Contents
1. Critical Patch Release Information 
Resolved Known Issues
This Critical Patch resolves the following issue(s):
The Security Agent program may become corrupted when users install it from the MSI installation package (Windows Installer) using the wrong command in the command line.
Solution:
This critical patch enables the Apex One security agent installation to abort the MSI installation process if it encounters an unexpected command.
An issue related to the Microsoft(TM) Excel files with macro content cannot be saved to a network shared folder from an endpoint, some Microsoft(TM) Excel(TM) temp files cannot be deleted after trying to save the files.
Solution:
This critical patch updates the Apex One security agent program to resolve this issue.
Enhancements
The following enhancements are included in this Critical Patch:
This critical patch enables the Apex One security agent program to support Microsoft(TM) Windows(TM) 10 (version 1903) May 2019 Update
Files Included in this Release
A. Files for Current Issue(s)
-------------------------------------------------------------------
Filename Build Number
------------------------------ ------------
OfficeScan\PCCSRV\Admin\Utility\EdgeServer\*.*
OfficeScan\PCCSRV\Admin\Utility\SQL\*.*
OfficeScan\PCCSRV\Pccnt\Disk1\*.*
OfficeScan\PCCSRV\
-------------------------------------------------------------------
OfcPfwCommon.dll 14.0.0.1116
OfficeScan\PCCSRV\Admin\Utility\ClientPackager\
-------------------------------------------------------------------
CLIENTMSISETUP_MSI *
OfcPfwCommon.dll 14.0.0.1116
OfficeScan\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Client\x64\
-------------------------------------------------------------------
osfExt_iACClient_x64.dll 3.0.0.1108
osfExt_iESClient_x64.dll 3.0.0.1494
osfExt_iVPClient_x64.dll 3.0.0.2024
OfficeScan\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Client\x86\
-------------------------------------------------------------------
osfExt_iACClient.dll 3.0.0.1108
osfExt_iESClient.dll 3.0.0.1494
osfExt_iVPClient.dll 3.0.0.2024
OfficeScan\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iAC\
-------------------------------------------------------------------
osfExt_iACCMAGENT.dll 3.0.0.1108
osfExt_iACMasterService.dll 3.0.0.1108
OfficeScan\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iES\
-------------------------------------------------------------------
osfExt_iESCMAGENT.dll 3.0.0.1494
osfExt_iESMasterService.dll 3.0.0.1494
OfficeScan\PCCSRV\Admin\Utility\iServicePackage\OSF_Extension\Server\iVP\
-------------------------------------------------------------------
osfExt_iVPCMAGENT.dll 3.0.0.2024
osfExt_iVPMasterService.dll 3.0.0.2024
OfficeScan\PCCSRV\Admin\Utility\ListDeviceInfo\
-------------------------------------------------------------------
listDeviceInfo.conf.ini *
listDeviceInfo.exe 6.2.0.1249
OfficeScan\PCCSRV\Download\Product\
-------------------------------------------------------------------
DlpLite_Common.zip *
DlpLite_Common_x64.zip *
OfficeScan\PCCSRV\Engine\
-------------------------------------------------------------------
TmAegisSysEvt.dll 2.98.0.1201
TMBMCLI.dll 2.98.0.1201
TMBMSRV.exe 2.98.0.1201
tmcomeng.dll 2.98.0.1201
TmEngDrv.dll 2.98.0.1201
TMPEM.dll 2.98.0.1201
TmSysEvt.dll 8.20.0.1026
tmwlutil.dll 2.98.0.1201
OfficeScan\PCCSRV\Engine\x64\
-------------------------------------------------------------------
TmAegisSysEvt.dll 2.98.0.1201
TMBMCLI.dll 2.98.0.1201
TMBMSRV.exe 2.98.0.1201
tmcomeng.dll 2.98.0.1201
TmEngDrv.dll 2.98.0.1201
TMPEM.dll 2.98.0.1201
TmSysEvt.dll 8.20.0.1026
tmwlutil.dll 2.98.0.1201
OfficeScan\PCCSRV\OSF_Extension\iAC\
-------------------------------------------------------------------
osfExt_iACCMAGENT.dll 3.0.0.1108
osfExt_iACMasterService.dll 3.0.0.1108
OfficeScan\PCCSRV\OSF_Extension\iES\
-------------------------------------------------------------------
osfExt_iESCMAGENT.dll 3.0.0.1494
osfExt_iESMasterService.dll 3.0.0.1494
OfficeScan\PCCSRV\OSF_Extension\iVP\
-------------------------------------------------------------------
osfExt_iVPCMAGENT.dll 3.0.0.2024
osfExt_iVPMasterService.dll 3.0.0.2024
OfficeScan\PCCSRV\Pccnt\
-------------------------------------------------------------------
NTRtScan.exe 14.0.0.1116
OfficeScan\PCCSRV\Pccnt\Common\
-------------------------------------------------------------------
CCSF_WIN32.zip *
OfcPfwCommon.dll 14.0.0.1116
osfExt_iACClient.dll 3.0.0.1108
osfExt_iESClient.dll 3.0.0.1494
osfExt_iVPClient.dll 3.0.0.2024
PccNT.exe 14.0.0.1116
TmListen.exe 14.0.0.1116
TmListenShare.dll 14.0.0.1116
TmopCfg.dll 3.7.0.1134
Tmopcfscan.dll 3.7.0.1134
TmopCtl.dll 3.7.0.1134
TmopDbg.dll 3.7.0.1134
TmoppeCertPin.dll 3.7.0.1134
TmoppeEvts.dll 3.7.0.1134
TmoppeHosF.dll 3.7.0.1134
TmoppePDP.dll 3.7.0.1134
TmoppeSAL.dll 3.7.0.1134
TmoppeSsF.dll 3.7.0.1134
TmoppeUrlF.dll 3.7.0.1134
TmoppeVS.dll 3.7.0.1134
TmopphDns.dll 3.7.0.1134
TmopphHttp.dll 3.7.0.1134
TmopphHttp2.dll 3.7.0.1134
TmopphPop3.dll 3.7.0.1134
TmopphSmtp.dll 3.7.0.1134
TmopphSocks.dll 3.7.0.1134
TmopphSvrHello.dll 3.7.0.1134
TmopPlgAdp.dll 3.7.0.1134
Tmopsent.dll 3.7.0.1134
TmopsmHttp.dll 3.7.0.1134
TmopsmMail.dll 3.7.0.1134
TmopsmProxy.dll 3.7.0.1134
TmopsmSvrHello.dll 3.7.0.1134
tmufeng.dll 3.91.0.1021
OfficeScan\PCCSRV\Pccnt\Drv\
-------------------------------------------------------------------
tmactmon.cat *
tmactmon.inf *
tmactmon.sys 2.98.0.1185
tmcomm.cat *
tmcomm.inf *
tmcomm.sys 8.20.0.1026
tmevtmgr.cat *
tmevtmgr.inf *
tmevtmgr.sys 2.98.0.1185
OfficeScan\PCCSRV\Pccnt\Drv\X64\
-------------------------------------------------------------------
tmactmon.cat *
tmactmon.inf *
tmactmon.sys 2.98.0.1185
tmcomm.cat *
tmcomm.inf *
tmcomm.sys 8.20.0.1026
tmevtmgr.cat *
tmevtmgr.inf *
tmevtmgr.sys 2.98.0.1185
OfficeScan\PCCSRV\Pccnt\Win64\X64\
-------------------------------------------------------------------
CCSF_X64.zip *
Ntrtscan.exe 14.0.0.1116
OfcPfwCommon_64x.dll 14.0.0.1116
osfExt_iACClient_x64.dll 3.0.0.1108
osfExt_iESClient_x64.dll 3.0.0.1494
osfExt_iVPClient_x64.dll 3.0.0.2024
PccNT.exe 14.0.0.1116
TmListen.exe 14.0.0.1116
TmListenShare_64x.dll 14.0.0.1116
TmopCfg.dll 3.7.0.1134
Tmopcfscan.dll 3.7.0.1134
TmopCtl.dll 3.7.0.1134
TmopDbg.dll 3.7.0.1134
TmoppeCertPin.dll 3.7.0.1134
TmoppeEvts.dll 3.7.0.1134
TmoppeHosF.dll 3.7.0.1134
TmoppePDP.dll 3.7.0.1134
TmoppeSAL.dll 3.7.0.1134
TmoppeSsF.dll 3.7.0.1134
TmoppeUrlF.dll 3.7.0.1134
TmoppeVS.dll 3.7.0.1134
TmopphDns.dll 3.7.0.1134
TmopphHttp.dll 3.7.0.1134
TmopphHttp2.dll 3.7.0.1134
TmopphPop3.dll 3.7.0.1134
TmopphSmtp.dll 3.7.0.1134
TmopphSocks.dll 3.7.0.1134
TmopphSvrHello.dll 3.7.0.1134
TmopPlgAdp.dll 3.7.0.1134
Tmopsent.dll 3.7.0.1134
TmopsmHttp.dll 3.7.0.1134
TmopsmMail.dll 3.7.0.1134
TmopsmProxy.dll 3.7.0.1134
TmopsmSvrHello.dll 3.7.0.1134
tmufeng.dll 3.91.0.1021
OfficeScan\PCCSRV\Private\
-------------------------------------------------------------------
DlpClc.xml *
OfficeScan\PCCSRV\Web\Service\
-------------------------------------------------------------------
libCmdHndlrClientV2.dll 14.0.0.1132
libCmdHndlrConsoleV2.dll 14.0.0.1132
OfcPfwCommon.dll 14.0.0.1116
OfcService.exe 14.0.0.1132
OfficeScan\PCCSRV\Web_OSCE\osf\bin\
-------------------------------------------------------------------
libOSFCmdHdlrAdapter64.dll 14.0.0.1132
OfficeScan\PCCSRV\Web_OSCE\Web\CGI\
-------------------------------------------------------------------
cgiRecvFile.exe 14.0.0.1132
OfcPfwCommon.dll 14.0.0.1116
OfficeScan\PCCSRV\Web_OSCE\Web_Console\CGI\
-------------------------------------------------------------------
OfcPfwCommon.dll 14.0.0.1116
OfficeScan\PCCSRV\WSS\
-------------------------------------------------------------------
AU_FRS.exe 3.1.0.2018
B. Network Traffic Required in Deployment
-------------------------------------------------------------------
Estimated size (in terms of bandwidth) of deployed agent files
in this critical patch.
- 32-bit agent total = 84.4 MB
- 64-bit agent total = 104.8 MB
2. Documentation Set
To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com
- Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product.
To access the Online Help, go to http://docs.trendmicro.com
- Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product.
- Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product.
- Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'.
- Support Portal: The Support Portal contains information on troubleshooting and resolving known issues.
- To access the Support Portal, go to http://esupport.trendmicro.com
3. System Requirements
4. Installation/Uninstallation
Installing
To install:
- Copy the Critical Patch executable file to a temporary folder on the server, for example, "C:\temp".
- Double-click the file. The modules are automatically copied to the correct destination.
This Critical Patch installation package automatically rolls back the Apex One server to its previous configuration if there are problems during installation. If you encounter problems after installation, do a manual rollback.
Uninstalling
To manually roll back to the previous build:
- Locate the backup folder that the Critical Patch package created in the "\PCCSRV\Backup\Critical Patch_B1132" directory.
- Stop the Apex One Master Service.
- Stop the Apex One Apex Central Agent Service.
- Copy the backup modules to the original folders.
- Start the Apex One Apex Central Agent Service.
- Start the Apex One Master Service.
5. Post-installation Configuration
No post-installation steps are required.
NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product.
6. Known Issues
There are no known issues for this Critical Patch release.
7. Release History
Prior Hotfixes
Only this hotfix was tested for this release. Prior hotfixes were tested at the time of their release.
(VRTS-3171)
A directory traversal vulnerability may allow an attacker to modify arbitrary files on the product's management console.
Solution:
This critical patch updates the Apex One server program to remove the vulnerability.
(SEG-50319)
Changes in the Google API prevents Data Loss Prevention(TM) (DLP) from detecting sensitive information sent through Gmail in Google Chrome 73.
Solution:
This hotfix resolves the issue by enabling the DLP module to support the "Http/Https" and "Open file dialog" functionality in Google Chrome 73.
(SEG-49467)
The tmlisten service stops unexpectedly when users add an NIC description in the Personal Firewall (PFW) profile and deploy the profile to agents.
Solution:
This hotfix updates the Apex One Security Agent program to resolve the issue.
(SEG-49381)
The Smart Scan Pattern of File Reputation Services occupies a large amount of disk space on the Apex One server.
Solution:
This hotfix updates the Apex One server program to resolve this issue.
(SEG-48555)
When users install Apex One and use a domain account to connect to the database, the installation will not be able to create a database and iES will not be installed successfully.
Solution:
This hotfix updates the impersonate method to solve this issue.
(SEG-49534)
When the Apex One environment runs an sqlpackage older that 2016 or one that contains both x86 and x64 versions of version 2016, iES will not be able to create the database because of an incompatible sqlpackage version.
Solution:
This hotfix resolves the issue by enabling the installer to prioritize the x64 version of the sqlpackage during installation.
(SEG-50727)
When a user starts a Security Agent outside the corporate network, the Security Agent does not communicate on Online status to the Edge Relay Server.
Solution:
This hotfix updates Security Agent program to send an Online status to the Edge Relay Server as soon as the Security Agent program starts.
(SEG-51198)
The iAC lockdown feature does not work after users switch to a different user account.
Solution:
This hotfix ensures that the feature works normally.
(SEG-50399)
This hotfix updates the DLP template to reduce the performance impact of Apex One.
8. Contact Information
A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees.
Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.
http://www.trendmicro.com/us/about-us/contact/index.html
NOTE: This information is subject to change without notice.
9. About Trend Micro
Smart, simple, security that fits
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information.
Copyright 2019, Trend Micro Incorporated. All rights reserved.
Trend Micro, the t-ball logo, OfficeScan, Trend Micro Security (for Mac), Control Manager, Trend Micro Apex One, and Trend Micro Apex Central are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other product or company names may be trademarks or registered trademarks of their owners.
10. License Agreement
View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/license-agreements/
Third-party licensing agreements can be viewed:
- By selecting the "About" option in the application user interface
- By referring to the "Legal" page of the Administrator's Guide