<<<>>> Trend Micro Incorporated August 3, 2020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for Storage 6.0 English Version Critical Patch - Build 1268 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ==================================================== 1. Overview of this Critical Patch Release 1.1 Issues 1.2 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ==================================================== 1. Overview of this Critical Patch Release ======================================================================== 1.1 Issues ==================================================================== This hotfix resolves the following issue and includes the following enhancement: Issue: The ICAP server returns a 500 Server Error code to Nutanix when scanning certain zero size files. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix resolves this issue by updating the scanning process. Enhancement 1: This critical patch updates the Damage Cleanup Engine (DCE) engine files to remove certain vulnerabilities. Enhancement 2: This critical patch updates the Tmcomm engine files to remove certain vulnerabilities. 1.2 Files Included in this Release ===================================================================== A. Files for Current Issue --------------------------------------------------------------------- Module File Name Build No. ==================== ========= 32-bit Normal Server tsc.exe 7.5.0.1152 64-bit Normal Server tsc64.exe 7.5.0.1152 Information Server dce-exe-mssign-v75-1152.zip n/a dce-exe-mssign-x64-v75-1152.zip n/a tmcomm265-1020.zip n/a MCP CMAgent ProductLibrary.dll 6.00.0.1268 CMAgent.exe 6.00.0.1268 cgiCmdNotify.exe 5.0.0.2363 En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 1.1.1.0 libcurl.dll 7.66.0.0 libeay32.dll 1.0.2.20 ssleay32.dll 1.0.2.20 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlib.dll 1.2.3.0 B. Files for Previous Issues --------------------------------------------------------------------- Module File Name Build No. ==================== ========= 32-bit Normal Server AgentClient.dll 6.00.0.1268 Eng50.dll 6.00.0.1268 EventMsg2.dll 6.00.0.1268 LogDb.dll 6.00.0.1268 LogDbTool.dll 6.00.0.1268 LogMaster.dll 6.00.0.1268 Notification.dll 6.00.0.1268 NtApRPC.dll 6.00.0.1268 NtIcapServer.dll 6.00.0.1268 SpntSvc.exe 6.00.0.1268 StCommon.dll 6.00.0.1268 StOpp.exe 6.00.0.1268 StRpcSrv.dll 6.00.0.1268 TMNotify.dll 6.00.0.1268 SpntSvc.exe 6.00.0.1268 StUpdate.exe 6.00.0.1268 64-bit Normal Server AgentClient.dll 6.00.0.1268 Eng50.dll 6.00.0.1268 EventMsg2.dll 6.00.0.1268 LogDb.dll 6.00.0.1268 LogDbTool.dll 6.00.0.1268 LogMaster.dll 6.00.0.1268 Notification.dll 6.00.0.1268 NtApRPC.dll 6.00.0.1268 NtIcapServer.dll 6.00.0.1268 SpntSvc.exe 6.00.0.1268 StCommon.dll 6.00.0.1268 StOpp.exe 6.00.0.1268 StRpcSrv.dll 6.00.0.1268 TMNotify.dll 6.00.0.1268 SpntSvc.exe 6.00.0.1268 StUpdate.exe 6.00.0.1268 Information Server AgentClient.dll 6.00.0.1268 EarthAgent.exe 6.00.0.1268 Notification.dll 6.00.0.1268 Quarantine.exe 6.00.0.1268 StCommon.dll 6.00.0.1268 StUpdate.exe 6.00.0.1268 TMNotify.dll 6.00.0.1268 spuninst.exe 6.00.0.1268 Management Console Admin.exe 6.00.0.1268 Adm_enu.dll 6.00.0.1268 AgentClient.dll 6.00.0.1268 EventMsg2.dll 6.00.0.1268 MCP CMAgent ProductLibrary.dll 6.00.0.1268 CMAgent.exe 6.00.0.1268 cgiCmdNotify.exe 5.0.0.2363 En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 1.1.1.0 libcurl.dll 7.66.0.0 libeay32.dll 1.0.2.20 ssleay32.dll 1.0.2.20 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlib.dll 1.2.3.0 Patch Files Tmpatch.exe 2.2.0.1057 Setup.ini n/a Hotfix.ini n/a readme.txt n/a license.txt n/a 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ======================================================================== Install this critical patch only on endpoints protected by ServerProtect for Storage 6.0 EN Patch 1. You can download this patch from the following website: http://www.trendmicro.com/download 4. Installation ======================================================================== This section explains key steps for installing the critical patch. 4.1 Installing ===================================================================== To install: 1. Extract the contents of the "spfs_600_win_en_criticalpatch1268.zip" file to a temporary folder on the Information Server. 2. If your Information Server or Normal Server is running on Windows Server 2008 R2 or below, install "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update" on your Information Server or Normal Server before applying this patch. Download the Microsoft package from the following location: https://www.microsoft.com/en-us/download/details.aspx?id=26347 3. If needed, define the target server: a. Open the "hotfix.ini" file in the "filegroup1" folder using a text editor. b. In the "Common" section of "hotfix.ini", locate the "Server=Server_Name" string. c. Replace "Server_Name" with the target server name(s), separating multiple server names with a comma. NOTE: If "Server_Name" is left blank, the critical patch deploys to all Normal Servers managed by the Information Server. d. Save the changes and close the "hotfix.ini" file. 4. Close the Management Console. 5. Run "spfs_600_win_en_criticalpatch_b1268.exe" to copy the critical patch files to the correct destination. The License Agreement appears. 6. Read the License Agreement and click "OK" if you agree with the license conditions to finish the installation. NOTE: The setup will not continue if you do not agree to the setup license conditions. The critical patch files are automatically deployed to all scan servers managed by the Information Server. 7. If your Information Server manages Normal Server which is 32 bit OS, please open Management Console, click "Deploy Now" in Update panel to deploy "Anti-rootkit Driver(32 bit)" manually. To apply this critical patch to a management console that is not associated with the computer hosting the Information Server: 1. Apply the critical patch to the Information Server. 2. Close the management console. 3. Go to the management console home directory and backup the following files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4. On the Information Server, copy the following files from the Information Server home directory to the management console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4.2 Uninstalling ===================================================================== To roll back to the previous build: 1. On the Normal Server, run the following shell command to stop the Normal Server service: net stop spntsvc 2. On the Normal Server, rename the backup files in the ServerProtect home directory and use these to replace the current files. The names of the backup files have ".bak" in the extension. 3. If the Management Console is installed on the same server with the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1268\filegroup10" folder to the current directory. If the Management Console is not installed on the same server with the Information Server, open the Management Console's home directory, and then rename "Admin.exe.criticalpatch1268" to "Admin.exe" and rename "Adm_enu.dll.criticalpatch1268" to "Adm_enu.dll". 4. On the Information Server, run the following shell command to stop the Management Communication Protocol (MCP) CMAgent service: net stop ServerProtectCMAgent 5. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1268\filegroup100" folder to the ".\CMAgent" folder. 6. On the Information Server, run the following command to start the MCP CMAgent service: net start ServerProtectCMAgent 7. On the Normal Server, run the following command to start the Normal Server service: net start spntsvc 5. Post-installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ======================================================================== There are no known issues for this critical patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2020, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide