<> Trend Micro Incorporated November 5, 2019 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Worry-Free(TM) Business Security 10.0 Service Pack 1 Patch - Build 2179 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates. http://www.trendmicro.com/download TIP: Register online with Trend Micro within 30 days of installation to continue downloading new pattern files and product updates from the Trend Micro website. Register during installation or online at: https://clp.trendmicro.com/FullRegistration?T=TM Contents ========================================================== 1. About Worry-Free Business Security 1.1 Overview of This Release 1.2 Who Should Install This Release 2. What's New 2.1 Enhancements 2.2 Resolved Known Issues 3. Documentation Set 4. System Requirements 5. Installation 5.1 Installing 5.2 Uninstalling 6. Post-Installation Configuration 7. Known Issues 8. Release History 9. Files Included in This Release 10. Contact Information 11. About Trend Micro 12. License Agreement ========================================================== 1. About Worry-Free Business Security ====================================================================== Trend Micro Worry-Free Business Security protects small business users and assets from data theft, identity theft, risky websites, and spam (Advanced Only). 1.1 Overview of This Release =================================================================== This release contains solutions to known issues discovered after the release of Worry-Free Business Security 10.0 Service Pack 1. 1.2 Who Should Install This Release =================================================================== You should install this patch if you are running any build of Worry-Free Business Security 10.0 Service Pack 1. 2. What's New ====================================================================== This release includes the following enhancement and resolves the the following known issues: 2.1 Enhancements =================================================================== The following enhancement is included in this patch: Enhancement: ActiveUpdate (AU) Security - This patch enables the Worry-Free Business Security server to update AU patterns and files using a more secure HTTPS protocol. 2.2 Resolved Known Issues =================================================================== This patch resolves the following issues: Issue 1: (VRTS-3385) There are multiple Vulnerabilities in Apache 2.4.29. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This patch updates the Apache module to version 2.4.39 to remove the vulnerabilities. Issue 2: (SEG-51130) "Ofcservice.exe" stops responding while processing log queries on the Worry-Free Business Security server web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This patch ensures that Security Agents send logs to the Security Server in the supported format. Issue 3: (SEG-56361) ATTK Scan detection logs cannot be uploaded because these contain the wrong "FunctionType". ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This patch resolves the error so both ATTK scan and normal scan logs can be uploaded to the Security Server successfully. Issue 4: (SEG-46088) Users cannot login to the Worry-Free Business Security web console even after resetting the password using the reset password tool. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This patch ensures that users can login successfully to the Worry-Free Business Security web console. Issue 5: (SEG-56382) "Setup.exe" stops unexpectedly while upgrading Worry-Free Business Security to version 10.0 Service Pack 1 on the Microsoft(TM) Windows(TM) Server 2008 Service Pack 2 platform. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 5: This patch contains a repacked version of Worry-Free Business Security 10.0 Service Pack 1 which blocks unsupported platforms to ensure that the update can be applied normally. Issue 6: (VRTS-3542)(VRTS-3550) There are OpenSSL vulnerabilities in Worry-Free Business Security 10.0 Service Pack 1. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 6: This patch updates the related OpenSSL key-generation files to remove these vulnerabilities. Issue 7: (VRTS-3682)(SEG-60707) A vulnerability may allow attackers to bypass root authentication and logon to the Worry-Free Business Security web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 7: This patch updates the Worry-Free Business Security server program to remove the vulnerability. Issue 8: (VRTS-3426) An attacker may be able to execute codes through a .dll file. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 8: This patch removes this DLL code injection vulnerability. Issue 9: (SEG-59988) Users cannot install the Security Agent because a higher version of Microsoft Visual C++ 2017 already exists. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 9: This patch ensures that users can install the Security Agent successfully when a higher version of Microsoft Visual C++ 2017 already exists. Issue 10: (SEG-63241) Agents using the 64-bit IIS appear offline after users apply version 10.0 Service Pack 1 Patch 2178. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 10: This patch provides the "isapiClient.dll" file that has disappeared during the update to resolve this issue. Issue 11: (SEG-63185) After users apply Patch 2178, some Spyware or Adware are detected from non-existing registry keys during manual/scheduled scans. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 11: This patch prevents the spyware/adware false detections. Issue 12: (SEG-63247) The setup process terminates unexpectedly because the patch installer cannot stop the update process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 12: This patch ensures the patch installer can run and setup without issues. 3. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 4. System Requirements ====================================================================== You must install Worry-Free Business Security 10.0 Service Pack 1 before installing this patch. 5. Installation ====================================================================== This section explains key steps for installing the patch. 5.1 Installing =================================================================== To install: 1. Copy the patch executable file to a temporary folder, for example, "C:\temp". 2. Double-click the file. The modules are automatically copied to the correct destination. This patch installation package automatically rolls back the Security Server to its previous configuration if there are problems during installation. If you encounter problems after installation, manually roll back the Security Server to the original configuration. 5.2 Uninstalling =================================================================== To manually roll back to the previous build: 1. Locate the backup folder that the patch package created in the "\PCCSRV\Backup\Patch_B2179" directory. 2. Copy the backup modules to the original folders. 3. Run the "TmTouch.exe" tool to trigger the hotfix mechanism. To run "TmTouch.exe": a. Open a command prompt on the server. b. At the command prompt, browse to "PCCSRV\admin\utility\touch". c. Use the following syntax to run the touch tool: TmTouch.exe {filename} NOTE: {filename} is the file that you want to roll back. "TmTouch.exe" changes the file creation date to the current system time. 6. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 7. Known Issues ====================================================================== There are no known issues for this patch release. 8. Release History ====================================================================== For more information about updates to this product, go to: https://autoupdate.wfbs.trendmicro.com/static/WFBS/20.0/EN/readme 9. Files Included in this Release ====================================================================== A. Files for Current Issue ------------------------------------------------------------------- Filename Build No. ---------------------------------------------------------------- openssl_template.cnf 2019/11/01 Build.exe 2.86.0.1089 Build64.exe 2.86.0.1089 ciuas32.dll 1.0.0.2075 ciuas64.dll 1.0.0.2075 ciussi32.dll 2.0.0.2074 ciussi64.dll 2.0.0.2074 expapply.dll 8.4.2.0 expapply64.dll 8.4.2.0 expbuild.dll 8.4.2.0 expbuild64.dll 8.4.2.0 icrcauapi.dll 2.5.0.1115 liblwtpciu32.dll 1.0.0.1005 liblwtpciu64.dll 1.0.0.1005 patch.exe 2.86.0.1089 patch64.exe 2.86.0.1089 patchbld.dll 12.21.0.0 PATCHW32.DLL 12.22.0.0 patchw64.dll 12.22.0.0 pbld64.dll 12.20.0.0 psmc.dll 8.4.2.0 psmc64.dll 8.4.2.0 TmUpdate.dll 2.86.0.1089 TmUpdate64.dll 2.86.0.1089 libeay32.dll 1.0.2.19 openssl.exe 1.0.2n ssleay32.dll 1.0.2.19 CLIENTMSISETUP_TEMPLATE_x64 2019/11/01 CLIENTMSISETUP_TEMPLATE_x86 2019/11/01 BMdriver_x32.zip 2019/11/01 BMdriver_x64.zip 2019/11/01 bmservice_x32.zip 2019/11/01 bmservice_x64.zip 2019/11/01 ssapi32_624014.zip 2019/11/01 ssapi64_624014.zip 2019/11/01 ssapi32.dll 6.2.1.4023 TmAegisSysEvt.dll 2.98.0.1201 TMBMCLI.dll 2.98.0.1201 TMBMSRV.exe 2.98.0.1201 tmcomeng.dll 2.98.0.1201 TmEngDrv.dll 2.98.0.1201 TMPEM.dll 2.98.0.1201 tmtap.dll 6.0.0.1074 tmwlutil.dll 2.98.0.1201 ssapi64.dll 6.2.1.4023 resources 2019/11/01 clientconsole.zip 2019/11/01 NTRtScan.exe 20.0.0.2036 AgentStatusDC.zip 2019/11/01 ATTK_prog_x86.zip 2019/11/01 PccNT.exe 20.0.0.2036 Upgrade.exe 20.0.0.2036 tmactmon.cat 2019/11/01 tmactmon.inf 2019/11/01 tmactmon.sys 2.98.0.1185 tmcomm.cat 2019/11/01 tmcomm.inf 2019/11/01 tmcomm.sys 8.20.0.1023 tmevtmgr.cat 2019/11/01 tmevtmgr.inf 2019/11/01 tmevtmgr.sys 2.98.0.1185 ATTK_prog_x64.zip 2019/11/01 Ntrtscan.exe 20.0.0.2036 upgrade.exe 20.0.0.2036 cgiLog.exe 20.0.0.2178 CGIOCommon.dll 20.0.0.2178 cgiRecvFile.exe 20.0.0.2178 CGIShare.dll 20.0.0.2178 isapiClient.dll 20.0.0.2178 isapiClientX64.dll 20.0.0.2178 isapiClientX86.dll 20.0.0.2178 CmdHLClient.dll 20.0.0.2178 DbServer.exe 20.0.0.2178 OfcAutoUpdate.exe 20.0.0.2178 OfcDownload.dll 20.0.0.2178 OfcService.exe 20.0.0.2179 cgiShowLogs.exe 20.0.0.2178 cgiShowSummary.exe 20.0.0.2178 add_server_remoteinstall.js 2019/11/01 B. Files for Previous Issues ------------------------------------------------------------------- Not applicable. C. Network Traffic Required in Deployment ------------------------------------------------------------------- Estimated size (in terms of bandwidth) of deployed client files in this patch. - 32-bit client total = 59.86 MB - 64-bit client total = 70.30 MB 10. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 11. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2019, Trend Micro Incorporated. All rights reserved. Trend Micro, Worry-Free, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 12. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide