<> Trend Micro Incorporated February 24, 2020 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Worry-Free(TM) Business Security 9.5 Critical Patch - Build 1525 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ========================================================== 1. Overview of This Critical Patch Release 1.1 Resolved Known Issues 1.2 Enhancements 1.3 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ========================================================== 1. Overview of This Critical Patch Release ====================================================================== 1.1 Resolved Known Issues =================================================================== This Critical Patch resolves the following issues: Issue 1: The combination of two possible 0-day directory traversal vulnerabilities leads to a Remote Code Execution (RCE) vulnerability which can grant attackers SYSTEM privileges to the management server. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This Critical Patch updates the Worry-Free Business Security server program to remove the vulnerability. Issue 2: The Worry-Free Business Security program contains a dll side-loading vulnerability at libcurl/openssl. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This Critical Patch removes the vulnerability. Issue 3: The Worry-Free Business Security Agent Update Package contains a Content Validation Escaping Vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This Critical Patch updates the Worry-Free Business Security server program to remove the vulnerability. Issue 4: The Worry-Free Business Security is affected by a Directory Traversal Authentication Bypass Vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This Critical Patch updates the Worry-Free Business Security server program to remove the vulnerability. Issue 5: Weak file permissions may lead to a Privilege Escalation Vulnerability. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This Critical Patch removes the vulnerability. 1.2 Enhancements =================================================================== There are no enhancements in this release. 1.3 Files Included in this Release =================================================================== A. Files for Current Issue ------------------------------------------------------------------- Filename Build No. ---------------------------------------------------------------- instreg.exe 19.50.0.1213 fcWofieUI.dll 19.50.0.1213 TMASutility.exe 19.50.0.1213 TmListen.exe 19.50.0.1213 Upgrade.exe 19.50.0.1213 Ntrtscan.exe 19.50.0.1213 upgrade.exe 19.50.0.1213 ntrtscan.exe 19.50.0.1213 cgilog.exe 19.5.0.1525 cgirecvfile.exe 19.5.0.1525 cmdhlclient.dll 19.5.0.1525 ofchotfix.exe 19.5.0.1525 ofcservice.exe 19.5.0.1525 cgichkmasterpwd.exe 19.5.0.1525 cgishowclientadm.exe 19.5.0.1525 cgishowserveradm.exe 19.5.0.1525 cgigetntdomain.exe 19.5.0.1525 cgiremoteinstall.exe 19.5.0.1525 CCSF_WIN32.zip 2020/02/14 CCSF_X64.zip 2020/02/14 B. Files for Previous Issues ------------------------------------------------------------------- Not applicable. C. Network Traffic Required in Deployment ------------------------------------------------------------------- Estimated size (in terms of bandwidth) of deployed client files in this Critical Patch. - 32-bit client total = 63.24 MB - 64-bit client total = 92.00 MB 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ====================================================================== You must install Worry-Free Business Security 9.5 with Patch 1506 before installing this Critical Patch. 4. Installation ====================================================================== This section explains key steps for installing this Critical Patch. 4.1 Installing =================================================================== To install: 1. Copy the Critical Patch executable file to a temporary folder, for example, "C:\temp". 2. Double-click the file. The modules are automatically copied to the correct destination. This Critical Patch installation package automatically rolls back the Security Server to its previous configuration if there are problems during installation. If you encounter problems after installation, manually roll back the Security Server to the original configuration. 4.2 Uninstalling =================================================================== To manually roll back to the previous build: 1. Locate the backup folder that the Critical Patch package created in the "\PCCSRV\Backup\CriticalPatch_B1525" directory. 2. Copy the backup modules to the original folders. 3. Run the "TmTouch.exe" tool to trigger the Critical Patch mechanism. To run "TmTouch.exe": a. Open a command prompt on the server. b. At the command prompt, browse to "PCCSRV\admin\utility\ touch". c. Use the following syntax to run the touch tool: TmTouch.exe {filename} NOTE: {filename} is the file that you want to roll back. "TmTouch.exe" changes the file creation date to the current system time. 5. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2020, Trend Micro Incorporated. All rights reserved. Trend Micro, Worry-Free, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide