<<<>>> Trend Micro Incorporated August 9, 2021 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) ServerProtect(TM) 5.80 for Network Appliance Filers English Version Service Pack 1 Patch 2 Critical Patch - Build 1299 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ==================================================== 1. Overview of this Critical Patch Release 1.1 Resolved Known Issues 1.2 Enhancements 1.3 Files Included in This Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ==================================================== 1. Overview of this Critical Patch Release ======================================================================= 1.1 Resolved Known Issues ==================================================================== This Critical Patch resolves the following issues: Issue 1: Sometimes, users cannot successfully add a freshly-installed Normal Server to an Information Server with a higher version. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Critical Patch resolves this issue. Issue 2: Sometimes, the Normal Server cannot start because the Damage Cleanup Engine (DCE) runs for too long after the system restarts. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Critical Patch resolves this issue by setting a time-out value for waiting for the DCE to complete its run after the system restarts. Issue 3: Sometimes, RPC scan results are not sent to NetApp ONTAP Antivirus Connector when there are too many scan requests. Some of the scan requests remain in the scan queue until time-out. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Critical Patch ensures that all the scan results are sent to NetApp ONTAP Antivirus Connector. 1.2 Enhancements ==================================================================== This Critical Patch includes the following enhancement: Enhancement: This Critical Patch removes some vulnerabilities from ServerProtect. 1.3 Files Included in This Release ==================================================================== A. Files for Current Issue -------------------------------------------------------------------- Module File Name Build No. ----------------------------------------------------------------- 32-bit Normal Server SpntSvc.exe 5.80.0.1299 StCommon.dll 5.80.0.1299 NtApRPC.dll 5.80.0.1299 spuninst.exe 5.80.0.1299 64-bit Normal Server SpntSvc.exe 5.80.0.1299 StCommon.dll 5.80.0.1299 NtApRPC.dll 5.80.0.1299 spuninst.exe 5.80.0.1299 Information Server EarthAgent.exe 5.80.0.1299 spuninst.exe 5.80.0.1299 Management Console Admin.exe 5.80.0.1299 spuninst.exe 5.80.0.1299 MCP CMAgent ProductLibrary.dll 5.80.0.1299 B. Files for Previous Issues -------------------------------------------------------------------- Module Filename Build No. ----------------------------------------------------------------- 32-bit Normal Server StRpcSrv.dll 5.80.0.1299 tsc.exe 7.5.0.1152 Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a NtApRpc.dll 5.80.0.1299 SPCommonLog.dll 5.80.0.1299 64-bit Normal Server StRpcSrv.dll 5.80.0.1299 tsc.exe 7.5.0.1152 tsc64.exe 7.5.0.1152 Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a NtApRpc.dll 5.80.0.1299 SPCommonLog.dll 5.80.0.1299 Information Server EarthAgent.exe 5.80.0.1299 dce-exe-mssign-v75-1152.zip n/a dce-exe-mssign-x64-v75-1152.zip n/a tmcomm265-1020.zip n/a Build.exe 2.86.0.1113 cert5.db n/a ciuas32.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 expapply.dll 8.4.2.0 expbuild.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 Patch.exe 2.86.0.1113 patchbld.dll 12.21.0.0 patchw32.dll 12.21.0.0 psmc.dll 8.4.2.0 TmUpdate.dll 2.86.0.1113 x500.db n/a Management Console Admin.exe 5.80.0.1299 MCP CMAgent CMAgent.exe 5.80.0.1299 Patch Files Tmpatch.exe 2.2.0.1057 Setup.ini n/a Hotfix.ini n/a readme.txt n/a license.txt n/a 2. Documentation Set ======================================================================= To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ======================================================================= Install this Critical Patch only on endpoints protected by ServerProtect 5.80 for Network Appliance Filers English Version Service Pack 1 Patch 2. You can download this patch from the following website: http://www.trendmicro.com/download 4. Installation ======================================================================= This section explains key steps for installing this Critical Patch. 4.1 Installing ==================================================================== To install: 1. Close the Management Console. 2. Run "spnaf_580_win_en_criticalpatch_b1299.exe" to copy the critical patch files to the correct destination. The License Agreement appears. 3. Read the License Agreement and click "OK" if you agree with the license conditions to finish the installation. NOTES: - The setup will not continue if you do not agree to the setup license conditions. - The critical patch files are automatically deployed to all scan servers managed by the Information Server. 4. If the Information Server manages a 32-bit Normal Server, open the Management Console and click "Deploy Now" in the "Update" panel to deploy "Anti-rootkit Driver(32 bit)" manually. To apply this critical patch to a Management Console that is not associated with the computer hosting the Information Server: 1. Apply the Critical Patch to the Information Server. 2. Close the Management Console. 3. Go to the Management Console home directory and backup the following files to another location. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4. On the Information Server, copy the following files from the Information Server home directory to the Management Console home directory to overwrite the local files. - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 4.2 Uninstalling ==================================================================== To roll back to the previous build: 1. On the Normal Server, run the following shell command to stop the Normal Server service: net stop spntsvc 2. On the Information Server, run the following shell command to stop the Trend Micro Management Communication Protocol (MCP) CMAgent service: net stop ServerProtectCMAgent 3. On the Information Server, run the following shell command to stop the Information Server service: net stop earthagent 4. If the Management Console is installed on the same server with the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1299\filegroup10" folder to the current directory. If the Management Console is not installed on the same server with the Information Server, open the Management Console's home directory, and then roll back the following files: - admin.exe - Adm_enu.dll - AgentClient.dll - ADM_ENU.chm - EventMsg2.dll - spuninst.exe - spuninstrc.DLL 5. On the Normal Server, rename the backup files in the ServerProtect home directory and use them to replace the current files. The names of the backup files have ".bak" in the extension. 6. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1299\filegroup100" folder to the ".\CMAgent" folder. 7. On the Information Server, open the Information Server's home directory and copy the files from the ".\backup\criticalpatch1299\filegroup10\" folder to the current directory. 8. On the Normal Server, run the following command to start the Normal Server service: net start spntsvc 9. On the Information Server, run the following command to start the MCP CMAgent service: net start ServerProtectCMAgent 10. On the Information Server, run the following command to start the Information Server service: net start earthagent 5. Post-installation Configuration ======================================================================= No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ======================================================================= There are no known issues for this critical patch release. 7. Release History ======================================================================= For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ======================================================================= A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ======================================================================= Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2021, Trend Micro Incorporated. All rights reserved. Trend Micro, ServerProtect, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ======================================================================= View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide