<<<>>> Trend Micro Incorporated January 6, 2021 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for EMC(R) Celerra(TM) 5.8 Critical Patch - Build 1573 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ==================================================== 1. Overview of this Critical Patch Release 1.1 Resolved Known Issues 1.2 Enhancements 1.3 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ==================================================== 1. Overview of this Critical Patch Release ======================================================================= 1.1 Resolved Known Issues ==================================================================== This critical patch resolves the following issue: Issue: Sometimes, the spntsvc service stops unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This critical patch resolves the issue. 1.2 Enhancements ==================================================================== This critical patch includes the following enhancement: Enhancement: This critical patch updates the Virus Scan Engine files to remove certain vulnerabilities. 1.3 Files Included in This Release ==================================================================== A. Files for Current Issue -------------------------------------------------------------------- Module File Name Build No. ----------------------------------------------------------------- 32-bit Normal Server SPCommonLog.dll 5.80.0.1573 64-bit Normal Server SPCommonLog.dll 5.80.0.1573 Information Server ntkd12500.zip n/a engv_amd64_ntkd_v12500-1004.zip n/a B. Files for Previous Issues -------------------------------------------------------------------- Module File Name Build No. ----------------------------------------------------------------- 32-bit Normal Server LogMaster.dll 5.80.0.1573 LogViewer.exe 5.80.0.1573 NtApRPC.dll 5.80.0.1573 SpntSvc.exe 5.80.0.1573 StRpcSrv.dll 5.80.0.1573 AgentClient.dll 5.80.0.1573 Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 eng50.dll 5.80.0.1573 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 StUpdate.exe 5.80.0.1573 TmUpdate.dll 2.86.0.1113 x500.db n/a Notification.dll 5.80.0.1573 StCommon.dll 5.80.0.1573 StOPP.exe 5.80.0.1573 TmNotify.dll 5.80.0.1573 EventMsg2.dll 5.80.0.1573 LogDb.dll 5.80.0.1573 LogDbTool.dll 5.80.0.1573 SPCommonLog.dll 5.80.0.1573 SPLog.conf 5.80.0.1573 log4cxx.dll 5.80.0.1573 DCE.dll 5.80.0.1573 spuninst.exe 5.80.0.1573 Spuninstrc.dll 5.80.0.1573 StRpcCln.dll 5.80.0.1573 TmOpp.dll 5.80.0.1573 SP5NSLst.ini n/a tsc.exe 7.5.0.1152 64-bit Normal Server LogMaster.dll 5.80.0.1573 LogViewer.exe 5.80.0.1573 NtApRPC.dll 5.80.0.1573 SpntSvc.exe 5.80.0.1573 StRpcSrv.dll 5.80.0.1573 AgentClient.dll 5.80.0.1573 Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 eng50.dll 5.80.0.1573 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 StUpdate.exe 5.80.0.1573 StUpdate_32.exe 5.80.0.1573 TmUpdate.dll 2.86.0.1113 x500.db n/a Notification.dll 5.80.0.1573 StCommon.dll 5.80.0.1573 StOPP.exe 5.80.0.1573 TmNotify.dll 5.80.0.1573 EventMsg2.dll 5.80.0.1573 LogDb.dll 5.80.0.1573 LogDbTool.dll 5.80.0.1573 SPCommonLog.dll 5.80.0.1573 SPLog.conf 5.80.0.1573 log4cxx.dll 5.80.0.1573 DCE.dll 5.80.0.1573 spuninst.exe 5.80.0.1573 Spuninstrc.dll 5.80.0.1573 StRpcCln.dll 5.80.0.1573 TmOpp.dll 5.80.0.1573 SP5NSLst.ini n/a tsc.exe 7.5.0.1152 tsc64.exe 7.5.0.1152 Management Console Adm_enu.dll 5.80.0.1573 AgentClient.dll 5.80.0.1573 Admin.exe 5.80.0.1573 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 StUpdate.exe 5.80.0.1573 TmUpdate.dll 2.86.0.1113 x500.db n/a spuninst.exe 5.80.0.1573 Spuninstrc.dll 5.80.0.1573 ADM_ENU.chm n/a Information Server AgentClient.dll 5.80.0.1573 EarthAgent.exe 5.80.0.1573 _Setup.dll 12.0.0.49974 data1.cab n/a data1.hdr n/a data2.cab n/a GetRemoteVer.dll 5.80.0.1573 ISSetup.dll 12.0.0.58851 setup.exe 12.0.0.58849 setup.inx n/a Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 Notification.dll 5.80.0.1573 TmNotify.dll 5.80.0.1573 StCommon.dll 5.80.0.1573 StUpdate.exe 5.80.0.1573 EventMsg2.dll 5.80.0.1573 StRpcCln.dll 5.80.0.1573 Spuninst.exe 5.80.0.1573 Spuninstrc.dll 5.80.0.1573 msvcr71.dll 7.10.3052.4 BIFSender.exe 5.80.0.1573 libcurl.dll 7.17.1.0 libeay32.dll 1.0.0.1 ssleay32.dll 1.0.0.1 zlib.dll 1.2.2.0 SP5NSLst.ini n/a dce-exe-mssign-v75-1152.zip n/a dce-exe-mssign-x64-v75-1152.zip n/a tmcomm265-1020.zip n/a MCP CMAgent ProductUI.zip n/a msvcr71.dll 7.10.3052.4 ProductLibrary.dll 5.80.0.1573 CMAgent.exe 5.80.0.1573 cgiCmdNotify.exe 5.0.0.2363 En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 1.1.1.0 libcurl.dll 7.66.0.0 libeay32.dll 1.0.2.20 ssleay32.dll 1.0.2.20 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlib.dll 1.2.3.0 CMAgentLog.dll 5.80.0.1573 MySplashScreen.dll 5.80.0.1573 Patch Files Tmpatch.exe 2.2.0.1057 Setup.ini n/a Hotfix.ini n/a readme.txt n/a license.txt n/a 2. Documentation Set ======================================================================= To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ======================================================================= Install this critical patch only on endpoints protected by ServerProtect 5.8 for EMC Celerra English Version Patch 2. You can download this patch from the following website: http://www.trendmicro.com/download 4. Installation ======================================================================= This section explains key steps for installing this critical patch. 4.1 Installing ==================================================================== To install: 1. Copy the "spemc_580_win_en_criticalpatch1573.exe" critical patch installation file to a temporary folder on the Information Server. 2. If the Information Server or Normal Server is running on Windows Server 2008 R2 or below, install "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update" on the Information Server or Normal Server before applying this critical patch. Download the Microsoft package from the following location: https://www.microsoft.com/en-us/download/details.aspx?id=26347 3. Close the Management Console. 4. Run the critical patch file. The license screen appears. 5. If you disagree with the terms of the legal agreement, choose the "I do not agree with the terms of the legal agreement." option and click "Cancel" to abort the installation. Otherwise, choose the "I accept the terms of the legal agreement" and click "Next". The "readme" appears. 6. Read the contents of the readme carefully and click "Install". The Information Server deploys the patch to Normal Servers 30 seconds after the installation is completed and restarts the ServerProtect services. NOTE: If the installation does not complete successfully, contact Trend Micro technical support. 7. If the Information Server manages a 32-bit Normal Server, open the Management Console and click "Deploy Now" in the "Update" panel to deploy "Anti-rootkit Driver(32 bit)" manually. 8. If the Virus Scan Engine version on the Normal Server is lower than 12.500-1004, update the PatchAgent to the newest version downloadable from the official AU or Control Manager AU server and deploy the "Virus Scan Engine" manually by opening the Management Console and clicking "Deploy Now" in the "Update" panel. To apply this critical patch to a Management Console that is not associated with the computer hosting the Information Server: 1. Apply the critical patch to the Information Server. 2. Close the Management Console. 3. Go to the Management Console home directory and back up the following files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4. On the Information Server, copy the following files from the Information Server home directory to the Management Console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 5. Go to the Management Console home directory, add the following key under the "[ADMINServer]" section of the "ADMIN.INI" file if this key does not exist. If this key exists but its value is not "1", change its value to "1". ShowISVersion=1 4.2 Uninstalling ==================================================================== To roll back to the previous build: 4.2.1 Uninstallation of Information Server and Normal Server -------------------------------------------------------------------- 1. On the Normal Server, run the following shell command to stop the Normal Server service: net stop spntsvc 2. On the Information Server, run the following shell command to stop the Trend Micro Management Communication Protocol (MCP) CMAgent service: net stop ServerProtectCMAgent 3. On the Information Server, run the following shell command to stop the Information Server service: net stop earthagent 4. On the Normal Server, rename the backup files in the ServerProtect home directory and use them to replace the current files. The names of the backup files have ".bak" in the extension. 5. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1573\filegroup100" folder to the ".\CMAgent" folder. 6. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1573\filegroup12" folder to the ".\SMS" folder. 7. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1573\filegroup10\" folder to the current directory. 8. On the Normal Server, run the following command to start the Normal Server service: net start spntsvc 9. On the Information Server, run the following command to start the MCP CMAgent service: net start ServerProtectCMAgent 10.On the Information Server, run the following command to start the Information Server service: net start earthagent 4.2.2 Uninstalling the Management Console -------------------------------------------------------------------- NOTE: It is not necessary to rollback the Management Console separately. You should rollback the Management Console only when it is not installed on the same machine as the Information Server. 1. On Management Console, open the backup directory of the following files in the installation section: - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL - ADMIN.INI 2. Copy the files in the list above to the Management Console home directory to overwrite the local files. 5. Post-installation Configuration ======================================================================= No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ======================================================================= There are no known issues for this critical patch release. 7. Release History ======================================================================= For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ======================================================================= A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================= Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2021, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ======================================================================= View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide