<> Trend Micro Incorporated December 6, 2019 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Worry-Free(TM) Business Security 9.5 Critical Patch - Build 1519 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ========================================================== 1. Overview of This Critical Patch Release 1.1 Issues 1.2 Files Included in this Release 2. Documentation Set 3. System Requirements 4. Installation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 8. Contact Information 9. About Trend Micro 10. License Agreement ========================================================== 1. Overview of This Critical Patch Release ====================================================================== 1.1 Issues =================================================================== This critical patch resolves the following issues and contains the following enhancement: Issue 1: An OpenSSL vulnerability may allow an attacker user-level access to a protected computer. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This critical patch updates the Worry-Free Business Security server program to remove the vulnerability. Issue 2: Remote unauthenticated attackers may be able to query NT domains through the Trend Micro(TM) Worry-Free(TM) Business Security "cgiGetNTDomain.exe" process. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This critical patch removes the vulnerability. Enhancement: This release contains solutions to known issues discovered after the release of Worry-Free Business Security 9.5 and enables it to support the Microsoft(TM) Windows(TM) 10 November 2019 Update. 1.2 Files Included in this Release =================================================================== A. Files for Current Issue ------------------------------------------------------------------- Filename Build No. ---------------------------------------------------------------- tsc.exe 7.5.0.1137 tsc64.exe 7.5.0.1137 tmaegissysevt.dll 2.976.0.2244 tmbmcli.dll 2.976.0.2244 tmbmsrv.exe 2.976.0.2244 tmcomeng.dll 2.976.0.2244 tmengdrv.dll 2.976.0.2244 tmpem.dll 2.976.0.2244 tmsysevt.dll 7.0.0.1176 tmtap.dll 6.0.0.1074 tmwlutil.dll 2.976.0.2244 libeay32.dll 1.0.2s openssl.exe 2019.12.03 ssleay32.dll 1.0.2s cgigetntdomain.exe 19.5.0.1519 B. Files for Previous Issues ------------------------------------------------------------------- Not applicable. C. Network Traffic Required in Deployment ------------------------------------------------------------------- Estimated size (in terms of bandwidth) of deployed client files in this critical patch. - 32-bit client total = 63.24 MB - 64-bit client total = 92.00 MB 2. Documentation Set ====================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com 3. System Requirements ====================================================================== You must install Worry-Free Business Security 9.5 with Patch 1506 before installing this critical patch. 4. Installation ====================================================================== This section explains key steps for installing this critical patch. 4.1 Installing =================================================================== To install: 1. Copy the critical patch executable file to a temporary folder, for example, "C:\temp". 2. Double-click the file. The modules are automatically copied to the correct destination. This critical patch installation package automatically rolls back the Security Server to its previous configuration if there are problems during installation. If you encounter problems after installation, manually roll back the Security Server to the original configuration. 4.2 Uninstalling =================================================================== To manually roll back to the previous build: 1. Locate the backup folder that the critical patch package created in the "\PCCSRV\Backup\CriticalPatch_B1519" directory. 2. Copy the backup modules to the original folders. 3. Run the "TmTouch.exe" tool to trigger the hotfix mechanism. To run "TmTouch.exe": a. Open a command prompt on the server. b. At the command prompt, browse to "PCCSRV\admin\utility\ touch". c. Use the following syntax to run the touch tool: TmTouch.exe {filename} NOTE: {filename} is the file that you want to roll back. "TmTouch.exe" changes the file creation date to the current system time. 5. Post-installation Configuration ====================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ====================================================================== There are no known issues for this patch release. 7. Release History ====================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 8. Contact Information ====================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ====================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2019, Trend Micro Incorporated. All rights reserved. Trend Micro, Worry-Free, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ====================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/ license-agreements Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide