<> Trend Micro Incorporated April 30, 2020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro Safe Lock(TM) Intelligent Manager TXOne Edition 1.1 Version 1017 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates. GM release documentation: http://docs.trendmicro.com Patch/SP release documentation: http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ====================================================================== 1. About Trend Micro Safe Lock 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Safe Lock Intelligent Manager Enhancements 2.2 Safe Lock agents Enhancements 2.3 Safe Lock Intelligent Manager Resolved Known Issues 2.4 Safe Lock agents Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Contact Information 10. About Trend Micro 11. About TXOne Networks 12. License Agreement ====================================================================== 1. About Trend Micro Safe Lock ======================================================================== Trend Micro Safe Lock consists of an agent program called Safe Lock that resides on endpoints and a server program called Safe Lock Intelligent Manager that manages agents. Trend Micro Safe Lock protects fixed-function computers like Industrial Control Systems (ICS), Point of Sale (POS) terminals, and kiosk terminals from malicious software and unauthorized use. By using fewer resources and without the need for regular software or system updates, Safe Lock can reliably secure computers in industrial and commercial environments with little performance impact or downtime. Trend Micro Safe Lock Intelligent Manager provides centralized monitoring and management of Trend Micro Safe Lock agent deployment, status, and events. For example, administrators can remotely deploy agents, deploy initial agent Approved Lists, and change agent Application Lockdown states. Additionally, Safe Lock Intelligent Manager performs malware scans and administrators can view root cause information on files blocked from running by Safe Lock agents, reducing the time and effort needed to verify events and allowing quick responses to incidents. 1.1 Overview of This Release ===================================================================== This release adds supported platforms and enhances several features of Safe Lock Intelligent Manager and Safe Lock agents. 1.2 Who Should Install This Release ===================================================================== You should install this patch release if you are currently running Safe Lock Intelligent Manager TXOne Edition (version 3.0.0.1025). 2. What's New ======================================================================== Note: Please install the Patch/SP before completing any procedures in this section (see "Installation"). Note: The agent program that resides on endpoints is referred to as Safe Lock agent, and the server program that manages agents is referred to as Safe Lock Intelligent Manager. This patch addresses the following issues and/or includes the following enhancement(s): 2.1 Safe Lock Intelligent Manager Enhancements ===================================================================== Trend Micro Safe Lock Intelligent Manager TXOne Edition 1.1 includes the following features and benefits: Enhancement 1: You can start a manual scan or scheduled scan on agent endpoints from the Intelligent Manager console. This function requires special licensing. Enhancement 2: Endpoint search filters has been enhanced to include the following: - Support partial search for endpoint names. - Display registered agents with a system time that is later than the server system time. Enhancement 3: The Approved List export feature has been enhanced to include the time a file was added or modified in the list. Enhancement 4: This release of Safe Lock Intelligent Manager includes new event logs for Intelligent Manager component updates. 2.2 Safe Lock agents Enhancements ===================================================================== Trend Micro Safe Lock agent TXOne Edition 1.1 includes the following features and benefits: Enhancement 1: Safe Lock agents provide the scan function that you can start manually on endpoints to scan for malware. This function requires special licensing. Enhancement 2: Safe Lock agent-server communication has been enhanced to support Safe Lock agents with a fixed IP address. Enhancement 3: The enhanced Safe Lock data flow and system function processing increase system operation efficiency. Enhancement 4: Safe Lock agent installation supports Microsoft Windows 10 May 2019 Update (19H1), November 2019 Update (19H2) and May 2020 Update (20H1). 2.3 Safe Lock Intelligent Manager Resolved Known Issues ===================================================================== No known issues are resolved by this Patch. 2.4 Safe Lock agents Resolved Known Issues ===================================================================== This release resolves the following issue(s): Issue 1: The approved list cannot be exported after the maintenance period is over. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: [SEG-72576] This patch resolves the issue to enable approved list export after the maintenance period is over. Issue 2: Safe Lock Intelligent Manager displays an error when exporting agent events by group name. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: [SEG-71265] This patch resolves the issue so that agent event export by group name operates normally. Issue 3: The system does not display detailed information when the start and end time of the maintenance period is in the past. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: [SEG-64629] This patch provides the following message to indicate the status: "Unable to set Maintenance Mode. Maintenance schedule is already passed. Check the system time on the agent endpoint and try again.". 3. Documentation Set ======================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying Trend Micro Safe Lock Intelligent Manager. - Administrator's Guide (AG): Provides post-installation instructions on how to configure the settings to help you get Trend Micro Safe Lock Intelligent Manager "up and running". Also includes instructions on performing other administrative tasks for the maintenance of Trend Micro Safe Lock Intelligent Manager and for the deployment and maintenance of Trend Micro Safe Lock agents. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com 4. System Requirements ======================================================================== Refer to the Installation Guide for detailed information. 5. Installation ======================================================================== Refer to the Installation Guide for detailed information. 6. Post-Installation Configuration ======================================================================== Please remember to clear the browser cache before you open the web console when you install this patch to an environment where a previous build was installed. 7. Known Issues ======================================================================== Known issues in this release are listed below. 7.1 Safe Lock Intelligent Manager ==================================================================== 7.1.1 Installation and Uninstallation ==================================================================== a. Installed Safe Lock 1.x agents block and prevent the installation of Trend Micro Safe Lock Intelligent Manager. When installing both programs on the same endpoint, Trend Micro Safe Lock Intelligent Manager must be installed before the Trend Micro Safe Lock agent. The Safe Lock agent can be installed after the installation of Safe Lock Intelligent Manager is complete. b. During Safe Lock Intelligent Manager re-installations using an existing Microsoft SQL Server, any discrepancy between the original Safe Lock Intelligent Manager server IP address and the new Safe Lock Intelligent Manager server IP address results in the original Safe Lock Intelligent Manager database being erased and a new database being used. c. The Trusted Updater or Predefined Trusted Updater of Safe Lock agents do not support the installation of Trend Micro Safe Lock Intelligent Manager. Remove the Safe Lock agent from the endpoint before installing Safe Lock Intelligent Manager. Safe Lock agents can be installed after the installation of Safe Lock Intelligent Manager is complete. d. Safe Lock Intelligent Manager remote installations on endpoints running Windows 2000 Server may not automatically reboot even if the reboot is needed. e. Safe Lock Intelligent Manager remote installations may not succeed because the svchost.exe process can terminate unexpectedly in the following versions of Windows: - Windows 2000 (SP4) - Windows Server 2003 (SP1/SP2) - Windows XP (SP1/SP2/SP3) f. If the Safe Lock agent and Safe Lock Intelligent Manager are both installed on an endpoint running Windows Server 2008 without SP2, using IIS 7.0 as the web server may cause the Safe Lock Intelligent Manager web console and applications using IIS 7.0 to not work as expected. g. The installer may not launch if there is not enough disk space on the target endpoint. Ensure that the target endpoint meets the specified requirement for free space. h. Safe Lock Intelligent Manager is unable to remotely uninstall Safe Lock agents on Windows 7 or later from a Windows Server 2008 endpoint. This issue does not occur on Windows Server 2008 R2. 7.1.2 Web Console ==================================================================== a. Google Chrome blocks downloaded packages of Trend Micro Safe Lock agent from the web console. b. Long group names on the Agent Management directory may be corrupted when the web console is accessed through Internet Explorer. This issue can be avoided by using Chrome or Firefox. c. When the console is accessed through Chrome or Firefox, the close button on the Dashboard page may not function correctly if another dialog box from the browser has just been closed. d. Component versions may be displayed incorrectly on the web console if the Intelligent Manager server is updated during a component update. e. The Command Deployment Status shows random characters after clicking a Download link in Internet Explorer 7 or 8 if Internet Explorer's security setting(Downloads > Automatic prompting for file downloads) is disabled. f. IIS server 7.0 or below is associated with a delay (typically 10 seconds) during the first Trend Micro Safe Lock Intelligent Manager web console log on. g. Intelligent Manager may not be able to restart on Windows 10 after a system reboot if the hardware specifications are low. To resolve the issue, update the ServicesPipeTimeout value to 1 minute or more. Find the value in the following path and key: - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control "ServicesPipeTimeout" (milliseconds) h. If Administrators try to check the connection for one agent after cancelling the connection check for a lot of agents, the "Check Connection" window remains at the screen for a long time until all the other check connection tasks are finished. i. If a user changes his password on a Safe Lock Intelligent Manager that is registered to a Trend Micro Control Manager server, the password on the Trend Micro Control Manager server must also be updated. Otherwise, the user account may be locked out after multiple logon retries. j. Help content for Trend Micro Safe Lock widgets are not accessible if the Trend Micro Control Manager server is not connected to the internet. 7.1.3 Agent Communication ==================================================================== a. When a script is blocked, the agent records two messages in the Windows Event Log. For example, *.bat will be blocked twice by Safe Lock agents and will therefore create two block events. b. Network antivirus software may prevent files containing known malicious content from being sent from Safe Lock agents to Safe Lock Intelligent Manager for scanning. c. In some cases, if a Safe Lock agent is unable to send a blocked file to Safe Lock Intelligent Manager for scanning, Safe Lock Intelligent Manager reports the status of the file as "Pending Scan". However, in these cases, the file is never sent and the status is permanently reported as "Pending Scan". d. Safe Lock Intelligent Manager is unable to sync license status to agents after the Safe Lock Intelligent Manager license expires. Specify a valid Activation Code in the Trend Micro Safe Lock Intelligent Manager if your Activation Code expires. e. Without updating the existing installations of Safe Lock Intelligent Manager 2.0 SP1 Patch 2 or earlier, new events from Safe Lock agents may be displayed as blank or random code in the Agent Events screen. 7.1.4 SLtasks ==================================================================== a. The SLtasks.exe command "--removeitems" only supports CSV files in the UTF-8 format. b. Intelligent Manager is unable to export or save files with long file names. A long name file is truncated when the file is exported or saved. 7.1.5 File Hash Generator ==================================================================== a. Long file names on the File Hash Generator interface may not be fully displayed whenever a cursor hovers over these files names. b. The banner on the File Hash Generator interface may disappear if the DPI is set to 125% or above. 7.1.6 Miscellaneous ==================================================================== a. Root cause analysis is unable to indicate information for blocked files located on mapped network drives. b. When Safe Lock Intelligent Manager uses a local server requiring authentication (UNC) for updates, endpoints running Windows XP, 7, 8, and 8.1 are sometimes unable maintain enough simultaneous network connections to update all specified components. c. Safe Lock agents are unable to upload their debug log to Trend Micro Safe Lock Intelligent Manager if the debug log is over 2GB. 7.2 Safe Lock agents ==================================================================== For information, see Readme file for Safe Lock agents. 8. Release History ======================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download Previous releases include the following: Trend Micro Safe Lock Intelligent Manager TXOne Edition - October 09, 2019 Trend Micro Safe Lock Intelligent Manager TXOne Edition 1.1 - April 30, 2020 8.1 TXOne Edition ===================================================================== 8.1.1 Safe Lock Intelligent Manager Enhancements ===================================================================== Enhancement 1: New agent commands: - Configure Maintenance Mode: The administrator can define a time period when all file executions are allowed to perform patch updates on endpoints. - Add Trusted USB Device: When device control is enabled, the administrator can configure trusted USB storage devices to allow USB device access on endpoints. Enhancement 2: A new command is provided on the Safe Lock Intelligent Manager server to allow the administrator to transfer Safe Lock agents to a new server. 8.1.2 Safe Lock Intelligent Manager Resolved Known Issues ===================================================================== There are no resolved known issues in this release. 8.1.3 Safe Lock agents Enhancements ===================================================================== For information, see Readme file for Safe Lock agents. 8.1.4 Safe Lock agents Resolved Known Issues ===================================================================== For information, see Readme file for Safe Lock agents. 9. Contact Information ======================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 10. About Trend Micro ======================================================================== Trend Micro Incorporated, a global leader in Internet content security and threat management, aims to create a world safe for the exchange of digital information for businesses and consumers. A pioneer in server-based antivirus with over 20 years of experience, we deliver top-ranked security that fits our customers' needs, stops new threats faster, and protects data in physical, virtualized and cloud environments. Powered by the Trend Micro(TM) Smart Protection Network(TM) infrastructure, our industry-leading cloud-computing security technology and products stop threats where they emerge, on the Internet, and are supported by 1,000+ threat intelligence experts around the globe. For additional information, visit www.trendmicro.com. Copyright 2020, Trend Micro Incorporated. All rights reserved. Trend Micro, the t-ball logo and Safe Lock are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners. 11. About TXOne Networks ======================================================================== TXOne Networks Inc. is a joint-venture between Trend Micro Inc. and Moxa Inc. TXOne Network Inc. offers cybersecurity solutions to protect industrial control systems (ICS) and ensure reliability and safety from cyberattacks. 12. License Agreement ======================================================================== View information about your license agreement with Trend Micro at: www.trendmicro.com/us/about-us/legal-policies/license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide