<<<>>> Trend Micro Incorporated August 27, 2020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) for Storage 6.0 English Version Critical Patch - Build 1270 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ==================================================== 1. Overview of this Critical Patch Release 1.1 Issues 1.2 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ==================================================== 1. Overview of this Critical Patch Release ======================================================================== 1.1 Issues ==================================================================== This critical patch resolves the following issue: Issue: The Active Update module is affected by certain vulnerabilities. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This critical patch updates the Active Update module to resolve the issue. 1.2 Files Included in this Release ===================================================================== A. Files for Current Issue --------------------------------------------------------------------- Module Filename Build No. ==================== ========= 32-bit Normal Server Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a 64-bit Normal Server Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a Information Server Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a B. Files for Previous Issues --------------------------------------------------------------------- Module Filename Build No. ==================== ========= 32-bit Normal Server AgentClient.dll 6.00.0.1270 Eng50.dll 6.00.0.1270 EventMsg2.dll 6.00.0.1270 LogDb.dll 6.00.0.1270 LogDbTool.dll 6.00.0.1270 LogMaster.dll 6.00.0.1270 Notification.dll 6.00.0.1270 NtApRPC.dll 6.00.0.1270 NtIcapServer.dll 6.00.0.1270 SpntSvc.exe 6.00.0.1270 StCommon.dll 6.00.0.1270 StOpp.exe 6.00.0.1270 StRpcSrv.dll 6.00.0.1270 TMNotify.dll 6.00.0.1270 SpntSvc.exe 6.00.0.1270 StUpdate.exe 6.00.0.1270 tsc.exe 7.5.0.1152 64-bit Normal Server AgentClient.dll 6.00.0.1270 Eng50.dll 6.00.0.1270 EventMsg2.dll 6.00.0.1270 LogDb.dll 6.00.0.1270 LogDbTool.dll 6.00.0.1270 LogMaster.dll 6.00.0.1270 Notification.dll 6.00.0.1270 NtApRPC.dll 6.00.0.1270 NtIcapServer.dll 6.00.0.1270 SpntSvc.exe 6.00.0.1270 StCommon.dll 6.00.0.1270 StOpp.exe 6.00.0.1270 StRpcSrv.dll 6.00.0.1270 TMNotify.dll 6.00.0.1270 SpntSvc.exe 6.00.0.1270 StUpdate.exe 6.00.0.1270 tsc.exe 7.5.0.1152 Information Server AgentClient.dll 6.00.0.1270 EarthAgent.exe 6.00.0.1270 Notification.dll 6.00.0.1270 Quarantine.exe 6.00.0.1270 StCommon.dll 6.00.0.1270 StUpdate.exe 6.00.0.1270 TMNotify.dll 6.00.0.1270 spuninst.exe 6.00.0.1270 dce-exe-mssign-v75-1152.zip n/a dce-exe-mssign-x64-v75-1152.zip n/a tmcomm265-1020.zip n/a Management Console Admin.exe 6.00.0.1270 Adm_enu.dll 6.00.0.1270 AgentClient.dll 6.00.0.1270 EventMsg2.dll 6.00.0.1270 MCP CMAgent ProductLibrary.dll 6.00.0.1270 CMAgent.exe 6.00.0.1270 cgiCmdNotify.exe 5.0.0.2363 En_BlobConvertUtility.dll 5.0.0.2363 En_I18N.dll 5.0.0.2363 En_Utility.dll 5.0.0.2363 libapr-1.dll 1.1.1.0 libcurl.dll 7.66.0.0 libeay32.dll 1.0.2.20 ssleay32.dll 1.0.2.20 SSO_PKIHelper.dll 5.0.0.2363 TrendAprWrapperDll.dll 5.0.0.2363 zlib.dll 1.2.3.0 Patch Files Tmpatch.exe 2.2.0.1057 Setup.ini n/a Hotfix.ini n/a readme.txt n/a license.txt n/a 2. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ======================================================================== Install this critical patch only on endpoints protected by ServerProtect for Storage 6.0 EN Patch 1. You can download this patch from the following website: http://www.trendmicro.com/download 4. Installation ======================================================================== This section explains key steps for installing the critical patch. 4.1 Installing ===================================================================== To install: 1. Extract the contents of the "spfs_600_win_en_criticalpatch1270.zip" file to a temporary folder on the Information Server. 2. If your Information Server or Normal Server is running on Windows Server 2008 R2 or below, install "Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package MFC Security Update" on your Information Server or Normal Server before applying this critical patch. Download the Microsoft package from the following location: https://www.microsoft.com/en-us/download/details.aspx?id=26347 3. If needed, specify the target server: a. Open the "hotfix.ini" file in the "filegroup1" folder using a text editor. b. In the "Common" section of "hotfix.ini", locate the "Server=Server_Name" string. c. Replace "Server_Name" with the target server name(s), separating multiple server names with a comma. NOTE: If "Server_Name" is left blank, the critical patch deploys to all Normal Servers managed by the Information Server. d. Save the changes and close the "hotfix.ini" file. 4. Close the Management Console. 5. Run "spfs_600_win_en_criticalpatch_b1270.exe" to copy the critical patch files to the correct destination. The License Agreement appears. 6. Read the License Agreement and click "OK" if you agree with the license conditions to finish the installation. NOTE: The setup will not continue if you do not agree to the setup license conditions. The critical patch files are automatically deployed to all scan servers managed by the Information Server. 7. If your Information Server manages a 32-bit Normal Server, open the Management Console and click "Deploy Now" in the "Update" panel to deploy "Anti-rootkit Driver(32 bit)" manually. To apply this critical patch to a management console that is not associated with the computer hosting the Information Server: 1. Apply the critical patch to the Information Server. 2. Close the management console. 3. Go to the management console home directory and backup the following files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4. On the Information Server, copy the following files from the Information Server home directory to the management console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4.2 Uninstalling ===================================================================== To roll back to the previous build: 1. On the Normal Server, run the following shell command to stop the Normal Server service: net stop spntsvc 2. On the Normal Server, rename the backup files in the ServerProtect home directory and use these to replace the current files. The names of the backup files have ".bak" in the extension. 3. If the Management Console is installed on the same server with the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1270\filegroup10" folder to the current directory. If the Management Console is not installed on the same server with the Information Server, open the Management Console's home directory, and then rename "Admin.exe.criticalpatch1270" to "Admin.exe" and rename "Adm_enu.dll.criticalpatch1270" to "Adm_enu.dll". 4. On the Information Server, run the following shell command to stop the Management Communication Protocol (MCP) CMAgent service: net stop ServerProtectCMAgent 5. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1270\filegroup100" folder to the ".\CMAgent" folder. 6. On the Information Server, run the following command to start the MCP CMAgent service: net start ServerProtectCMAgent 7. On the Normal Server, run the following command to start the Normal Server service: net start spntsvc 5. Post-installation Configuration ======================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ======================================================================== There are no known issues for this critical patch release. 7. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2020, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide