 sys_updates_proxy.jsp 9.1.0.1341 libem_helpr.so 9.1.0.1341 libcme_vxe_dll.so 9.1.0.1341 libdlpEngine.so.0 9.1.0.1341 libdtsearch.so 9.1.0.1341 dtv_pdfcrypto.so 9.1.0.1341 libicudata.so.57 9.1.0.1341 libicui18n.so.57 9.1.0.1341 libicuuc.so.57 9.1.0.1341 url_sandbox_words_import.jsp 9.1.0.1341 smtp_conn.jsp 9.1.0.1341 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. - To access the Support Portal, go to http://success.trendmicro.com 3. System Requirements ======================================================================== 1. InterScan Messaging Security Suite 9.1 Patch 1 Build 1323 - English - Linux - x32-x64 4. Installation ======================================================================== This section explains key steps for installing the Critical Patch. 4.1. Installing ==================================================================== To install: 1. Log on to the IMSS management console. 2. Go to "Administration > Updates > System & Applications". 3. Select and upload the Critical Patch package (tar.gz). 4. After a few minutes, check the latest uploaded package information to make sure the management console has successfully uploaded the Critical Patch package to IMSS. 5. If you have set up a group of IMSS devices, select all child devices in the "Current status" section. Otherwise, select the parent device. 6. Click "Update". 7. If a group has been set up, wait for all child devices to finish updating before selecting the parent device in the "Current status" section. Otherwise, go to step 9. 8. Click "Update". 9. Wait for a few minutes and then log on to the IMSS management console. 10. Go to "Administration > Updates > System & Applications". 11. Verify that the "OS version"/"Application version" values for all items in the "Current status" section match the Critical Patch version. 4.2. Uninstalling ==================================================================== To roll back to the previous build: 1. Log on to the IMSS management console. 2. Go to "Administration > Updates > System & Applications". 3. Under "Host Name", click the name of the device you want to view. A summary screen appears showing the updates and related log information. 4. To remove an update, click "Rollback". 5. Post-installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ======================================================================== There are no known issues for this Critical Patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download Prior Hotfixes ==================================================================== Only this Critical Patch was tested for this release. Prior hotfixes were tested at the time of their release. [Hotfix 1510] Issue 1: IMSS did not trigger the detection report directly for HEUR_DAA.P Heuristic rule (policy rule) when the Aggressive Level is set to 2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves the issue. The Advanced Threat Scan Engine (ATSE) added the Aggressive Level 2: Heuristic rule (policy rule) – HEUR_DAA.P (disabled by default). IMSS will trigger the detection report directly when the Aggressive Level is set to 0, 1, 2. Note: Make sure you update the ATSE engine using AU to version 22.610.1017 or later. Enable ATSE on the IMSS console and configure a hidden key in "imss.ini": edit $IMSS_HOME/config/imss.ini and add atse_afi_file_declaration_detect [general] ... atse_afi_file_declaration_detect=1 ... Update "rules_included" in the "general" section, which should include HEUR_DAA.P. Here is an example: $IMSS_HOME/PostgreSQL/bin/psql imss sa psql (9.2.9) Type "help" for help. imss=# imss=# select * from tb_global_setting where section='general' and name='rules_included'; section | name | value | inifile | notes ---------+------+-------+---------+------- (0 rows) imss=# If "rules_included" is empty, do as follows: insert into tb_global_setting values('general', 'rules_included', 'HEUR_DAA.P', 'imss.ini', NULL); Otherwise, update the "value" field whose name is "rules_included" and add "HEUR_DAA.P" to the end of the orignal "value" field. Restart the scanning service to apply the changes: IMSS_HOME/script/S99IMSS restart Issue 2: IMSS could not properly deal with emails created at a particular time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves the issue. [Hotfix 1504] Issue 1: After Hotfix 1493 is applied in a location instead of the default path, IMSS 9.1 cannot work properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves the issue. Enhancement 1: This hotfix upgrades the OpenSSL module to resolve vulnerabilities. Enhancement 2: This hotfix replaces the old Trend Micro logo with the new logo. [Hotfix 1493] Issue 1: A vulnerability was found in the OpenSSL library, which prevents IMSS from processing certificate files properly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates the OpenSSL library to resolve the issue. Issue 2: There is no paramater (option) for msgtra.imss to work regardless of whether the syslog settings exist. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves this issue. Usage: 1. Add a hidden key in the "general" section of "imss.ini" on parent IMSVA: vi /opt/trend/imss/config/imss.ini [general] enable_msgtra_writelog=yes 2. Restart the MSGTRACING service: /opt/trend/imss/script/S99MSGTRACING restart [Hotfix 1487] Enhancement 1: This hotfix privides an option to add an X-header into emails that contained newborn URLs but failed to get analysis results from Virtual Analyzer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To enable this option: 1. Connect to the database. /opt/trend/imss/PostgreSQL/bin/psql imss sa -h 127.0.0.1 2. Add the following setting to the databse: insert into tb_global_setting ``values('dda','AddURLRatingInfoXHdrNewBornAnalyze Fail','yes','imss.ini'); 3. Exit the database : \q 4. Restart the scan service and the dtasagent service: /opt/trend/imss/script/S99IMSS restart /opt/trend/imss/script/S99DTASAGENT restart [Hotfix 1484] Issue 1: IMSS logs account creation but cannot log account deletion in the Audit Logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves the issue. Issue 2: Log messages cannot been shown properly in the "Message Tracking" logs ("msgtra.imss"). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves the issue. [Hotfix 1478] Issue 1: Policy matching is slow when there are many emails whose "Envelop From" is empty or does NOT include "@" in the string. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix improves the performance in the above scenario. Issue 2: Some users were not able to log on to the End-User Quarantine (EUQ) console until the EUQ service restarted. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves this issue by transforming the UTF-8 streams decoded with Base64 to UTF-8 String. Enhancement 1: This hotfix adds the "Reprocess.sh" script under "$IMSS_HOME/script/" directory to reprocess emails quarantined by specific policies. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: Follow the steps to use the "Reprocess.sh" script: USAGE:./Reprocess.sh start_time end_time policy_name example:./Reprocess.sh "2022-03-11 00:00+08" "2022-03-28 00:00+08" "Default spam rule" [Hotfix 1472] Issue 1: IMSS could not deliver quarantined email messages when the local time zone was set to that of St. John's, Canada. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolved the issue. Issue 2: In the "msgtra.imss" log file of IMSS 9.1, the "type" field might have caused troubles for customers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix removed the "type" field. Issue 3: On the management console of IMSS 9.1, an improper term "anonymous" was used to describe the threat information Smart Feedback shares with the Smart Protection Network for analysis. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix resolved this issue by changing the term "anonymous" to "protected" on the "Smart Protection Network" screen with a whitepaper link provided for reference. Issue 4: IMSS cannot trigger the detection report directly when the Aggressive Level is set to 0, 1, and 2. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix allows IMSS to trigger the detection report directly when the Aggressive Level is set to 0, 1, and 2. 1. Add a hidden key in the "general" section of "imss.ini". vi /opt/trend/imss/config/ imss.in [general] ... detection_aggressive_level=4 :wq 2. Restart the IMSS service. S99IMSS restart Enhancement 1: This hotfix adds an enhancement to support importing configurations from IMSVA 9.1 Critical Patch Build 2090 to IMSS 9.1 Patch 1. Enhancement 2: This hotfix enables IMSS to provide the "Periodic" option for setting the EUQ digest schedule. [Hotfix 1457] Issue 1: When users attempt to change a specific policy rule's "Special Viruses" setting and save the changes, the new setting is not applied and users are redirected to the login screen. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix ensures that users can change a specific policy rule's "Special Viruses" setting. Issue 2: The imssmgr process encounters errors after the syslog feature is enabled on IMSS 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix prevents the imssmgr from importing msgtra.imss logs to the database to resolve this issue. Issue 3: An issue occurs wherein users cannot set the proxy server to the Smart Protection Server when the length of the proxy server name is longer than 64 characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves this issue by increasing the acceptable length of the proxy server to 128 characters. Issue 4: The msgtra.imss logs,"type" fields in InterScan Messaging Security Suite (IMSS) 9.1 may cause problems for some customers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves this issue by removing the "type" field. Issue 5: InterScan Messaging Security Suite (IMSS) does not flush the mail queue after the scan service restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Hotfix resolves this issue by changing the postfix queue path. Enhancement 1: This Hotfix ensures that InterScan Messaging Security Suite (IMSS) can add stamps to the calendar. Enhancement 2: This Hotfix adds an enhancement to prevent InterScan Messaging Security Suite (IMSS) from constantly reloading the policy engine after users modify certain policies. [Hotfix 1445] Issue 1: When the imssmgr process restarts, some logs are written into the "/" path unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves this issue. Issue 2: When DTSAGENT threads are added, the number of connections does not increase which causes database queries to fail. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix ensures that the database connection count increases with the number of DTSAGENT threads. Enhancement 1: This Hotfix enables IMSS to support sending logs through the syslog protocol to multiple external syslog servers in a structured format. [Hotfix 1429] Issue 1: An issue prevents InterScan Messaging Security Suite (IMSS) from detecting certain spam samples. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: The Apache(TM) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix updates the Apache module to resolve the vulnerability. Issue 3: Some Online Help links do not redirect to the correct page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix ensures that the Online Help links work normally. [Hotfix 1425] Issue 1: An issue prevents users from deploying pattern and engine updates from Trend Micro Apex Central(TM) to InterScan Messaging Security Suite (IMSS) installed on Red Hat(TM) Enterprise for Linux(TM) (RHEL) 8. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: IMSS file sandbox may not work if there are two URL sandbox policies before the file sandbox policy. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. Issue 3: The Sender Policy Framework (SPF) does not work on RHEL8.X. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix ensures that SPF works normally on RHEL8.x. NOTE: The RHEL8.x package should contain the "/usr/bin/python2" file for this solution to work. Enhancement 1: This Hotfix integrates the Email Behavior Analysis (EBA) feature to TMASE to improve phishing mail detection. [Hotfix 1418] Issue 1: The Tomcat module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates the Tomcat module to resolve the vulnerability. Enhancement 1: This Hotfix adds the Sender Policy Framework feature in InterScan Messaging Security Suite (IMSS) 9.1. NOTE: This feature is available only on IMSS 9.1 installations that use Postfix. [Critical Patch 1416] Issue 1: Extra spaces are added to specific message subject lines when IMSS executes the "tag subject" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: When 9.1.0 (IMSS) uses Trend Micro Anti Spam Engine 8.6, the Macrowave feature, implemented in build 1323, may treat normal email messages as spam. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves this false positive issue. Issue 3: InterScan Messaging Security Suite (IMSS) uses a version of the libxml2 third-party library that is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix resolves the issue. [Hotfix 1409] Issue 1: An issue prevents InterScan Messaging Security Suite (IMSS) from correctly matching certain special URLs to the Web Reputation Approved List. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Enhancement 1: This Hotfix updates some default CMAgent settings. [Hotfix 1407] Issue 1: An issue prevents InterScan Messaging Security Suite (IMSS) from correctly matching certain special URLs to the Web Reputation Approved List. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. [Hotfix 1404] Issue 1: An issue prevents InterScan Messaging Security Suite (IMSS) from importing the "Preferred charset" setting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: Extra spaces are added to specific message subject lines when IMSS executes the "tag subject" action. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the issue. [Hotfix 1379] Issue 1: When pattern update is enabled both from the InterScan Messaging Security Suite (IMSS) Active Update server and Trend Micro Apex Central(TM), some backup files may remain in the backup folder. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix ensures backup files are cleaned promptly. Issue 2: Users encounter a high CPU usage issue when IMSS scans certain email messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix upgrades the TMASE module to resolve this issue. [Hotfix 1375] Issue 1: Postfix cannot be restarted after the queue_directory is updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix updates the startup script of the Postfix service to resolve this issue. Enhancement 1: This Hotfix updates the dkim process monitor to improve its performance. [Critical Patch 1373] Issue 1: The ATSE/VSAPI engines cannot handle certain CHM files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Critical Patch upgrades the ATSE/VSAPI engines to resolve this issue. [Hotfix 1371] Issue 1: InterScan Messaging Security Suite (IMSS) may use too much memory when scanning a specific email message. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves this issue by adding an option to configure IMSS to skip the pivot table when scanning attachments. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To enable IMSS to skip the pivot table when scanning attachments: 1. Install this Hotfix (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Add the following key under the "general" section and set its value to "yes". [general] EnableSkipExcelPivotTables=yes 4. Save the changes and close the file. 5. Restart the scanner service using the following command: /opt/trend/imss/script/S99IMSS restart Issue 2: The IMSS program is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix resolves the vulnerability. Enhancement 1: This Hotfix applies certain enhancements to improve scan result generation. [Hotfix 1368] Issue 1: Sometimes, an issue prevents imssmgr from starting the localservermgmt process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves the issue. Issue 2: The Active Update (AU) module is affected by a vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Hotfix updates the AU module to resolve the vulnerability. Issue 3: InterScan Messaging Security Suite (IMSS) is affected by a certain vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Hotfix updates the Java(TM), Apache(TM), and Tomcat(TM) modules to resolve the vulnerability. Issue 4: IMSS scanner cannot work when there are no matching policies and "Suspicious URL list" is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Hotfix resolves the issue. Enhancement 1: This Hotfix replaces certain sensitive words on the IMSS web console. [Hotfix 1366] Issue 1: Sometimes, the Management Console does not restart as scheduled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix resolves this issue. Enhancement 1: This Hotfix replaces certain sensitive words on the InterScan Messaging Security Suite (IMSS) web console. [Hotfix 1365] Enhancement 1: This Hotfix provides an option to configure InterScan Messaging Security Suite (IMSS) to insert TMASE-generated headers into email messages to allow users to create policies to catch certain headers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To enable IMSS to add TMASE-generated headers into email messages: 1. Install this Hotfix (see "Installation"). 2. Open the "/opt/trend/imss/config/imss.ini" file. 3. Locate or create the "[tmase]" section. 4. Add "enable_detect_temp_qt=yes" under the "[tmase]" section. [tmase] enable_detect_temp_qt=yes NOTE: This option is disabled by default. 5. Save the changes and close the file. 6. Restart the scanner using the following command: /opt/trend/imss/script/S99IMSS restart Enhancement 2: This Hotfix replaces certain sensitive words on the Online Help document and on the IMSS web console. [Hotfix 1363] Issue 1: An issue prevents InterScan Messaging Security Suite (IMSS) from replicating configuration files from Trend Micro Apex Central(TM). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves the issue. Issue 2: Garbled characters appears in the error message when IMSS cannot connect to the ActiveUpdate (AU) server while running a component update from the admin console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves the issue by changing "saumsg.932" to "UTF-8". Issue 3: AU may not work when the Legion Object Identifier (LOID) exceeds 2 GB. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix upgrades "libtmau.so" to resolve this issue. [Hotfix 1362] Enhancement 1: Previously, when users add a stamp on the web console, InterScan Messaging Security Suite (IMSS) trims empty strings at the beginning or end of the stamp. This hotfix allows users to configure IMSS not to trim empty strings at the beginning or end of stamps. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To prevent IMSS from trimming empty strings at the beginning or end of stamps: 1. Install this hotfix (see "Installation"). 2. Open the "${IMSS_HOME}/UI/adminUI/ROOT/WEB-INF/classes/i mssDefine.properties" file. 3. Add the following key and set its value to "1". policy.stamp.notTrimEmpty=1 NOTE: To allow IMSS to delete empty strings at the start or end of stamps, set this value to "0" or delete the key. 4. Save the changes and close the file. 5. Restart the adminUI by running the following command: ${IMSS_HOME}/script/S99ADMINUI restart Enhancement 2: This hotfix enables IMSS to support Japanese (double-byte characters) keywords in the "Policy > Policy Objects > Keywords & Expressions" page. [Hotfix 1357] Issue 1: The term "splitted file name" appears in InterScan Messaging Security Suite (IMSS) logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix corrects the typographical error so "split file name" displays on IMSS logs. Issue 2: IMSS stops processing email messages unexpectedly. When this happens, email messages are reprocessed only after restarting IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix ensures that IMSS processes email messages normally. Issue 3: When IMSS rewrites long URLs, some long URLs may appear broken. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix ensures that IMSS can rewrite long URLs correctly. Enhancement 1: Boeing DB search tool for IMSS 7.1 needs to be updated for use with IMSS 9.1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: This hotfix adds the Boeing DB search tool in IMSS 9.1. Enhancement 2: This hotfix enables IMSS to support Trend Micro Email Security (TMEMS) migration. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 2: Procedure 1: To enables IMSS to support TMEMS migration: 1.Install this hotfix (see "Installation"). 2.Insert two records into the IMSS database by running the following SQL statements: insert into tb_global_setting (section, name, value, inifile) values ('imp_exp', 'enable_ems_migrate', '1', 'imss.ini'); [Hotfix 1347] Issue 1: RHEL 8.0 is supported on IMSS 9.1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix fixed some bug to support RHEL 8.0 on IMSS 9.1 Issue 2: IMSS users can connect the database using the psql tool without "sa" password after IMSS 9.1 Patch 1 is installed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix fix the issue. Issue 3: imssd didn't start when the anti-spam pattern got updated at 23:00. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix upgrade process imsstask to fix this issue Issue 4: The default value of RetryCount ("1") is too small for the logs failing to be sent to the TMCM server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix updated the default value of retryCount to 4. Enhancement 1: IMSS cannot derive the sender and recipient addresses from the Sender Filtering detection if the SMTP connection is encrypted. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: This hotfix provides the solution by changing foxproxy filter mode and postfix relevant configure. [Hotfix 1345] Issue 1: Sometimes, the Policy Service uses up a large amount of CPU resources on the InterScan Messaging Security Suite (IMSS) server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix optimized some mechanisms in the IMSS server program to resolve this issue. Issue 2: The following error message is generated while IMSS processes email messages. "[NORMAL]Fail to extract text, errcode:0x81d11318, textExtracted.nVecSize:0, filetype:6015" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves the error so that IMSS can process email messages normally. Issue 3: A critical patch for Patch 1 that has been applied to a parent IMSS first cannot be applied to a child IMSS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix ensures that updates can be applied successfully on IMSS child devices. Issue 4: The IMSSD process encounters a memory leak issue when it uses eManager(TM) to scan certain special samples. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix prevents the memory leak by enabling IMSS to reset the "errcode" parameter to zero after calling the eManager API to resolve an error. Issue 5: Administrators cannot flush the Postfix queues after applying Patch 1 Build 1335. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This hotfix ensures that administrators can flush the Postfix queues normally. Issue 6: A user requests for certain updates on Web Reputation Service (WRS) logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This hotfix applies the updates on WRS logs. Enhancement 1: This hotfix enables IMSS to supports Active Update through HTTPS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To enable Active Update through HTTPS: NOTE: The default setting in EN version for this hotfix is HTTPS. 1. Install this hotfix (see "Installation"). 2. Connect to the IMSS database by running the following command. /opt/trend/imss/PostgreSQL/bin/psql imss sa 3. Update the values of the "UpdateServer" and "TMASEServerurl" parameters in the "tb_global_setting" table by running the following SQL commands. UPDATE tb_global_setting SET value = 'https://imss91-p.activeupdate.trendmicro.com/acti veupdate' WHERE section = 'Update' AND (name = 'UpdateServer' OR name = 'TMASEServerurl' ); 4. Quit the psql program by running the following command. \q 5. Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart [Hotfix 1341] Issue 1: A buffer overflow issue causes the imssd process to stop unexpectedly while uploading an email with a long subject containing characters that require URL-encoding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix resolves the issue by updating the output length checking mechanism for email subject URL encoding. Issue 2: A web console issue prevents users from configuring the keyword list setting successfully. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves the issue. Issue 3: The "Log Query" page does not display any information if users input wildcard characters in the "Recipient" field. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix ensures that the field can support wildcard characters. Issue 4: The Proxy Server information is limited to 64 characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix extends the limit to 128 characters. Issue 5: Some messages received by InterScan Messaging Security Suite (IMSS) may be delayed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This hotfix disables the Policy BCC action enhancement in the default configuration to resolve the issue. [Hotfix 1330] Issue 1: Under certain extreme scenarios, the InterScan Messaging Security Suite (IMSS) End User Quarantine (EUQ) service may not be able to retrieve some settings from the database because the database is not ready. Once this happens, the EUQ service applies the "Use LDAP for EUQ authentication" setting by default. If the "Use SMTP Server for EUQ authentication" setting is enabled, the end user will not be able to login to the EUQ service until the service restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix creates a pid file that enables the manager to restart the EUQ service under the scenario described above. Issue 2: After updating to IMSS 9.1, IMSS may take a long time to reprocess email messages from the quarantine queue. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: To apply the changes: 1. Install this hotfix (see "Installation"). 2. Insert a record into the IMSS database by running the following SQL statement: insert into tb_global_setting (section, name, value, inifile) values('general','policy_evt_log_lock', '0', 'imss.ini') 3. Run the following command in the IMSS backend: /opt/trend/imss/script/imssctl.sh restart Issue 3: The IMSSqueue monitor thread may calculate the archive and quarantine sizes incorrectly and will be triggered to notify the administrator that the queue is almost full. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix ensures that IMSS calculates the queue size correctly. Issue 4: Web Reputation Service (WRS) queries are sent without the product GUID. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix adds the product GUID information in WRS queries. Issue 5: Foxproxy may stop unexpectedly when the activation code is invalid and the default installation path is changed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This hotfix resolves the issue. 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. https://www.trendmicro.com/en_us/contact.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits. As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2024, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide