<<USE COURIER REGULAR 10 FONT IF YOU WOULD LIKE TO PRINT THIS DOCUMENT>>
Trend Micro Incorporated October 20th, 2023
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Trend Micro(TM) ServerProtect for Storage 6.0 - Patch 2
English - Windows - 32-bit / 64-bit
Critical Patch - Build 1416
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Contents
================================================================
1. Overview of This Critical Patch Release
1.1. Issues
1.2. Files Included in This Release
2. Documentation Set
3. System Requirements
4. Installation
4.1. Installing
4.2. Uninstalling
5. Post-installation Configuration
6. Known Issues
7. Release History
8. Contact Information
9. About Trend Micro
10. License Agreement
================================================================
1. Overview of This Critical Patch Release
========================================================================
1.1. Issues
====================================================================
This Critical Patch resolves the following issue(s):
Issue 1: ServerProtect reported several virus alerts in
Real-time Scan about virus "+" in "?." after the Virus
Scan Engine had upgraded to 22.610-1017.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 1: This Critical Patch resolves the issue.
Issue 2: Process StOPP started unexpectedly and might cause
service crash sometimes.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 2: This Critical Patch resolves the issue.
1.2. Enhancements
====================================================================
The following enhancements are included in this Critical Patch:
Enhancement 1: This version of ServerProtect for Storage runs with
Microsoft Visual C++ 2015 Redistributable Package,
which brings adaptability update for common
components.
1.3. Files Included in This Release
====================================================================
--------------------------------------------------------------------
Module File Name Build No.
-----------------------------------------------------------------
64-bit Normal Server
AgRpcCln.dll 6.00.0.1416
AgentClient.dll 6.00.0.1416
Build.exe 2.86.0.4044
CheckEVC.dll 6.00.0.1416
CheckSecurityPatch.dll 6.00.0.1416
CheckUsr.dll 6.00.0.1416
DCE.dll 6.00.0.1416
DCEEvent.dll 6.00.0.1416
DCEOut.dll 6.00.0.1416
DCEOut64.dll 6.00.0.1416
DllForWin2008.dll 6.00.0.1416
EventMsg2.dll 6.00.0.1416
GetRemoteVer.dll 6.00.0.1416
HDITakeAction.exe 6.00.0.1416
LogDb.dll 6.00.0.1416
LogDbTool.dll 6.00.0.1416
LogMaster.dll 6.00.0.1416
LogViewer.exe 6.00.0.1416
NetworkTrap.exe 6.00.0.1416
Notification.dll 6.00.0.1416
NtApRPC.dll 6.00.0.1416
NtIcapServer.dll 6.00.0.1416
PBDriver.sys 5.4.0.1000
Patch.exe 2.86.0.4044
RpcCrypt.dll 6.00.0.1416
SP5NSLst.ini n/a
SPCommonLog.dll 6.00.0.1416
ScanNow.exe 6.00.0.1416
ServiceTray.exe 6.00.0.1416
SetDefaultMsg.dll 6.00.0.1416
SetDefaultMsgRc.dll 6.00.0.1416
SetUserInfo.exe 6.00.0.1416
SpTrace.dll 6.00.0.1416
SpTrace32.dll 6.00.0.1416
SpntSvc.exe 6.00.0.1416
StCommon.dll 6.00.0.1416
StHotFix.exe 6.00.0.1416
StOPP.exe 6.00.0.1416
StRpcCln.dll 6.00.0.1416
StRpcSrv.dll 6.00.0.1416
StUpdate.exe 6.00.0.1416
StUpdate_32.exe 6.00.0.1416
StWatchDog.exe 6.00.0.1416
TMNotify.dll 6.00.0.1416
TmOpp.dll 6.00.0.1416
TmRpcSrv.dll 6.00.0.1416
TmUpdate.dll 2.86.0.4044
TmdMon.exe 6.00.0.1416
cert5.db n/a
ciuas32.dll 0.0.2075
ciussi32.dll 0.0.2074
eng50.dll 6.00.0.1416
expapply.dll 5.2.0
expbuild.dll 4.2.0
icrcauapi.dll 2.83.0.1044
libcrypto-3-X64.dll 3.1.0
liblwtpciu32.dll 1.0.0.1005
libssl-3-X64.dll 3.1.0
loadhttp.dll 1.32.0.1018
log4cxx.dll 10.0.1
mfc140u.dll 14.0.23026.0
msvcp140.dll 14.00.23026.0
patchbld.dll 12.21
patchw32.dll 12.22
psmc.dll 8.42
rmvnssvc.exe 6.00.0.1416
spuninst.exe 6.00.0.1416
startnssvc.exe 6.00.0.1416
tsc.exe 7.5.0.1186
tsc64.exe 7.5.0.1186
vcruntime140.dll 14.00.23026.0
x500.db n/a
32-bit Normal Server
AgRpcCln.dll 6.00.0.1416
AgentClient.dll 6.00.0.1416
Build.exe 2.86.0.4044
CheckEVC.dll 6.00.0.1416
CheckSecurityPatch.dll 6.00.0.1416
CheckUsr.dll 6.00.0.1416
DCE.dll 6.00.0.1416
DCEEvent.dll 6.00.0.1416
DCEOut.dll 6.00.0.1416
DllForWin2008.dll 6.00.0.1416
EventMsg2.dll 6.00.0.1416
GetRemoteVer.dll 6.00.0.1416
HDITakeAction.exe 6.00.0.1416
LogDb.dll 6.00.0.1416
LogDbTool.dll 6.00.0.1416
LogMaster.dll 6.00.0.1416
LogViewer.exe 6.00.0.1416
NetworkTrap.exe 6.00.0.1416
Notification.dll 6.00.0.1416
NtApRPC.dll 6.00.0.1416
NtIcapServer.dll 6.00.0.1416
PBDriver.sys 5.4.0.1000
Patch.exe 2.86.0.4044
RpcCrypt.dll 6.00.0.1416
SP5NSLst.ini n/a
SPCommonLog.dll 6.00.0.1416
ScanNow.exe 6.00.0.1416
ServiceTray.exe 6.00.0.1416
SetDefaultMsg.dll 6.00.0.1416
SetDefaultMsgRc.dll 6.00.0.1416
SetUserInfo.exe 6.00.0.1416
SpTrace.dll 6.00.0.1416
SpntSvc.exe 6.00.0.1416
StCommon.dll 6.00.0.1416
StHotFix.exe 6.00.0.1416
StOPP.exe 6.00.0.1416
StRpcCln.dll 6.00.0.1416
StRpcSrv.dll 6.00.0.1416
StUpdate.exe 6.00.0.1416
StWatchDog.exe 6.00.0.1416
TMNotify.dll 6.00.0.1416
TmOpp.dll 6.00.0.1416
TmRpcSrv.dll 6.00.0.1416
TmUpdate.dll 2.86.0.4044
TmdMon.exe 6.00.0.1416
cert5.db n/a
ciuas32.dll 0.0.2075
ciussi32.dll 0.0.2074
eng50.dll 6.00.0.1416
expapply.dll 5.2.0
expbuild.dll 4.2.0
icrcauapi.dll 2.83.0.1044
libcrypto-3.dll 3.0.8
liblwtpciu32.dll 1.0.0.1005
libssl-3.dll 3.0.8
loadhttp.dll 1.32.0.1018
log4cxx.dll 10.0.1
mfc140u.dll 14.0.23026.0
msvcp140.dll 14.00.23026.0
patchbld.dll 12.21
patchw32.dll 12.22
psmc.dll 8.42
rmvnssvc.exe 6.00.0.1416
spuninst.exe 6.00.0.1416
spuninstrc.dll 6.00.0.1416
startnssvc.exe 6.00.0.1416
tmeng.dll 6.800-1034
tsc.exe 7.5.0.1186
vcruntime140.dll 14.00.23026.0
x500.db n/a
Information Server and Management Console
Adm_enu.dll 6.00.0.1416
Admin.exe 6.00.0.1416
AgentClient.dll 6.00.0.1416
AgentClient.dll 6.00.0.1416
BIFSender.exe 6.00.0.1416
Build.exe 2.86.0.4044
CheckEVC.dll 6.00.0.1416
CheckSecurityPatch.dll 6.00.0.1416
CheckUsr.dll 6.00.0.1416
DeployTool.exe 6.00.0.1416
EarthAgent.exe 6.00.0.1416
EventMsg2.dll 6.00.0.1416
GetRemoteVer.dll 6.00.0.1416
GetRemoteVer.dll 6.00.0.1416
ISReg.dll 1.0.0.1007
ISSetup.dll 28.0.759
NotifMsg.ini n/a
Notification.dll 6.00.0.1416
Patch.exe 2.86.0.4044
Quarantine.exe 6.00.0.1416
RemoteInstall.exe 6.00.0.1416
Rpc4Setup.dll 6.00.0.1416
RpcCrypt.dll 6.00.0.1416
RpcCrypt.dll 6.00.0.1416
SP5NSLst.ini n/a
SP5NSLst.ini n/a
SetUserInfo.exe 6.00.0.1416
SpTrace.dll 6.00.0.1416
SpnwClient.dll 6.00.0.1416
StCommon.dll 6.00.0.1416
StHotFix.exe 6.00.0.1416
StRpcCln.dll 6.00.0.1416
StUpdate.exe 6.00.0.1416
TMCrypt.dll 1.0.0.1007
TMNotify.dll 6.00.0.1416
TMReg.dll 1.0.0.1007
TmRpcSrv.dll 6.00.0.1416
TmUpdate.dll 2.86.0.4044
TmdMon.exe 6.00.0.1416
Tmnotify_v1.dll 6.00.0.1416
cert5.db n/a
ciuas32.dll 0.0.2075
ciussi32.dll 0.0.2074
data1.cab n/a
data1.hdr n/a
data2.cab n/a
dce-exe-mssign-v75-1184.zip n/a
dce-exe-mssign-x64-v75-1184.zip n/a
expapply.dll 5.2.0
expbuild.dll 4.2.0
icrcauapi.dll 2.83.0.1044
layout.bin n/a
libcrypto-3.dll 3.0.8
libcrypto-3.dll 3.0.8
libcurl.dll 7.88.1
liblwtpciu32.dll 1.0.0.1005
libssl-3.dll 3.0.8
libssl-3.dll 3.0.8
loadhttp.dll 1.32.0.1018
mfc140u.dll 14.0.23026.0
mfc80u.dll 8.00.50727.762
msvcp140.dll 14.00.23026.0
msvcp80.dll 8.00.50727.762
msvcr80.dll 8.00.50727.762
patchbld.dll 12.21
patchw32.dll 12.22
psmc.dll 8.42
rmvagsvc.exe 6.00.0.1416
setup.inx n/a
spuninst.exe 6.00.0.1416
spuninst.exe 6.00.0.1416
spuninstrc.dll 6.00.0.1416
spuninstrc.dll 6.00.0.1416
startagsvc.exe 6.00.0.1416
tmeng.dll 6.800-1034
tsc.exe 7.5.0.1186
tsc64.exe 7.5.0.1186
vcruntime140.dll 14.00.23026.0
x500.db n/a
zlibwapi.dll 1.2.11
zlibwapi.dll 1.2.11
MCP CMAgent
CMAgent.exe 6.00.0.1416
CMAgentLog.dll 6.00.0.1416
En_BlobConvertUtility.dll 5.0.0.2614
En_I18N.dll 5.0.0.2614
En_Utility.dll 5.0.0.2614
MySplashScreen.dll 6.00.0.1416
ProductLibrary.dll 6.00.0.1416
SSO_PKIHelper.dll 5.0.0.2614
TrendAprWrapperDll.dll 5.0.0.2614
cgiCmdNotify.exe 5.0.0.2614
libapr-1.dll 1.5.2
libcrypto-3.dll 3.0.8
libcurl.dll 7.88.1
libssl-3.dll 3.0.8
msvcp140.dll 14.00.23026.0
vcruntime140.dll 14.00.23026.0
zlibwapi.dll 1.2.11
Patch Files
License.txt n/a
Readme.txt n/a
TMPatch.exe 2.2.0.1057
UpdateComponent.cmd n/a
hotfix.ini n/a
setup.ini n/a
2. Documentation Set
========================================================================
To download or view electronic versions of the documentation set for
this product, go to http://docs.trendmicro.com
- Online Help: The Online Help contains an overview of features and
key concepts, and information on configuring and maintaining the
product.
To access the Online Help, go to http://docs.trendmicro.com
- Installation Guide (IG): The Installation Guide contains information
on requirements and procedures for installing and deploying the
product.
- Administrator's Guide (AG): The Administrator's Guide contains an
overview of features and key concepts, and information on configuring
and maintaining the product.
- Getting Started Guide (GSG): The Getting Started Guide contains
product overview, installation planning, installation and
configuration instructions, and basic information intended to get the
product 'up and running'.
- Support Portal: The Support Portal contains information on
troubleshooting and resolving known issues.
- To access the Support Portal, go to http://success.trendmicro.com
3. System Requirements
========================================================================
1. Trend Micro ServerProtect for Storage 6.0 Patch 2 Build 1304 -
English - Windows - x32-x64
4. Installation
========================================================================
This section explains key steps for installing the Critical Patch.
4.1. Installing
====================================================================
To install:
1. If the Information Server or Normal Server is running on
Windows Server 2012 R2 or below, install "Visual C++
Redistributable for Visual Studio 2015" on the Information
Server or Normal Server before applying this critical patch.
Download the Microsoft package from the following location:
https://www.microsoft.com/en-us/download/details.aspx?id=48145
2. Close the Management Console.
3. Run "spfs_600_win_en_criticalpatch_b1416.exe" to copy the
critical patch files to the correct destination. The License
Agreement appears.
4. Read the License Agreement and click "OK" if you agree with
the license conditions to finish the installation.
NOTES:
- The setup will not continue if you do not agree to the
setup license conditions.
- The critical patch files are automatically deployed to all
scan servers managed by the Information Server.
5. If the Information Server manages a 32-bit Normal Server,
open the Management Console and click "Deploy Now" in the
"Update" panel to deploy "Anti-rootkit Driver(32 bit)"
manually.
To apply this critical patch to a Management Console that is not
associated with the computer hosting the Information Server:
1. Apply the critical patch to the Information Server.
2. Close the Management Console.
3. Go to the Management Console home directory and back up the
following files to another location.
- admin.exe
- Adm_enu.dll
- AgentClient.dll
- ADM_ENU.chm
- EventMsg2.dll
- spuninst.exe
- spuninstrc.DLL
4. On the Information Server, copy the following files from the
Information Server home directory to the Management Console
home directory to overwrite the local files.
- admin.exe
- Adm_enu.dll
- AgentClient.dll
- ADM_ENU.chm
- EventMsg2.dll
- spuninst.exe
- spuninstrc.DLL
4.2. Uninstalling
====================================================================
To roll back to the previous build:
1. On the Normal Server, run the following shell command to stop
the Normal Server service:
net stop spntsvc
2. On the Information Server, run the following shell command to
stop the Trend Micro Management Communication Protocol (MCP)
CMAgent service:
net stop ServerProtectCMAgent
3. On the Information Server, run the following shell command to
stop the Information Server service:
net stop earthagent
4. If the Management Console is installed on the same server with
the Information Server, open the Information Server's home
directory and copy the files from the
".\backup\criticalpatch1416\filegroup10" folder to the
current directory.
If the Management Console is not installed on the same server
with the Information Server, open the Management Console's
home directory, and then roll back the following files:
- admin.exe
- Adm_enu.dll
- AgentClient.dll
- ADM_ENU.chm
- EventMsg2.dll
- spuninst.exe
- spuninstrc.DLL
5. On the Normal Server, rename the backup files in the
ServerProtect home directory and use them to replace the
current files. The names of the backup files have ".bak" in
the extension.
6. On the Information Server, open the Information Server's home
directory and copy the files from the
".\backup\criticalpatch1416\filegroup100" folder to the
".\CMAgent" folder.
7. On the Information Server, open the Information Server's home
directory and copy the files from the
".\backup\criticalpatch1416\filegroup10\" folder to the
current directory.
8. On the Normal Server, run the following command to start the
Normal Server service:
net start spntsvc
9. On the Information Server, run the following command to start
the MCP CMAgent service:
net start ServerProtectCMAgent
10. On the Information Server, run the following command to
start the Information Server service:
net start earthagent
5. Post-installation Configuration
========================================================================
No post-installation steps are required.
NOTE: Trend Micro recommends that you update your scan engine and
virus pattern files immediately after installing the product.
6. Known Issues
========================================================================
There are no known issues for this Critical Patch release.
7. Release History
========================================================================
For more information about updates to this product, go to:
http://www.trendmicro.com/download
Prior Hotfixes
====================================================================
Only this Critical Patch was tested for this release. Prior hotfixes
were tested at the time of their release.
[Hotfix 1329]
Issue 1: Sometimes, tsc64.exe crashes during startup.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 1: This hotfix upgrades the DCE module to resolve the
issue.
Issue 2: Spyware alerts could not work properly in storage
scanning.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 2: This hotfix resolves the issue.
Issue 3: Users could not save the device list after providing
correct username and password in the device list.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 3: This hotfix extends the password length support from
32 to 48 bytes to resolve the issue.
Enhancement 1: This hotfix fixes the issues reported by the
Fortify Static Code Analyzer tool.
Enhancement 2: In some network environments, the Normal Server
(NS) could not resolve the hostname of the
Information Server (IS). This hotfix adds the
FIXAgentAddress hidden key to resolve the issue.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Procedure 2: To configure this feature:
1. Go to the NS machine.
2. Run Regedit to open the Registry Editor.
3. Go to key
HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ServerPr
otect\CurrentVersion\RPC.
4. Add a key entry (REG_SZ) named
"FIXAgentAddress".
5. Set the value of this entry to the IP
address of the IS machine.
The following is an example:
Path:
HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ServerProte
ct \CurrentVersion\RPC
Key: FIXAgentAddress
Kind: REG_SZ
Value: 192.168.0.1
6. Restart the Trend Micro ServerProtect
service on the NS machine.
[Hotfix 1307]
Issue 1: Sometimes, virus or spyware pattern updates cannot
succeed with error code 46 reported.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 1: This hotfix resolves this issue.
Issue 2: If the sender or recipient address set for
notifications exceeds 49 bytes, issues may occur:
* The sender address will be truncated on the
Management Console.
* Notifications cannot be sent to the recipient
successfully.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 2: This hotfix resolves the issues.
Issue 3: Some customers reported that they could not open the
management console when port 1000 was occupied by
other programs.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 3: This hotfix resolves this issue.
Issue 4: The Normal Server may exit abnormally upon the
failure to create the DCE engine process.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Solution 4: This hotfix resolves this issue.
Enhancement 1: This hotfix upgrades the ActiveUpdate module to
remove some vulnerabilities.
Enhancement 2: This hotfix upgrades the CMAgent SDK module to
remove some vulnerabilities.
8. Contact Information
========================================================================
A license to Trend Micro software usually includes the right to product
updates, pattern file updates, and basic technical support for one (1)
year from the date of purchase only. After the first year, you must
renew Maintenance on an annual basis at Trend Micro's then-current
Maintenance fees.
Contact Trend Micro via fax, phone, and email, or visit our website to
download evaluation copies of Trend Micro products.
https://www.trendmicro.com/en_us/contact.html
NOTE: This information is subject to change without notice.
9. About Trend Micro
========================================================================
Smart, simple, security that fits.
As a global leader in IT security, Trend Micro develops innovative
security solutions that make the world safe for businesses and consumers
to exchange digital information.
Copyright 2023, Trend Micro Incorporated. All rights reserved.
Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for
Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex
Central are trademarks of Trend Micro Incorporated and are registered in
some jurisdictions. All other product or company names may be trademarks
or registered trademarks of their owners.
10. License Agreement
========================================================================
View information about your license agreement with Trend Micro at:
https://www.trendmicro.com/en_us/about/legal.html
Third-party licensing agreements can be viewed:
- By selecting the "About" option in the application user interface
- By referring to the "Legal" page of the Administrator's Guide