<<<>>> Trend Micro Incorporated December 22, 2021 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for Storage 6.0 Patch 2 - Build 1304 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates. GM release documentation: http://docs.trendmicro.com Patch/SP release documentation: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents =================================================================== 1. About Trend Micro ServerProtect for Storage 6.0 1.1 Overview of this Release 1.2 Who Should Install this Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation/Uninstallation 5.1 Installation 5.2 Uninstallation 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in this Release 10. Contact Information 11. About Trend Micro 12. License Agreement =================================================================== 1. About Trend Micro ServerProtect for Storage 6.0 ====================================================================== ServerProtect for Storage 6.0 is an enhanced version of ServerProtect developed exclusively to provide antivirus solutions for NetApp devices, EMC Celerra, VNX/VNXe series and storage devices supporting Internet Content Adaptation Protocol (ICAP) antivirus scanner. 1.1 Overview of this Release =================================================================== This Patch includes all modifications released since ServerProtect for Storage 6.0 General Release Build 1095. 1.2 Who Should Install this Release =================================================================== You should install this patch if you are currently running ServerProtect for Storage 6.0. 2. What's New ====================================================================== Note: Please install this patch before completing any procedures in this section (see "Installation"). 2.1 Enhancements =================================================================== The following enhancements are included in this release: Enhancement 1: [SEG-32649][Hotfix 1214 JP] Information Server - This patch enables the Information Server to verify the version information of any Management Console that attempts to connect to it. This helps ensure that the correct Management Console version connects to the Information Server. NOTE: If your Management Console is not installed in the same path as the Information Server, please refer to Section 5.1 Installation for the steps to replace files for the Management Console. Enhancement 2: [SEG-32649][Hotfix 1214 JP] Management Console - This patch enables the Information Server to display its version information in the Management Console middle tree control list by default. NOTE: The Management Console will be able to connect only to an Information Server with the same version. Enhancement 3: [SEG-32258][Hotfix 1214 JP] CMAgent - This patch enables CMAgent to keep its previous status (registered/unregistered) after a hotfix is applied. Enhancement 4: [SEG-40399][Hotfix 1224 JP] Manual/Scheduled Scan - This patch adds an alert log for instances when the last manual scan or task scan did not complete normally. Enhancement 5: [SEG-42430][Hotfix 1227 JP] ICAP scan - This patch removes the file name validation in ICAP mode. Enhancement 6: [VRTS-3827][VRTS-5859][VRTS-6664] [Critical Patch 1256 EN][Critical Patch 1284 EN] This patch resolves some vulnerabilities. Enhancement 7: [SEG-78499][Hotfix 1266 JP] Storage Scan - This patch improves the scan performance by allowing users to set the maximum number of threads for sending scan results to each storage device. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 7: To configure this option: 1. Install this patch (see "Installation"). 2. Open a registry editor on the Normal Server. 3. Add the following key and set it to the preferred maximum number of threads. Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\Engine\ Filers Key: SendResultThreadsNumberForEachFiler Type: DWORD Value: maximum number of threads, the default value is "1", supports any integer from 1 to 64. 4. Restart the Normal Server. Enhancement 8: [VRTS-4737][VRTS-6226][Critical Patch 1268 EN] Damage Cleanup Engine - This patch updates the Damage Cleanup Engine (DCE) engine files to remove certain vulnerabilities. Enhancement 9: [VRTS-4600][Critical Patch 1268 EN] Tmcomm Engine - This patch updates the Tmcomm engine files to remove certain vulnerabilities. Enhancement 10: [SEG-27595][SPNT Hotfix 1518 JP] Management Console - This patch enables ServerProtect to use an ellipsis (...) when displaying server names that are too long in logs. Enhancement 11: [SEG-60808][SPNT Critical Patch 1548 EN] ActiveUpdate - This patch enables ServerProtect to use HTTPS for component updates by Active Update. Refer to the following KB for information on how to configure customized security options: https://success.trendmicro.com/solution/000253323 Enhancement 12: [SEG-48873][SPNAF Hotfix 1269 EN] Scan Fail Log - This patch enables the Normal Server to generate scan fail logs for Manual/Scheduled Scan, Real-time Scan and Netapp Storage Scan. Enhancement 13: [SEG-66143][SPNAF Service Pack 1 Patch 2 1281 EN] ActiveUpdate - This patch enables the network send/receive timeout configuration for ActiveUpdate. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 13: To configure this feature: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add the following key in the Information Server: 32-bit Operating System: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\ InformationServer 64-bit Operating System: Path: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ TrendMicro\ServerProtect\CurrentVersion\ InformationServer Key: AUNetworkTimeout Type: String(REG_SZ) Value: timeout value (Seconds) Enhancement 14: [SEG-66143][SPNAF Service Pack 1 Patch 2 1281 EN] ActiveUpdate - This patch enables the network connection timeout configuration for ActiveUpdate. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 14: To configure this feature: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add the following key in the Information Server: 32-bit Operating System: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\ InformationServer 64-bit Operating System: Path: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\ TrendMicro\ServerProtect\CurrentVersion\ InformationServer Key: AUConnectTimeout Type: String(REG_SZ) Value: timeout value (Seconds) Enhancement 15: [SEG-122871] Debug Log - This patch removes some strings that contain password information from the debug log. Enhancement 16: [SEG-123670] Normal server Dump generation - This patch adds dump generation feature when Normal Server crashes. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 16: To enable this behavior: 1. Install this patch (see "Installation"). 2. Open the Registry Editor. 3. Add the following keys: Path: LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\ SpntService Key: EnableDumpGeneration Type: REG_DWORD Value: The default value is "0", which disables dump generation. Setting this key to "1" enables dump generation. Key: DumpPath Type: REG_SZ Value: Dump generation path (eg."C:\DumpFiles") 4. Restart the Normal Server service. NOTES: 1. The feature works only when both keys are set. 2. "DumpPath" should be set to an existing path. Enhancement 17: [SEG-123670][SEG-127109] Log Database File - This patch enables ServerProtect to send a Windows event log notification when the log database file behaves abnormally. Enhancement 18: [SEG-123138] ActiveUpdate - This patch updates the error string in the Message Box an engine or pattern file update fails. 2.2 Resolved Known Issues =================================================================== This patch resolves the following issues: Issue 1: [SEG-28895][Hotfix 1205 EN] The Message Box notifications is disabled since Microsoft(TM) Windows(TM) Server 2008. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This patch replaces the "NetMessageBufferSend" function with Windows Terminal Services (WTS) API to re-enable Message Box notifications on Windows Server 2008 and any later versions. Please refer to the following KB link for more details on how to use this feature: https://success.trendmicro.com/solution/1120585 Issue 2: [SEG-34307][Hotfix 1214 JP] Sometimes, the SPNTSVC process stops unexpectedly because of an invalid memory access issue in "tmnotify.dll". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This patch resolves the issue by preventing the invalid memory access issue. Issue 3: [SEG-38240][Hotfix 1216 JP] Sometimes, the "Message-ID" column in notification email messages display duplicate message IDs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This patch resolves the issue by ensuring that ServerProtect for Storage generates and assigns unique message IDs. Issue 4: [SEG-39038][Hotfix 1218 EN] When users choose to deploy only pattern updates from the Information Server to the Normal Server, the pattern version in the "ISTag" key of the corresponding ICAP response is not updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This patch ensures that the ICAP server responds with the correct pattern version in the "ISTag" key under the scenario described above. Issue 5: [SEG-37036][Hotfix 1220 JP] ServerProtect for Storage cannot deploy pattern files if there is "Program" file under the C drive. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This patch resolves the issue by ensuring that ServerProtect for Storage could deploy pattern files successfully. Issue 6: [SEG-43807][Hotfix 1226 EN] CMAgent sends incorrect operating system information to Trend Micro Control Manager(TM) when the current operating system is Windows Server 2019. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This patch makes sure that CMAgent submits the correct operating system information. Issue 7: [SEG-42430][Hotfix 1227 JP] The ICAP Scanner of ServerProtect for Storage sometimes cannot extract the correct file name when the full file path contains Japanese characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This patch ensures that ServerProtect for Storage extracts the filenames correctly. Issue 8: [SEG-52883][Hotfix 1243 EN] Sometimes, file scan fails on Network Appliance Cluster-Mode devices when the server name for ServerProtect for Storage contains lowercase letters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This patch ensures that file scans are successful even when the server name for ServerProtect for Storage contains lowercase letters. Issue 9: [SEG-45992][Hotfix 1243 EN] A "The specified network password is not correct" error appears when users add devices with long domain names on the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This patch resolves this issue by extending the size of the array that holds domain names. Issue 10: [SEG-49268][Hotfix 1243 EN] In "keep-alive" mode, ServerProtect for Storage may respond with an "ICAP/1.0 501 Not implemented" message even when the error occurred in the previous ICAP request. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This patch enables ServerProtect for Storage to close the TCP connection after it sends the ICAP error code response. Issue 11: [SEG-67526][Critical Patch 1256 EN] The Normal Server uninstallation mechanism does not notify the Information Server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This patch ensures that the Information Server is always notified of Normal Server uninstallation. Issue 12: [SEG-70066][Hotfix 1259 EN] The Normal Server notifies the EMC storage to flush old pattern or engine files even if the pattern or engine was not be updated. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This patch ensures that the Normal Server notifies the EMC storage to flush old pattern or engine files only after a successful pattern or engine update. Issue 13: [SEG-82190][Critical Patch 1268 EN] The ICAP server returns a "500 Server Error" code to Nutanix when scanning certain zero size files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: This patch resolves this issue by updating the scanning process. Issue 14: [VRTS-4962][Critical Patch 1270 EN] The ActiveUpdate module is affected by certain vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: This patch updates the ActiveUpdate module to resolve the issue. Issue 15: [SEG-91075][Hotfix 1273 EN] A stack overflow issue causes the spntsvc service to stop unexpectedly and prevents it from restarting. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: This patch resolves the stack overflow issue. Issue 16: [SEG-98502][Hotfix 1279 EN] Sometimes, the following error displays after users click the "Download Now" icon on the Management Console. "Failed to complete this operation. Your file waiting to be printed was deleted." ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: This patch resolves this issue by enabling ServerProtect to dynamically load the "TmUpdate.dll" ActiveUpdate library. Issue 17: [SEG-98747][Hotfix 1279 EN] Sometimes, when a pattern or engine update runs during a scheduled scan or manual scan, and fails, some related files remain locked. This can cause the Normal Server to stop responding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: This patch resolves this issue by enabling ServerProtect to release locked resources completely after a pattern or engine update fails. Issue 18: [SEG-100881][Hotfix 1279 EN] Virus infection logs are not recorded in the Windows Event log for the ICAP Scanner of ServerProtect for Storage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: This patch ensures that virus infection logs are recorded in the Windows Event log for the ICAP Scanner. Issue 19: [SEG-105031][Critical Patch 1284 EN] Sometimes, users cannot successfully add a freshly-installed Normal Server to an Information Server with a higher version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: This patch resolves this issue. Issue 20: [SEG-107349][Critical Patch 1284 EN] Sometimes, the Normal Server cannot start because the DCE runs for too long after the system restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: This patch resolves this issue by setting a time-out value for waiting for the DCE to complete its run after the system restarts. Issue 21: [SEG-114346][Critical Patch 1284 EN] Sometimes, RPC scan results are not sent to NetApp ONTAP Antivirus Connector when there are too many scan requests. Some of the scan requests remain in the scan queue until time-out. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: This patch ensures that all the scan results are sent to NetApp ONTAP Antivirus Connector. Issue 22: [SEG-32642][SPNT Hotfix 1518 JP] When the Information Server's home path is added to the scan exclusion folder, it will be deleted unexpectedly after ServerProtect downloads a component update. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: This patch ensures that the Information Server's home path is not deleted unexpectedly from the scan exclusion folder while ServerProtect downloads component updates. Issue 23: [SEG-45591][SPNT Hotfix 1521 JP] When the Information Server password is longer than 16 character, silent installation fails. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: This patch ensures that silent installation runs normally under the scenario described above. Issue 24: [SEG-51168][SPNT Hotfix 1528 JP] The status of a Normal Server appears as "service stop" on the Control Manager web console but the ServerProtect web console indicates that the Normal Server is working normally. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: This patch resolves the issue by adding a validity check when the MCP CMAgent receives the response for the CMD_REGISTER command from the Information Server. Issue 25: [SPFS-247][SPNAF Service Pack 1 Patch 2 1281 EN] The Information Server version disappears from the Management Console after the Information Server restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: This patch resolves this issue by enabling the Management Console to refresh the version information after the Information Server restarts. Issue 26: [SEG-86584][SPNAF Hotfix 1294 EN] Sometimes, the spntsvc service stops unexpectedly. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: This patch resolves this issue. Issue 27: [SEG-127881] CMAgent sends incorrect operating system information to Control Manager when the current operating system is Windows Server 2022. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 27: This patch makes sure that CMAgent submits the correct operating system information. Issue 28: [SEG-127460] Sometimes, the Management Console stops unexpectedly when it receives certain illegal messages. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 28: This patch resolves the issue by adding some validity checks to ensure that the Management Console can handle these messages. 3. Documentation Set ====================================================================== In addition to this Readme file, the documentation set for this product includes the following: - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining ServerProtect for Storage. To access the Online Help, go to http://docs.trendmicro.com - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get ServerProtect for Storage "up and running". - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to "http://esupport.trendmicro.com" 4. System Requirements ====================================================================== Refer to the ServerProtect for Storage 6.0 readme file for the complete list of system requirements. 5. Installation/Uninstallation ====================================================================== 5.1 Installation =================================================================== To apply this Patch from the same computer as the Information Server: 1. Close the Management Console. If this is not running at the time of installation, proceed with the next step. 2. If your Information Servers are running on Windows Server 2008 R2 or below, install the x86 version of "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update" on your Information Servers before applying this patch. Download the Microsoft package from the following location: https://www.microsoft.com/en-us/download/details.aspx?id=26347 3. If your Normal Servers are running on Windows Server 2008 R2 or below, install "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update" on your Normal Servers before applying this patch. The package version depends on the version of the Microsoft Windows Server. 4. Copy the "spfs_600_win_en_patch2_b1304.exe" patch installation file to a temporary folder. 5. Run the Patch file. The license screen appears. 6. If you disagree with the terms of the legal agreement, choose the "I do not agree with the terms of the legal agreement." option and click "Cancel" to abort the installation. Otherwise, choose the "I accept the terms of the legal agreement" and click "Next". The "readme" appears. NOTE: The Information Server deploys the Patch to Normal Servers 30 seconds after the installation is completed and restarts the ServerProtect services. If the installation does not complete successfully, contact Trend Micro technical support. 7. If your Information Server manages a Normal Server that is in a 32-bit OS, open the Management Console, click "Deploy Now" in the "Update" panel to deploy "Anti-rootkit Driver(32 bit)" manually. To apply this Patch to a Management Console that is not associated with the computer hosting the Information Server or is not installed in the same folder with the Information Server: 1. Apply the Patch to the Information Server. 2. Close the Management Console. 3. Go to the Management Console home directory and backup the following files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL - ADMIN.INI 4. On the Information Server, copy the following files from the Information Server home directory to the Management Console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 5. Go to the Management Console home directory, add the following key under the section "[ADMINServer]" of the file ADMIN.INI if this key does not exist. If this key exists but its value is not "1", please change its value to "1". ShowISVersion=1 5.2 Uninstallation =================================================================== To roll back to the previous build: 5.2.1 Uninstallation of Information Server and Normal Server ------------------------------------------------------------------- 1. On the Normal Server, run the following Shell command to stop the Normal Server service: net stop spntsvc 2. On the Information Server, run the following Shell command to stop the Information Server service: net stop earthagent 3. On the Information Server, run the following Shell command to stop the CMAgent service: net stop ServerProtectCMAgent 4. On the Normal Server, rename the backup files in the ServerProtect home directory and use them to replace the current files. The names of the backup files have "bak" in the extension. 5. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\patch2\ filegroup10" folder to the current directory. 6. On the Information Server, open CMAgent's home directory and copy the files from the "..\backup\patch2\filegroup100" folder to the current directory. 7. On the Information Server, a. Open "Agent.ini" in CMAgent's home directory. b. Set the "Agent_BuildNumber" key in the "Common" section to the previous version. c. Set the "Agent_Version" key in the "Common" section to the previous version. d. Open "Product.ini" in CMAgent's home directory. e. Set the "UpdateInfo" key in the "Product_Info" section to 1. f. Set the "MenuVersion" key in the "Product_Info" section to the previous version. The previous version can be verified in the following file: .\backup\patch2\filegroup100\ProductUI.zip\ProductInfo.xml 8. On the Normal Server, run the following command to start the Normal Server service: net start spntsvc 9. On the Information Server, run the following command to start the Information Server service: net start earthagent 10.On the Information Server, run the following command to start the CMAgent service: net start ServerProtectCMAgent 5.2.2 Uninstalling the Management Console ------------------------------------------------------------------- NOTE: It is not necessary to roll back the Management Console separately. You should roll back the Management Console only when it is not installed on the same machine as the Information Server or when it is not installed in the same folder as the Information Server. 1. On Management Console, open the backup directory of the following files in the installation section: - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL - ADMIN.INI 2. Copy the files in the list above to the management console home directory to overwrite the local files. 6. Post-Installation Configuration ====================================================================== No special post-installation steps are required. NOTE: Trend Micro recommends updating all components immediately after installing the product. 7. Known Issues ====================================================================== Here are the known issues in this release: 7.1 When the delete file feature for HDI storage is enabled, it is possible for a user to access a file before the file is deleted from HDI. =================================================================== ServerProtect for Storage implements this feature after the Real-time Scan Callback function. Since the Callback function is called asynchronously after the scan completes, there is a time gap (shorter than 500ms during testing) between the HDI allowing file access and deleting the file from HDI. Users are able to access files that are to be deleted during the time gap. 7.2 When the delete file feature for HDI storage is enabled, files in HDI may not be deleted successfully if another user is accessing it. =================================================================== Related to Known Issue 7.4, if ServerProtect for Storage deletes files on HDI storage while someone is accessing the file, the file may not be deleted successfully. 7.3 When the delete file feature for HDI storage is enabled, files in HDI may not be deleted successfully if the same files are copied to HDI again within a short period of time. =================================================================== Because of the Windows SMB cache, when the same file is copied to an HDI storage again within a short time, Hitachi Server Protect Agent (HSPA) will not process the file and does not trigger the delete action. Refer to the following KB to disable all three kinds of caches to work around this known issue: https://docs.microsoft.com/en-us/previous-versions/windows/ it-pro/windows-7/ff686200(v=ws.10) 7.4 When the delete file feature for HDI storage is enabled and users copy a large number of files to HDI, some of the files that are to be deleted are left on the HDI storage. =================================================================== This is because HSPA misses some files while copying a large number of files to HDI, which prevents ServerProtect from scanning any missing file and triggering the delete action. This issue can be fixed by adding more servers where HSPA is installed to balance the load. 7.5 When the delete file feature for HDI storage is enabled, target files may still be copied from HDI before being deleted. =================================================================== Since HDI does not block the file access before HSPA touches files, there is a short period of time when the files that are to be deleted can still be copied. This issue can be fixed by configuring the "Deny access" setting to "Procedure if scanning fails" under the HDI Scanner servers Escan condition. 8. Release History ====================================================================== Previous releases include the following: - ServerProtect for Storage 6.0 Patch 1, June 19, 2018 - ServerProtect for Storage 6.0, July 13, 2015 8.1 Patch 1 =================================================================== 8.1.1 Enhancements =================================================================== The following enhancements are included in Patch 1: Enhancement 1: [Hotfix 1107 EN] Asynchronous input/output has been implemented to improve the accepting thread for ICAP servers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 1: To configure the maximum number of threads that can be handled by the accepting thread: 1. Open a registry editor on the Normal Server. 2. Add the following key and set its value to "4": Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\Engine\ IcapSetting Key: AcceptorHandlerThreadsNumber Type: DWORD Value: The default value is 4, but it is sufficient to improve the performance of the accepting thread. 3. Restart the Normal Server service. Enhancement 2: [Hotfix 1124 EN] The ICAP Scanner in ServerProtect for Storage 6.0 now supports ICAP REQMOD requests. The service name for REQMOD requests is "SPFS-AV-REQ" and should be in the following URI format: icap://[IP][:PORT]/SPFS-AV-REQ Enhancement 3: [Hotfix 1135 EN] ServerProtect for Storage 6.0 now displays the long virus names instead of the short virus names. Enhancement 4: [Critical Patch 1164 EN] A special antivirus program compatibility registry key has been added to the Normal Server and Information Server. Microsoft checks for this special registry key value on the computer before running the next Security Update for Windows. Microsoft KB4056892 was released on January 4, 2018 and requires the new registry key be installed before you can apply the update. For more information about Microsoft KB4056892, refer to the following link: https://support.microsoft.com/en-us/help/4056892/ windows-10-update-kb4056892 This registry is created automatically each time spntsvc restarts even after this key has been deleted. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 4: To disable this behavior: 1. Open the Registry Editor. 2. Add the following key: Key="HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\SpntService" Name="DisableSUVPCompat" Type="REG_DWORD" Value="0x00000001" Enhancement 5: [Hotfix 1178 EN] ServerProtect for Storage can now locate and delete files on HDI storage by true file type. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 5: To enable ServerProtect for Storage to locate and delete files on HDI storage by true file type: 1. On the Normal Server: For 64-bit operating systems, open ".\Trend\SProtect\x64\TFTD.ini". For 32-bit operating systems, open ".\Trend\SProtect\TFTD.ini". 2. Locate "EnableDeleteAction" and set it to "1". NOTE: Set "EnableDeleteAction=0" to disable the feature. 3. Set the HDI server count in the "Count" key under the "ServerList" section. 4. Set HDI server information in the "Server1" key under the "ServerList" section. NOTE: To add more than one HDI servers, set the information in "Server2" and so on. 5. Set the true file type count in the "Count" key under the "TrueFileTypeList" section. 6. Set the true file type value in the "FileType1" key. NOTE: To add more than one true file type, set the information in "FileType2" and so on. The true file type value table is defined in "TFTD.ini". Enhancement 6: [Hotfix 1179 EN] Users can now set the sleep time between scanning each folder during a manual scan or scheduled scan. Adjusting this time interval can help balance ServerProtect for Storage's CPU usage with its scan speed. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 6: To set the sleep time between scanning each folder during a manual scan or scheduled scan: 1. Open a registry editor on the Normal Server. 2. Add the following key and set the time interval in milliseconds: Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\SpntService Key: ManualScanWaitTime Type: DWORD Value: The default value is "0", the unit is milliseconds 3. Restart the Normal Server service. Enhancement 7: [SPNT Hotfix 1494 EN] After updating MCP SDK to version 5.0.0.2270, ServerProtect for Storage provides many cipher suites when starting an HTTPS connection. Enhancement 8: [Patch 1 1194 EN] Virus Scan Engine (user mode) has been updated to version 10.000.0.1040 to support more true file type detections. Enhancement 9: [Patch 1 1194 EN] The ICAP client now sends requests without passing the file size by "Content-Length" header or ICAP_HEAD_X_SCAN_FILE_LENGTH. Enhancement 10: [Patch 1 1194 EN] Some ICAP debug level logs have been adjusted to error level logs. Enhancement 11: [Patch 1 1194 EN] ServerProtect for Storage now downloads and deploys Virus Scan Engine (user mode) from the ActiveUpdate server. Enhancement 12: [Patch 1 1194 EN] ServerProtect for Storage can now be configured to exclude processes during real-time scanning. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 12: To configure the Exclude Process List: 1. Open the Registry Editor. 2. Add the following key: Path: "HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\Engine\ Exception" Key: ProcessList Type: Multi-String Value Value: add the process full path to this ProcessList 3. Restart the Normal Server Service "Spntsvc". Enhancement 13: [Patch 1 1194 EN] ServerProtect for Storage now shows the ellipsis sign (...) in server names that are too long in logs. 8.1.2 Resolved Known Issues =================================================================== The following known issues are resolved in Patch 1: Issue 1: [Hotfix 1099 EN] ServerProtect for Storage 6.0 cannot establish connections when it receives 215 or more connection requests within a short period of time. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: ServerProtect for Storage 6.0 now processes connection requests faster to ensure that it can handle up to 500 connection requests received within a short period of time. Issue 2: [Hotfix 1120 EN] A previous hotfix changed the IP string format. As a result, ServerProtect for Storage cannot perform ICAP client validation by IP address. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: ServerProtect for Storage can now perform ICAP client validation by IP address successfully. Issue 3: [Hotfix 1120 EN] If the ServerProtect Normal Server with ICAP mode is installed on the Japanese version of the Windows server, Japanese characters appear in the "Date" header of ICAP responses. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: Japanese characters no longer appear in ICAP responses under the scenario described above. Issue 4: [Hotfix 1126 EN] When the C-mode Filer has been removed or unregistered from ServerProtect for Storage but the scanner server is still configured in the C-mode Filer, AV-Connect will still send scan requests to ServerProtect for Storage. As a result, the C-mode Filer may stop responding. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: The RPC Scanner in ServerProtect for Storage now rejects requests from the AV-Connector if the filer has been removed or unregistered from ServerProtect for Storage. Issue 5: [Hotfix 1126 EN] When the first action fails, the second action does not appear in email virus notifications. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: The action description in email virus notifications are now consistent with the information in the corresponding log records. Issue 6: [Hotfix 1133 EN] The ICAP Scanner records a large number of compress violation logs as virus logs, which makes it difficult for users to manage virus logs. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: The ICAP Scanner no longer records compress violation logs as virus logs. If any file in a compressed file is skipped during a scan because of a compress scan policy in ICAP Scanner, the ICAP scanner will record a warning event log. By default, ServerProtect will send these warning event logs to users, but users can prevent ServerProtect from sending these logs through the registry. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Procedure 6: To prevent ServerProtect from sending these warning event logs: 1. Open a registry editor on the Normal Server. 2. Add the following key and set its value to "1": Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\ ServerProtect\CurrentVersion\Engine\ IcapSetting Key: DisableCompressWanLog Type: DWORD Value: 1 NOTE: To receive the logs again, set the key to "0". 3. Restart the Normal Server. Issue 7: [Hotfix 1145 EN] When ServerProtect for Storage 6.0 is installed on Windows Server 2016, the wrong platform version appears on the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: The correct platform version now appears on the Management Console. Issue 8: [Hotfix 1145 EN] When ServerProtect for Storage 6.0 is installed on Windows Server 2016 and registered to Control Manager, the wrong operating system information appears on the Control Manager console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: The correct operating system information now appears on the Control Manager console. Issue 9: [Hotfix 1147 EN] When ServerProtect for Storage 6.0 runs, the "SPNTSVC.exe" process goes up to over 90% of CPU utilization, and it remains at that level. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: The CPU usage of the "SPNTSVC.exe" process has been reduced to ensure that the program works normally. Issue 10: [Hotfix 1148 EN] When ServerProtect for Storage 6.0 is running, the file name with a leading space is sent to the scanner through a scan request, and the scanner returns a "400 bad request" response to HNAS. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: The scanner now treats the request as a normal scan request. Issue 11: [Hotfix 1150 EN] When ServerProtect for Storage 6.0 restarts, the corresponding item on the Control Manager console appears yellow and does not go back to green until after the Trend Micro Management Communication Protocol (MCP) Control Manager Agent (CMAgent) service has restarted again. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: The Information Server now restarts before the MCP CMAgent so that ServerProtect for Storage 6.0 appears in green on the Control Manager console after it restarts. Issue 12: [Hotfix 1152 JP] Under certain conditions, a heap corruption issue triggers the Japanese version of ServerProtect for Storage 6.0 to stop unexpectedly while its spntsvc service attempts to send an email notification. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: ServerProtect for Storage now allocates enough memory to operate to prevent the heap corruption issue so it can send out email notifications normally. Issue 13: [Hotfix 1154 JP] Before scanning a compressed file, ServerProtect first determines whether the file can be scanned or not by checking if the contents exceed the maximum size configured by the user. There is no limit to the value that users can set the maximum content size to on the Management Console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 13: The Management Console no longer allows users to set the maximum content size to any value larger than 2 GB. Issue 14: [Hotfix 1158 EN] In ICAP mode, the ICAP server returns a code "400 bad request" error if it receives an ICAP request containing a file name with illegal characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 14: The workflow has been updated to enable ServerProtect for Storage to create a temporary file after receiving an ICAP request to make sure that the ICAP server works normally when the request contains a file name with illegal characters. Issue 15: [Hotfix 1158 EN] In ICAP mode, the ICAP server returns a code "400 bad request" error if it receives an ICAP request with certain file names from an ICAP client. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 15: The workflow for extracting file names from ICAP requests has been updated to ensure that file names are extracted correctly. Issue 16: [Hotfix 1158 EN] When an ICAP client uses an HTTP persistent connection in ICAP mode, the ICAP server closes the connection to this ICAP client after it sends a "400 bad request" response to the ICAP client. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 16: The ICAP server now closes the connection to an ICAP client on an HTTP persistent connection in ICAP mode only after it sends a "408 request timeout" response to the ICAP client. Issue 17: [Hotfix 1160 EN] When ServerProtect for Storage receives a large number of RPC scan requests during a pattern update, the RPC scan threads might stall and running scans may fail. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 17: A read-write lock has been added for pattern operations to help ensure that scans proceed normally during pattern updates. Issue 18: [Hotfix 1163 JP] When ServerProtect for Storage scans files in a C-mode filer, it will request to set up an SMB session each time it opens a file. As a result, it takes longer to scan files in C-mode filers. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 18: All scan threads now establish a persistent network connection for every C-mode filer address sent from the AV connector. This eliminates the need to set up an SMB session each time ServerProtect for Storage opens a file in a C-mode filer for scanning. Issue 19: [Hotfix 1169 EN] The CMAgent stops responding when it receives certain abnormal commands. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 19: CMAgent can now handle these abnormal commands. Issue 20: [SPNT Hotfix 1465 EN] An issue prevents the exclusion extensions setting from working normally after the Normal Server restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 20: The issue has been resolved to ensure that the exclusion extensions setting works normally. Issue 21: [SPNT Hotfix 1467 JP] The CMAgent for ServerProtect may stop unexpectedly while running vulnerability scanner tools. This happens if the CMAgent receives unexpected data from any of the vulnerability scanner tools which then trigger an exception error. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 21: The ServerProtect CMAgent can now handle the exception, which helps prevent it from stopping unexpectedly when it receives unexpected data from vulnerability scanner tools. Issue 22: [SPNT Hotfix 1468 JP] The ServerProtect CMAgent stops unexpectedly after starting simultaneously with Control Manager. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 22: The ServerProtect CMAgent now works normally. Issue 23: [SPNAF Hotfix 1244 JP] The "spntsvc.exe" service may stop unexpectedly while attempting to free the "NtApRpc.dll" library when the RPC scan threads are handling scan requests. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 23: ServerProtect now forces RPC scan threads to exit in time when the"spntsvc.exe" service frees the "NtApRpc.dll" library. Issue 24: [Patch 1 1194 EN] In email notifications of the ICAP storage, the "Infection Source" section shows the Normal Server's computer name. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 24: The "Infection Source" field now displays the IP address of the storage server. Issue 25: [Patch 1 1194 EN] In log records of the ICAP storage, the "Infection Source" section shows "None", and the "User" section shows the IP address of the storage server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 25: The "Infection Source" field now shows the IP address of the storage server while the "User" field shows the IP address of the storage server in log records of the ICAP storage. Issue 26: [Patch 1 1194 EN] Control Manager 7.0 cannot manually download the patchagent for ServerProtect for Storage. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 26: The patchagent information has been added to the profile that is sent to Control Manager. 9. Files Included in this Release ====================================================================== Module Filename Build No. ------------------------------------------------------------------- 32-bit Normal Server AgentClient.dll 6.00.0.1304 SpntSvc.exe 6.00.0.1304 NtIcapServer.dll 6.00.0.1304 EventMsg2.dll 6.00.0.1304 StRpcSrv.dll 6.00.0.1304 StCommon.dll 6.00.0.1304 LogMaster.dll 6.00.0.1304 NtApRPC.dll 6.00.0.1304 LogViewer.exe 6.00.0.1304 DCE.dll 6.00.0.1304 Notification.dll 6.00.0.1304 eng50.dll 6.00.0.1304 StUpdate.exe 6.00.0.1304 HDITakeAction.exe 6.00.0.1304 VSAPI32.dll 10.000.0.1040 log.conf n/a TFTD.ini n/a LogDb.dll 6.00.0.1304 LogDbTool.dll 6.00.0.1304 StOpp.exe 6.00.0.1304 TMNotify.dll 6.00.0.1304 tsc.exe 7.5.0.1178 Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.22.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a spuninst.exe 6.00.0.1304 SPCommonLog.dll 6.00.0.1304 SPLog.conf n/a log4cxx.dll 0.10.0.1 SP5NSLst.ini n/a 64-bit Normal Server AgentClient.dll 6.00.0.1304 SpntSvc.exe 6.00.0.1304 NtIcapServer.dll 6.00.0.1304 EventMsg2.dll 6.00.0.1304 StRpcSrv.dll 6.00.0.1304 StCommon.dll 6.00.0.1304 LogMaster.dll 6.00.0.1304 NtApRPC.dll 6.00.0.1304 LogViewer.exe 6.00.0.1304 DCE.dll 6.00.0.1304 Notification.dll 6.00.0.1304 eng50.dll 6.00.0.1304 StUpdate.exe 6.00.0.1304 StUpdate_32.exe 6.00.0.1304 HDITakeAction.exe 6.00.0.1304 VSAPI32.dll 10.000.0.1040 VSAPI64.dll 10.000.0.1040 log.conf n/a TFTD.ini n/a LogDb.dll 6.00.0.1304 LogDbTool.dll 6.00.0.1304 StOpp.exe 6.00.0.1304 TMNotify.dll 6.00.0.1304 tsc.exe 7.5.0.1178 tsc64.exe 7.5.0.1178 Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.22.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a spuninst.exe 6.00.0.1304 SPCommonLog.dll 6.00.0.1304 SPLog.conf n/a log4cxx.dll 0.10.0.1 SP5NSLst.ini n/a Information Server EarthAgent.exe 6.00.0.1304 DeployTool.exe 6.00.0.1304 Notification.dll 6.00.0.1304 AgentClient.dll 6.00.0.1304 Quarantine.exe 6.00.0.1304 StCommon.dll 6.00.0.1304 StUpdate.exe 6.00.0.1304 TMNotify.dll 6.00.0.1304 spuninst.exe 6.00.0.1304 dce-exe-mssign-v75-1178.zip n/a dce-exe-mssign-x64-v75-1178.zip n/a tmcomm265-1020.zip n/a Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.22.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a 0x0409.ini n/a data1.cab n/a data1.hdr n/a data2.cab n/a ISSetup.dll 24.0.0.438 layout.bin n/a setup.exe 6.0.0.0 setup.inx n/a setup.iss n/a SP5NSLst.ini n/a Management Console Admin.exe 6.00.0.1304 Adm_enu.dll 6.00.0.1304 AgentClient.dll 6.00.0.1304 EventMsg2.dll 6.00.0.1304 spuninst.exe 6.00.0.1304 MCP CMAgent ProductLibrary.dll 6.00.0.1304 CMAgent.exe 6.00.0.1304 ProductUI.zip n/a cgiCmdNotify.exe 5.0.0.2363 En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 1.1.1.0 libcurl.dll 7.66.0.0 libeay32.dll 1.0.2.20 ssleay32.dll 1.0.2.20 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlib.dll 1.2.3.0 Patch Files Tmpatch.exe 2.2.0.1057 Setup.ini n/a Hotfix.ini n/a readme.txt n/a license.txt n/a 10. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2021, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, Control Manager, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide