<> Trend Micro Incorporated November 23rd, 2020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) InterScan Web Security Virtual Appliance 6.5 - Service Pack 2 - Patch 4 English - Linux - 64 Bits Critical Patch - Build 1919 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ================================================================ 1. Critical Patch Release Information 1.1 Resolved Known Issues 1.2 Enhancements 1.3 Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ================================================================ 1. Critical Patch Release Information ======================================================================== 1.1 Resolved Known Issues ==================================================================== This Critical Patch resolves the following issue(s): (VRTS-3257) Issue 1: InterScan Web Security Virtual Appliance (IWSVA) is affected by a Cross-Site Scripting (XSS) vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Critical Patch resolves the vulnerability. (VRTS-3552) Issue 2: IWSVA is affected by a Cross-Site Request Forgery (CSRF) vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Critical Patch resolves the vulnerability. (VRTS-3554) Issue 3: The IWSVA web console is affected by an Authorization Bypass vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Critical Patch resolves the vulnerability. (VRTS-3555) Issue 4: Some special IP address formats bypass authentication checks. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Critical Patch ensures that IP addresses go through authentication. (VRTS-3556) Issue 5: There is no code authenticity checks in place for when IWSVA applies a hotfix or patch. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Critical Patch adds code authentication mechanisms for hotfix and patch installation in IWSVA. (VRTS-3557), (VRTS-4976), (VRTS-4978) Issue 6: IWSVA is affected by Authenticated Command Injection vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This Critical Patch resolves the vulnerability. (VRTS-4972), (VRTS-4974) Issue 7: IWSVA is affected by Remote Stack Buffer Overflow vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This Critical Patch resolves the vulnerability. (VRTS-5104) Issue 8: The Active Update module is affected by Arbitrary File Upload and Remote Code Execution vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This Critical Patch updates the Active Update module to resolves the vulnerabilities. (SEG-89515), (SEG-87908), (SEG-91593) Issue 9: The Appd process generates a large number of core_appd files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This critical patch updates the ixEngine pattern to resolve this issue. 1.2 Enhancements ==================================================================== There are no enhancements for this Critical Patch release. 1.3 Files Included in This Release ==================================================================== A. Files for Current Issues ------------------------------------------------------------------ Filename Build No. ------------------------------------------------------------- libdaemon.so 1919 svcmonitor 1919 isdelvd 1919 Files for Issue 1 ------------------------------------------------------------- IWSSGui.jar 1919 Files for Issue 2 ------------------------------------------------------------- IWSSGui.jar 1919 Files for Issue 3 ------------------------------------------------------------- IWSSGui.jar 1919 Files for Issue 4 ------------------------------------------------------------- libdaemon.so 1919 libhttpproxy.so 1919 Files for Issue 5 ------------------------------------------------------------- /etc/iscan/patch/bin/7za 1919 tmp/jdk.tar.gz 1919 /etc/iscan/patch/bin/PatchExe.sh 1919 Files for Issue 6 ------------------------------------------------------------- libIWSSUIJNI.so 1919 IWSSGui.jar 1919 libuiauutil.so 1919 Files for Issue 7 ------------------------------------------------------------- libIWSSUIJNI.so 1919 IWSSGui.jar 1919 libuiauutil.so 1919 urlf_reclassifyurl.jsp 1919 Files for Issue 8 ------------------------------------------------------------- libuiauutil.so 1919 AuPatch 1919 cert5.db 1919 libpatch.so 1919 libtmactupdate.so 1919 x500.db 1919 getupdate 1919 schedule_au 1919 libproductbase.so 1919 B. Files for Previous Issues ------------------------------------------------------------------ urlfcMapping.properties 1913 libProductLibrary.so 1914 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. - To access the Support Portal, go to http://success.trendmicro.com 3. System Requirements ======================================================================== 1. Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 - Patch 4 Build 1844 - English - Linux - x64 4. Installation ======================================================================== This section explains key steps for installing the Critical Patch. 4.1 Installing ==================================================================== To install: 1. Ensure that you have installed IWSVA 6.5 Service Pack 2 Hotfix 1912. 2. Download the "iwsva_65_sp2_ar64_en_criticalpatch_b1919.zip" Critical Patch file to your local hard disk. 3. Log on to the IWSVA admin console GUI. 4. Go to the "Administration > System Updates" page. 5. Click "Browse". 6. Browse your local hard disk for the "iwsva_65_sp2_ar64_en_criticalpatch_b1919.zip" Critical Patch file and click "Open". 7. Click "Upload". Your browser uploads the Critical Patch file to IWSVA which validates if the file is a legitimate Critical Patch. 8. Click "Install" to apply the Critical Patch and update IWSVA to build 1919. The HTTP and FTP services in IWSVA restart automatically. 9. Clear the browser cache. NOTE: Applying this Critical Patch interrupts the HTTP and FTP services for several minutes. Plan appropriately for this downtime. 4.2 Uninstalling ==================================================================== To roll back to the previous build: 1. Log on to the IWSVA admin console GUI. 2. Go to the "Administration > System Updates" page. 3. Click "Uninstall" next to "cpb1919", and then verify the Critical Patch ID and description on the confirmation page that appears. 4. Click "Uninstall" to remove critical patch 1919 to roll back IWSVA to the previous build. The HTTP and FTP services in IWSVA restart automatically. NOTE: Removing this Critical Patch interrupts the HTTP and FTP services for several minutes. Plan appropriately for this downtime. 5. Post-installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ======================================================================== There are no known issues for this Critical Patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download Prior Hotfixes ==================================================================== Only this Critical Patch was tested for this release. Prior hotfixes were tested at the time of their release. [Hotfix 1913] (SEG-82467) Issue 1: Some category-related reports cannot be generated correctly and do not display any information. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix ensures that category-related reports are generated normally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: Please upgrade iwsva to Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 - HOTFIX 1912 before apply this hotfix [Hotfix 1914] (SEG-86101) Issue 1: After InterScan Web Security Virtual Appliance (IWSVA) integrates with Trend Micro Control Manager(TM), a time zone issue causes inaccurate log generation time to appear on logs on the Control Manager web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Hotfix ensures that logs show complete and accurate information. NOTE: You need to upgrade IWSVA 6.5 Service Pack 2 Hotfix 1912 before applying this Hotfix. 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. https://www.trendmicro.com/en_us/contact.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits. As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2020, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: https://www.trendmicro.com/en_us/about/legal.html Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide