<<<>>> Trend Micro Incorporated June 21st, 2019 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Trend Micro(TM) Deep Discovery Analyzer 6.1 - Patch 1 English - Linux - 64 Bits Patch 1 Build 1163 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contents ============================================================================== 1. Patch Release Information 1.1 Resolved Known Issues 1.2 Enhancements 2. Documentation Set 3. System Requirements 4. Installation/Uninstallation 4.1 Installing 4.2 Uninstalling 5. Post-installation Configuration 6. Known Issues 7. Release History 7.1 Prior Hotfixes 8. Contact Information 9. About Trend Micro 10. License Agreement ============================================================================== 1. Patch Release Information ============================================================================== 1.1 Resolved Known Issues ============================================================================ There are no issues for this Patch release. 1.2 Enhancements ============================================================================ The following enhancements are included in this Patch: Enhancement 1: This patch enhances the firmware upgrade/patch/hotfix package to support digital signature. Enhancement 2: This patch enhances the SSH login authentication. 2. Documentation Set ============================================================================== To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com - Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining the product. To access the Online Help, go to http://docs.trendmicro.com - Installation Guide (IG): The Installation Guide contains information on requirements and procedures for installing and deploying the product. - Administrator's Guide (AG): The Administrator's Guide contains an overview of features and key concepts, and information on configuring and maintaining the product. - Getting Started Guide (GSG): The Getting Started Guide contains product overview, installation planning, installation and configuration instructions, and basic information intended to get the product 'up and running'. - Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. - To access the Support Portal, go to http://esupport.trendmicro.com 3. System Requirements ============================================================================== 1. Trend Micro Deep Discovery Analyzer 6.1 GM Build 1114 - English - Linux - x64 4. Installation/Uninstallation ============================================================================== This section explains key steps for installing the Patch. 4.1 Installing ============================================================================ 1. Copy the "ddan_61_lx_en_patch1_b1163.7z.tar" file to a local folder. 2. Open the Deep Discovery Analyzer web console. 3. Go to the "Administration > Updates > Hot Fixes/Patches" page. 4. Click "Browse" and select the "ddan_61_lx_en_patch1_b1163.7z.tar" file. 5. Click the "Install" button. The computer restarts automatically after the hotfix is installed successfully. 4.2 Uninstalling ============================================================================ This patch cannot be rolled back. 5. Post-installation Configuration ============================================================================== No post-installation steps are required. NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product. 6. Known Issues ============================================================================== There are no known issues for this Patch release. 7. Release History ============================================================================== For more information about updates to this product, go to: http://www.trendmicro.com/download 7.1 Prior Hotfixes ============================================================================ Only this hotfix was tested for this release. Prior hotfixes were tested at the time of their release. [Hotfix 1153] Issue: Deep Discovery Analyzer returns a server error when it receives a URL sample that contains square brackets in the domain part from other Trend Micro products. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix updates some internal modules to fix this issue. [Hotfix 1152] Issue 1: Under certain scenarios, the sample queue grows indefinitely and depletes the available RAM disk space. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix upgrades the Usandbox module to version 5.2.1205 with SandCastle 6.0.2846 to resolve this issue. Issue 2: The URL analysis module in Usandbox may stop responding while analysing a redirected URL that contains Unicode characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix upgrades the Usandbox module to version 5.2.1205 with SandCastle 6.0.2846 to resolve this issue. Issue 3: Attackers may be able to access sensitive information from some pages of the Deep Discovery Analyzer web console. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix updates some internal modules to remove this vulnerability. [Hotfix 1148] Issue 1: A user can download an investigation package through the URL in the web page source using an account without the necessary permissions. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates some internal modules to remove this vulnerability. Issue 2: The "Administration > System Maintenance > Power Off / Restart" page of the web management console may redirect to an untrusted site. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix updates some internal modules to remove this vulnerability. [Hotfix 1147] Issue 1: A prefetched HTML URL may not be sent to file sandbox when the HTTP response header does not have a reason phrase. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix upgrades the Usandbox module to version 5.2.1203 with SandCastle 6.0.2846 to fix this issue. Issue 2: An issue may prevent Usandbox from extracting certain URLs from Microsoft(TM) Office(TM) Word documents. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix upgrades the Usandbox module to version 5.2.1203 with SandCastle 6.0.2846 to fix this issue. Issue 3: The Microsoft Windows(TM) 10 RS3 image cannot be imported when the SMB v1 protocol is disabled in the image. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 3: This hotfix updates some internal modules to fix this issue. Issue 4: Hotfixes may fail to deploy from Deep Discovery Director to passive Deep Discovery Analyzer on cluster and high availability (HA) environments. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 4: This hotfix updates some internal modules to fix this issue. [Hotfix 1144] Issue: Sometimes, inaccurate widget average Virtual Analyzer processing time information appears on the "System Status" tab of the dashboard page. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix updates some internal modules to ensure that the information on the tab is accurate. Enhancement: This hotfix updates some internal modules in Deep Discovery Analyzer 6.1 GM build to enhance the Virtual Analyzer file types. [Hotfix 1138] Issue: False alarms may be triggered on a master Deep Discovery Analyzer when the heartbeat from the secondary Deep Discovery Analyzer is incomplete. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix upgrades some internal modules in Deep Discovery Analyzer to resolve this issue. [Hotfix 1136] Issue 1: An error happens when the ICAP server handles URLs that contain non-ASCII characters. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix updates the ICAP module to fix this issue. Issue 2: An issue may prevent Deep Discovery Analyzer from analyzing certain URLs that return a 404 response code in half-processing mode. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix upgrades the Usandbox module to version 5.2.1194 with SandCastle 6.0.2846 and updates some internal modules to ensure that Deep Discovery Analyzer can analyze these URLs normally in half-processing mode. [Hotfix 1132] Issue: The Web Management page of the Deep Discovery Analyzer console does not accept "1.1.1.1" for the Sandbox or System DNS server IP address. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution: This hotfix updates some internal modules in Deep Discovery Analyzer to allow users to use "1.1.1.1" for the Sandbox or System DNS server IP address. [Hotfix 1131] Enhancement: This hotfix upgrades the Usandbox module to version 5.2.1177 with SandCastle 6.0.2846 to support Microsoft(TM) Office(TM) 365 in Virtual Analyzer images. [Hotfix 1121] Issue 1: The root disk partition may become full when Deep Discovery Analyzer Threat Service is enabled. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 1: This hotfix upgrades the PSC module to ensure that the root disk partition usage remains normal when Threat Service is enabled. Issue 2: False alarms may be triggered during a scheduled Active Update (AU) components update. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Solution 2: This hotfix resolves this issue by upgrading some internal modules in Deep Discovery Analyzer. Enhancement: This hotfix upgrades the Usandbox module to version 5.2.1166 with SandCastle 6.0.2833. 8. Contact Information ============================================================================== A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees. Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products. http://www.trendmicro.com/us/about-us/contact/index.html NOTE: This information is subject to change without notice. 9. About Trend Micro ============================================================================== Smart, simple, security that fits As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information. Copyright 2019, Trend Micro Incorporated. All rights reserved. Trend Micro, Deep Discovery Analyzer, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies. 10. License Agreement ============================================================================== View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/license-agreements/ Third-party licensing agreements can be viewed: - By selecting the "About" option in the application user interface - By referring to the "Legal" page of the Administrator's Guide