1. Hotfix Release Information

Resolved Known Issues

Trend Micro Apex Central™ as a Service

This hotfix resolves the following issue(s):

Issue 1 (SEG-48480), (SEG-48481)

The Web Console Timeout setting does not work normally.

Solution:

This hotfix ensures that the Web Console Timeout setting works normally.

Issue 2 (SEG-52169)

Apex Central cannot overwrite policy settings when the Apex One agent changes a policy locally.

Solution:

This hotfix ensures that policies are deployed normally.

Issue 3 (SEG-56525)

An I18N issue is found in Users/Endpoints.

Solution:

This hotfix resolves the I18N issue.

Issue 4 (SEG-54122)

The pie chart in "DLP template Matches" widget displays the "Others" category even when the option is not selected.

Solution:

This hotfix adds an additional filter logic to ensure that information categorized under "Others" does not appear in the pie chart when the option is not selected.

Issue 5 (SEG-54401)

Apex Central deploys the wrong action setting for IP-type User-Defined Suspicious Objects (UDSO) that have been added to the SO list using Custom Intelligence Automation APIs.

Solution:

This hotfix ensures that the correct action for IP-type USDOs are deployed to managed products.

Issue 6 (SEG-56742)

An issue prevents automation APIs from relocating or uninstalling agents.

Solution:

This hotfix helps ensure that agents can be relocated or uninstalled using automation APIs.

Issue 7 (SEG-56480)

The "Trusted Program List" of the Apex One Security Agent policy setting is case-sensitive.

Solution:

This hotfix makes the "Trusted Program List" policy setting case-insensitive.

Issue 8 (SEG-55731)

Uses cannot download and save reports when there are non-English alphanumeric characters in the report name.

Solution:

This hotfix resolves the issue so users can save and download reports using file names with non-English alphanumeric characters.

Issue 9 (SEG-56044)

Apex Central SaaS displays unrelated categories in static report template on Microsoft(TM) Internet Explorer(TM) 11.

Solution:

The hotfix ensures that only the following four categories are displayed in static reports in Apex Central SaaS.

  • Executive summary
  • Desktop products
  • Data Loss Prevention
  • Data Discovery

Issue 10 (SEG-47407)

The "Virus Scan Engine (Windows XP/Server 2003, x64)" component name is no longer accurate since Control Manager stopped support for Microsoft(TM) Windows(TM) Server 2003.

Solution:

This hotfix renames the "Virus Scan Engine (Windows XP/Server 2003, x64)" component to "Virus Scan Engine (Windows)".

Issue 11 (SEG-53908)

Apex Central Log Queries take a very long time to complete when there are more than 200000 agents.

Solution:

This hotfix improves the Log Query performance when there are more than 200000 agents.

Issue 12 (SEG-56611)

Apex Central stops synchronizing the suspicious object (SO) list from Trend Deep Discovery Analyzer once multiple Deep Discovery Analyzers have registered to Apex Central.

Solution:

This hotfix ensures that Apex Central synchronizes the SO list successfully when multiple Deep Discovery Analyzers are registered to Apex Central.

Issue 13 (SEG-56555)

The "Pass/Log" action in "Intrusion Prevention" logs on log query results may confuse users.

Solution:

This hotfix replaces the "Pass/Log" action on the log query results page to "Log" when in "detect only" mode.

Trend Micro Apex One™ as a Service

This hotfix resolves the following issue(s):

Issue 1 (SEG-55348)

In rare situations, the Apex One Vulnerability Protection program uses up a huge amount of memory when processing a large number of Intrusion Prevention logs.

Solution:

This hotfix prevents the high memory usage issue when the Apex One Vulnerability Protection program processes a large number of Intrusion Prevention logs.

Issue 2 (SEG-56828)

When the trust permission of the Application Control Criteria is set to "Inheritable execution rights", the criteria information remains on the Apex One Security Agent database after users remove the criteria from the policy setting.

Solution:

This hotfix ensures that the criteria information can be removed normally from Apex One Security Agents.

Issue 3 (SEG-57051)

Duplicate Apex One agents appear in the Microsoft(TM) Windows(TM) Startup console.

Solution:

This hotfix updates the Apex One server programs to resolve this issue.

Issue 4 (SEG-55297), (SEG-57099)

An issue prevents Apex One as a Service from completing the backup task after collecting Endpoint Sensor logs using the Case Diagnostic Tool (CDT).

Solution:

This hotfix ensures that the backup task completes normally.

Issue 5 (SEG-56420)

A compatibility issue between the Apex One Security Agent and Microsoft Outlook prevents the Outlook send function from working normally.

Solution:

This hotfix updates the Behavior Monitoring module to resolve this issue.

Issue 6 (SEG-51567), (SEG-57603)

In rare instances, Apex One Security Agents may lose their policy binding when the Apex One server's database connection is unstable.

Solution:

This hotfix resolves the issue by improving the error-handling mechanism to handle database query errors more effectively.

Issue 7 (SEG-55005), (SEG-51373)

The Data Loss Prevention(TM) (DLP) module does not work on the Microsoft Edge web browser.

Solution:

This hotfix updates the DLP module to resolve this issue.

Issue 8 (SEG-55353)

During license key deployment, Endpoint Sensor may not be able to receive the product key and storage key properties.

Solution:

This hotfix improves the Apex One server's key deployment mechanism to solve this issue.

Issue 9 (SEG-55841)

When users deploy an agent policy to disable a group of agents and Endpoint Sensor has not been enabled in some of these agents before, the policy will remain in "Pending" status.

Solution:

This hotfix resolves the issue so the policy can be deployed successfully.

Issue 10 (SEG-52928)

Some Security Agents may be unable to retrieve new policy settings from the Apex Central server.

Solution:

This hotfix purges old policy records from the policy tracking table to fix this issue.

Issue 11 (SEG-56394)

Sometimes, Google Chrome 75 stops responding while Trend Micro Data Loss Prevention(TM) (DLP) is enabled.

Solution:

This hotfix updates the Apex One agent program to resolve the issue.

Trend Micro Apex One™ (Mac) as a Service

This hotfix resolves the following issue(s):

Issue 1

The tooltip on folders with names that contain special characters cannot be displayed normally on the Apex One (Mac) as a Service agent console.

Solution:

This hotfix enables Apex One (Mac) as a Service to URL encode the special characters to ensure that the tooltips display normally on the agent console.

Issue 2

Users cannot delete a custom scan file by clicking the X button on the Custom Scan Window on the Apex One (Mac) as a Service agent if the file name contains special characters.

Solution:

This hotfix enables Apex One (Mac) as a Service to URL encode the special characters so users can delete the custom scan file by clicking the X button on the page.


Enhancements

Trend Micro Apex Central™ as a Service

The following enhancements are included in this hotfix:

Enhancement 1 (SEG-52539)

This hotfix ensures that sub services can restart normally after stopping unexpectedly.

Enhancement 2 (SEG-56425)

This hotfix enables Apex Central to add user name information in Device Control syslog messages.

Enhancement 3 (SEG-57251)

This hotfix enables Apex Central to apply policies promptly to an agent that originally does not have a policy once it triggers a filter policy because of changes to its properties, such as an IP change resulting in matching the filter policy's criteria, instead of waiting until the daily policy re-enforcement to apply policies on the agent.

Enhancement 4 (SEG-56849)

The original default values of "Maximum TCP Connections" and "Maximum UDP Connections" in the "Apex One Security Agent > Vulnerability Protection > Network Engine Setting" tab are too small and cause the generation of a large number of Intrusion Prevention logs.

This hotfix applies the following changes to limit the number of Intrusion prevention logs:

  • Increasing the minimum value of "Maximum TCP/UDP Connection" for the Network Engine Setting to "2000"
  • Changing the default value to "1000000"
  • Applying the new default value to policies created with original default values

Enhancement 5 (SEG-57424)

The hotfix ensures that the policy status displays correctly after deployment.

Trend Micro Apex One™ as a Service

The following enhancements are included in this hotfix:

Enhancement 1 (SEG-56255)

This hotfix enables Apex One as a Service to support Microsoft Windows 8.0.

NOTE: If the security agent has been installed on Windows 8.0, it will be registered to the Apex One server after it restarts.

Enhancement 2 (SEG-56829)

The original default values of "Maximum TCP Connections" and "Maximum UDP Connections" in the "Apex One Security Agent > Vulnerability Protection > Network Engine Setting" tab are too small and cause the generation of a large number of Intrusion Prevention logs.

This hotfix applies the following changes to limit the number of Intrusion prevention logs:

  • Increasing the minimum value of "Maximum TCP/UDP Connection" for the Network Engine Setting to "2000"
  • Changing the default value to "1000000"
  • Applying the new default value to policies created with original default values

Enhancement 3 (SEG-55573)

This hotfix renames the "Certified Safe Software List" match method of the Apex One Application Control criteria to "Application Reputation List". This terminology gives users a better interpretation for the selected software such as safe, gray, or high risk software.

Enhancement 4 (SEG-57072)

To maximize system performance, Apex One server will be making adjustments on Apex One Security Agent Schedule Update Settings (Apex One web console: Updates > Agents > Automatic Update).

This hotfix adjusts the Apex One Security Agent Schedule Update Settings:

  • Removing "Minutes" and "0-11 Hours" options.
  • Setting minimum update setting to 12 hours.
  • Current update settings below 12 hours will automatically be adjusted to the minimum value.

Trend Micro Apex One™ (Mac) as a Service

The following enhancements are included in this hotfix:

Enhancement 1

This hotfix enhances the database encryption mechanism in Apex One (Mac) as a Service.

2. Documentation Set

    The document set includes:

  • Trend Micro Apex One™ as a Service documents
    • Readme: Contains a list of known issues and may also contain late-breaking product information not found in the Online Help or printed documentation.
    • Knowledge Base: An online database of problem-solving and troubleshooting information. It provides the latest information about known product issues. To access the Knowledge Base, go to the following website: http://esupport.trendmicro.com
  • Trend Micro Apex Central™ as a Service documents
    • Administrator's Guide: A PDF document that provides detailed instructions for how to configure and manage the Trend Micro Apex Central™ as a Service console and features.
    • Data Protection Lists (Chapter 1 only): A PDF document that lists predefined data identifiers and templates for Data Loss Prevention.
    • Widget and Policy Management Guide: Explains how to configure Dashboard widgets and Policy Management widgets on the Trend Micro Apex Central™ as a Service console.
    • Automation API Guide: A PDF document that explains how to use Trend Micro Apex Central™ Automation APIs.
    • Online Help: Provides "how to's", usage advice, and field-specific information. The Help is also accessible from the Trend Micro Apex Central™ as a Service console.
  • Trend Micro Apex One™ server documents
    • Administrator's Guide: A PDF document that discusses getting started information and Trend Micro Apex One™ server administration.
    • Online Help: Provides "how to's", usage advice, and field-specific information. The Help is accessible from the Trend Micro Apex One™ server, agent, and Policy Server consoles, and from the OfficeScan Master Setup.
  • Trend Micro Apex One™ (Mac) server documents
    • Administrator's Guide: A PDF document that discusses getting started information and Trend Micro Apex One™ (Mac) server administration.
    • Online Help: Provides "how to's", usage advice, and field-specific information for Trend Micro. The Help is also accessible from the Trend Micro Apex One™ as a Service console.
  • Security Agent documents
    • Trend Micro Apex One™ Security Agent Online Help: Discusses getting started information, Trend Micro Apex One™ Security Agent installation procedures, and Trend Micro Apex One™ Security Agent management.
    • Trend Micro Apex One™ Security Agent Readme: Contains a list of known issues and may also contain late-breaking product information not found in the Online Help or printed documentation.
    • Trend Micro Apex One™ (Mac) Security Agent Online Help: Discusses getting started information, Trend Micro Apex One™ (Mac) Security Agent installation procedures, and Trend Micro Apex One™ (Mac) Security Agent management.

    Download the latest versions of the PDF documents and readme at our online documentation.

3. Post-installation Configuration

No post-installation steps are required.

NOTE: Trend Micro recommends that you update your scan engine and virus pattern files immediately after installing the product.

4. Known Issues

Trend Micro Apex Central™ as a Service


Known issues in this release:

Known Issue 1

The file name of the attached ZIP file for a generated report contains garbled text if the report name contains non-alphanumeric characters.

Known Issue 2

The attached ZIP file for a generated report cannot be opened of the report name contains Traditional Chinese characters.

Known Issue 3

If Apex Central as a Service is the Node Apex Central of an on-premises Hub Apex Central server, Apex Central as a Service might not be able to receive Suspicious Object Lists from the on-premises Hub Apex Central.

To resolve this issue, contact your support representative.

Trend Micro Apex One™ as a Service


Known issues in this release:

Known Issue 1

Security Agent consoles running build 13.95 display an incorrect policy name. To resolve this issue, upgrade the Security Agent to 14.0. After the Security Agent contacts the server, the policy name displays correctly.

Known Issue 2

Off-premises and Security Agents in Independent mode cannot update the Certified Safe Software Pattern from external update sources.

Known Issue 3

Coexist mode Security Agents on endpoints with Windows Defender may experience installation issues or be unable to upload data to the Apex One server due to a file locking issue. To resolve this issue, add Endpoint Sensor (ESEServiceShell.exe and ESClient.exe) in the exclusions list of Windows Defender to prevent the locking issue.

Trend Micro Apex One™ (Mac) as a Service


Known issues in this release:

Known Issue 1

Endpoint Sensor processing of files on Mac endpoints is case insensitive. Preliminary investigation results on the Apex Central console include all entries for a file name with different capitalization.

Known Issue 2

After enabling the Scan Time Machine option for Manual Scan and Scheduled Scan, Apex One (Mac) cannot perform any actions (clean, quarantine, or delete) on detected malware threats due to a permission limitation in Mac OS. Configured scan actions are displayed as unsuccessful in the product logs.

5. Release History

Prior Hotfixes


Trend Micro Apex Central™ as a Service


Issue 1 of Hotfix 201907

(SEG-45082)

The license information of Trend Micro ServerProtect(TM) for Linux(TM) does not display in the product directory.

Solution:

This hotfix ensures that the ServerProtect for Linux license information does displays normally in the product directory.

Issue 2 of Hotfix 201907

(SEG-39862)

The MDR server receives incomplete log from Control Manager when network is slow.

Solution:

This hotfix would ensure that Control Manager send complete log to MDR server.

Issue 3 of Hotfix 201907

(SEG-47934)

The "Product Connection Status" widget does not display any information.

Solution:

This hotfix ensures that the "Product Connection Status" widget displays information normally.

Issue 4 of Hotfix 201907

(SEG-51696)

In the "Log Maintenance" page, the number of product event logs always shows "0" even when there are logs in tb_AVEventLog.

Solution:

This hotfix ensures that the correct product event log count displays on the "Log Maintenance" page.

Issue 5 of Hotfix 201907

(SEG-49098)

When users add a User-Defined Suspicious Object with Scan Action set to "Block", the action will be saved as "Log" instead of "Block".

Solution:

This hotfix resolves the issue to ensure that users can save User-Defined Suspicious Objects with "Block" scan action normally.

Issue 6 of Hotfix 201907

(SEG-51689)

The endpoint count on Compliance Reports generated by Control Manager does not match the actual Trend Micro OfficeScan(TM) agent count.

Solution:

This hotfix ensures that the correct endpoint count appears in Control Manager Compliance Reports.

Issue 7 of Hotfix 201907

(VRTS-3308), (VRTS-3300)

An information leakage issue was found in the Dashboard.

Solution:

This hotfix resolves the issue.

Issue 8 of Hotfix 201907

(VRTS-2782), (VRTS-3307), (VRTS-3303), (VRTS-2634), (VRTS-3302), (VRTS-3305), (VRTS-3306)

The Dashboard, LogQuery, Active Directory, and Compliance Settings pages of the Control Manager web console are affected by Reflected Cross-Site Scripting (XSS) issues.

Solution:

This hotfix removes these issues.

Issue 9 of Hotfix 201907

(SEG-50646), (SEG-50211)

An issue prevents Control Manager from applying Device Control Setting rules to the Trend Micro OfficeScan(TM) Agent Policy.

Solution:

This hotfix resolves the issue so Control Manager can apply Device Control Setting rules to the OfficeScan Agent Policy.

Issue 10 of Hotfix 201907

(SEG-49142)

A performance issue prevents the Control Manager web console from displaying Log Query results.

Solution:

This hotfix resolves the performance issue so Log Query results can be displayed normally.

Issue 11 of Hotfix 201907

(SEG-52299)

The AD sync function cannot work normally when there is a large number of AD Organizational Units (OU).

Solution:

This hotfix ensures that the AD sync function can handle a large number of AD OUs.

Issue 12 of Hotfix 201907

(SEG-53232)

The information in exported CSV and XML files may not match the corresponding information in the Control Manager web console.

Solution:

This hotfix ensures that the information in exported CSV and XML files match the information on the Control Manager web console.

Issue 13 of Hotfix 201907

(SEG-46083)

Control Manager could not deploy the policy to agents with an IP address in the IPv6 ISATAP format.

Solution:

This hotfix ensures that Control Manager translates the IPv6 ISATAP address to binary so it can deploy policies to affected agents correctly.

Issue 14 of Hotfix 201907

(SEG-50524)

Administrators cannot deploy policy settings from Control Manager to Apex One.

Solution:

This hotfix resolves the issue to ensure that Control Manager successfully deploys policy settings to Apex One.

Issue 15 of Hotfix 201907

(SEG-53424)

The Antivirus Pattern Compliance dashboard of Control Manager incorrectly shows "-1%".

Solution:

This hotfix ensures that Antivirus Pattern Compliance dashboard correctly shows the true value.

Issue 16 of Hotfix 201907

(SEG-50431)

The following Network Content Inspection Engine (NCIE) log headers are confusing users:

  • Traffic/Connection
  • Endpoint IP
  • Endpoint Port
  • Destination IP
  • Destination Port
  • Destination Domain
  • Target Process

Solution:

This hotfix renames the following Network Content Inspection Engine (NCIE) log headers to minimize confusion:

CONFUSING HEADING -> FIXED HEADING

  • Traffic/Connection -> Traffic Direction
  • Endpoint IP -> Local IP Address
  • Endpoint Port -> Local IP Address Port
  • Destination IP -> Remote IP Address
  • Destination Port -> Remote Address Port
  • Destination Domain -> Remote Domain
  • Target Process -> Process

Issue 17 of Hotfix 201907

(SEG-52169)

The Apex Central policy cannot overwrite an Apex One agent configuration that has been edited locally.

Solution:

This hotfix ensures that policies deployed to Apex One work normally.

Issue 18 of Hotfix 201907

(SEG-55203)

The scan exclusion settings for Apex One Security Agent child policies are lost if the parent policy is edited.

Solution:

This hotfix resolves the issue.

Enhancement 1 of Hotfix 201907

(SEG-25746)

This hotfix integrates Control Manager with version 9.1 of Trend Micro InterScan(TM) Messaging Security Suite (IMSS) for Linux(TM).

Enhancement 2 of Hotfix 201907

(SEG-45978)

This hotfix adds a new filter type "Unscannable message filter" in the log query page.

Enhancement 3 of Hotfix 201907

(SEG-48870)

This hotfix adds the new "Predictive Machine Learning Local File Model" pattern.

Enhancement 4 of Hotfix 201907

(SEG-47616)

This hotfix redefines the following variables in Trend Micro Data Loss Prevention(TM) (DLP) syslog content.

Product_Entity/Endpoint - endpoint name Managing_Server – Trend Micro OfficeScan(TM) server name

Enhancement 5 of Hotfix 201907

(SEG-46207)

This hotfix updates the Deep Discovery Advanced Filter search mechanism to prevent a UI script injection error.

Enhancement 6 of Hotfix 201907

(SEG-45978)

This hotfix renames the "Unscannable message filter" entry in the log query page to "Security risk scan filter".

Enhancement 7 of Hotfix 201907

(SEG-45978)

This hotfix renames the "Unscannable message filter" entry in the log query page to "Security risk scan filter".

Enhancement 8 of Hotfix 201907

(SEG-46207)

This hotfix updates the Deep Discovery Advanced Filter search mechanism to prevent a UI script injection error.

Enhancement 9 of Hotfix 201907

(SEG-41900)

This hotfix adds the following two fields in the "Incident Details" page.

  • Last modified date
  • Last modified by

Enhancement 10 of Hotfix 201907

(SEG-51288)

This hotfix adds the option to configure Apex Central to use a proxy server for hub/node registration and synchronization.

Enhancement 11 of Hotfix 201907

(SEG-54282)

This hotfix enables Control Manager to support TMES 1.6 Update 6.

Enhancement 12 of Hotfix 201907

(SEG-41891)

Duplicate GUID Agents now are recorded.

Enhancement 13 of Hotfix 201907

(SEG-54795)

The PHP execution time will be extended.

Enhancement 14 of Hotfix 201907

(SEG-54570), (SEG-54549)

Enhancement Trend Micro Security for Mac policy deployment on reliability and optimizing for huge amount of agent counts environment.

Enhancement 15 of Hotfix 201907

(SEG-52290)

This hotfix ensures that when users trigger the duplicate policy tasks, redundant tasks are not sent.

Enhancement 16 of Hotfix 201907

(SEG-54068), (SEG-53261)

This hotfix improves the performance of the policy detail pages of the Apex Central web console.

Enhancement 17 of Hotfix 201907

(SEG-52537)

This hotfix ensures that LogForwarder enables the ping function only when the connection protocol is UDP.

Enhancement 18 of Hotfix 201907

(SEG-55171)

Cloud service integration with Cloud App Security allows you to sweep protected mailboxes, correlate Active Directory user information, and generate Analysis Chains in Apex Central to better understand threat vectors and distribution across the entire network.

Issue 1 of Hotfix 201906

(SEG-45534)

If a child policy is set to inherit the settings from a parent policy that does not have a scan exclusion list, the child policy will not display the scan exclusion list after it is added to the parent policy.

Solution:

This hotfix ensures a child policy that is set to inherit the settings from a parent policy displays the scan exclusion list once it is added to the parent policy.

Issue 2 of Hotfix 201906

(SEG-45636)

Some user accounts that have just been assigned read only access roles receive "Scheduled incident summary" and "Scheduled incident increase" notifications.

Solution:

This hotfix ensures that user accounts that have read only access roles do not receive "Scheduled incident summary" and "Scheduled incident increase" notifications.

NOTE: This solution does not cover existing roles. You need to save each existing role again to apply the solution.

Issue 3 of Hotfix 201906

(SEG-49807)

The Application Control Criteria could not be exported in Microsoft(TM) Internet Explorer(TM) or Edge web browser.

Solution:

This hotfix updates the Apex Central files to fix this issue.

Issue 4 of Hotfix 201906

(SEG-49481)

Users cannot see the users and endpoints in the "User/Endpoint Directory" page in Internet Explorer 11.

Solution:

This hotfix ensures that the "User/Endpoint Directory" page displays normally in Internet Explorer 11.

Issue 5 of Hotfix 201906

(VRTS-3263), (VRTS-3192)

There are some Cross-Site Scripting (XSS) vulnerabilities in the "Policy Management" page.

Solution:

This hotfix removes these XSS vulnerabilities from the "Policy Management" page.

Issue 6 of Hotfix 201906

(SEG-49409)

The AD sync function cannot work normally when there is a large number of AD Organizational Units (OU).

Solution:

This hotfix ensures that the AD sync function can handle a large number of AD OUs.

Issue 7 of Hotfix 201906

(SEG-49993)

Users encounter an "Out of memory" error when synching the Active Directory (AD) if there is a large number of AD groups.

Solution:

This hotfix ensures that the AD sync function can handle a large number of AD groups.

Issue 8 of Hotfix 201906

(SEG-50522)

An issue prevents Apex Central from applying "Run cleanup when probable virus/malware is detected" to the Apex One Agent Policy.

Solution:

This hotfix resolves the issue .

Issue 9 of Hotfix 201906

(VRTS-3308)

The sample php files used to test for "log4php" show the internal path of applications.

Solution:

This hotfix removes this potential vulnerability.

Issue 10 of Hotfix 201906

(VRTS-2782), (VRTS-3307), (VRTS-3303), (VRTS-2634), (VRTS-3302), (VRTS-3305), (VRTS-3306)

The Dashboard, LogQuery, Active Directory, and Compliance Settings pages of the Apex Central web console are affected by Reflected Cross-Site Scripting (XSS) vulnerabilities.

Solution:

This hotfix removes these vulnerabilities.

Issue 11 of Hotfix 201906

(SEG-36321)

It takes long time to display the contents of Active Directory (AD) domains in the "User/Endpoint Directory" page.

Solution:

This hotfix improves the performance of some related queries so that the "User/Endpoint Directory" page can display the contents of AD domains faster.

Issue 12 of Hotfix 201906

(SEG-34084)

The scheduled hourly download job does not run on time.

Solution:

This hotfix ensures that the scheduled hourly download job runs on time.

Issue 13 of Hotfix 201906

(SEG-40641)

An issue prevents Node Apex Central from syncing the Suspicious Objects list with the Hub Apex Central.

Solution:

This hotfix resolves the issue so that Node Apex Central can sync the Suspicious Objects list with the Hub Apex Central successfully.

Issue 14 of Hotfix 201906

(SEG-41523)

Sometimes, Apex Central is unable to SSO to Apex One server.

Solution:

This hotfix ensures that Apex Central is able to SSO to Apex One server successfully.

Issue 15 of Hotfix 201906

(SEG-32352)

A high CPU usage issue occurs when the value of the "bigwatermark" field is NULL.

Solution:

This hotfix prevents the high CPU usage issue under this scenario.

Issue 16 of Hotfix 201906

(SEG-39360)

Data Discovery ad hoc query results cannot be generated.

Solution:

This hotfix ensures that the Data Discovery ad hoc query results contain complete and accurate information.

Issue 17 of Hotfix 201906

(SEG-44127)

The "AD connection disabled" warning icon appears in the "User/Endpoint Directory" page of the Apex Central console when the Active Directory (AD) server name is too long.

Solution:

This hotfix ensures that long AD server names no longer trigger the warning icon on the "User/Endpoint Directory" page.

Issue 18 of Hotfix 201906

(SEG-43280)

When the Active Directory (AD) filter is re-set, all child under a parent with a "half-checked" checkbox are not counted and re-selected.

Solution:

This hotfix ensures that when counting the total number of ADs, each parent with a half-checked checkbox counts and reselects all child under it.

Issue 19 of Hotfix 201906

(SEG-42916)

Users cannot Single Sign-On (SSO) to the Trend Micro Apex One web console from the Apex Central web console.

Solution:

This hotfix ensures that users can SSO to the Apex One web console from the Apex Central web console.

Issue 20 of Hotfix 201906

(SEG-40690)

A performance issue prevents users from downloading the "Unmanaged Endpoints" list from the Dashboard Operation Center widget.

Solution:

This hotfix resolves the performance issue so users can download the "Unmanaged Endpoints" list from the Dashboard Operation Center widget successfully.

Issue 21 of Hotfix 201906

(SEG-39577), (SEG-44216)

The "DLP Incidents by Channel" widget does not display any information when users click on the "Incidents by Action" pie chart.

Solution:

The hotfix ensures that the corresponding information displays after users click on the "Incidents by Action" chart on the "DLP Incidents by Channel" widget.

Issue 22 of Hotfix 201906

(SEG-43688)

Widgets in the "DLP Incident Investigation" page do not display any information.

Solution:

This hotfix ensures that widgets in the "DLP Incident Investigation" page display information normally.

Issue 23 of Hotfix 201906

(SEG-44877)

The C&C Callback Events widget does not display correct results.

Solution:

This hotfix ensures that the C&C Callback Events widget displays complete and accurate query results.

Issue 24 of Hotfix 201906

(SEG-43152)

In the "Scheduled/Manual update" pages, if a user saves changes to the settings a second time without refreshing the page and without changing the UNC password, the original UNC password will be cleared, resulting in update failures.

Solution:

This hotfix allows the user to save the changes in the "Scheduled/Manual update" pages multiple times without refreshing the pages.

Issue 25 of Hotfix 201906

(SEG-44397)

The scheduled hourly download job does not run on time.

Solution:

This hotfix ensures that the scheduled hourly download job runs on time.

Issue 26 of Hotfix 201906

(SEG-46675)

Users may not be able to see some Active Directory (AD) users under specific domains while adding users to the "Active Directory user or group" list.

Solution:

This hotfix ensures that users can view all users under each domain.

Issue 27 of Hotfix 201906

(SEG-47473)

On the Apex Central web console, "N/A" appears on the "Scan Method" column for Apex One agents that use "Conventional Scan".

Solution:

This hotfix ensures that the correct Apex One agent scan method information is displayed on the Apex Central web console.

Issue 28 of Hotfix 201906

(SEG-46058)

The scheduled hourly download job does not run on time.

Solution:

This hotfix ensures that the scheduled hourly download job runs on time.

Issue 29 of Hotfix 201906

(SEG-50522)

An issue prevents Apex Central from applying "Run cleanup when probable virus/malware is detected" to the apex One Security Agent Policy.

Solution:

This hotfix resolves the issue .

Issue 30 of Hotfix 201906

(SEG-49365)

An issue false to parse the Log Generation Time.

Solution:

This hotfix resolves the issue.

Enhancement 1 of Hotfix 201906

This hotfix adds a new "Syslog Settings" page where users can configure Apex Central to automatically forward supported log types to a syslog server.

Enhancement 2 of Hotfix 201906

This hotfix updates the Apex One 2019 files to support the lockdown assessment feature for Application Control. This new feature can be enabled from the Application Control policy setting in Apex Central.

Enhancement 3 of Hotfix 201906

This hotfix updates the "Top Blocked Application" widget in Apex Central. This widget provides an overview of the top applications that users attempted to access which violates an Application Control policy. This widget can use "process" or "file" as display type.

Enhancement 4 of Hotfix 201906

(SEG-47568), (SEG-47574)

This hotfix updates the Apex Central files to display more information about Application Control violation logs.

Enhancement 5 of Hotfix 201906

(SEG-49333)

This hotfix removes the following two event notifications:

  • Product service started
  • Product service stopped

Enhancement 6 of Hotfix 201906

(SEG-53430)

This hotfix introduces the following enhancements for Endpoint Sensor.

  • MITRE ATT&CK(TM) Enterprise Tactics and Techniques integration and AMSI information in Advance discovery detection logs and in related notifications and exported logs
  • Threat Connect and VirusTotal as third-party intelligence information in preliminary investigation, root cause analysis, and details investigation
  • Upgrades to the database schema and synchronization mechanism and related functions from the on-premises to the SaaS.
  • Support for preliminary investigation by querying meta using SHA-256 and MD5
  • Shortened meta upload frequency to 15 minutes
  • Investigation task management
  • Option to search for investigation tasks by endpoint names, IP addresses, task names, criteria and creators for One-time Investigation and Scheduled Investigation
  • RCA reports to contain invalid signer on visualized RCA information and explanation for suspicious objects
  • The option to show or hide the license request message in terms of license in the agent policy Converted TUID to GUID in inputs and outputs of the open API interfaces in open API

Enhancement 7 of Hotfix 201906

(SEG-42289)

This hotfix adds the "Risk Level" field in the Log Query page for Attack Discovery detections.

Enhancement 8 of Hotfix 201906

(SEG-43028)

This hotfix adds the following eight fields in the Log Query page for Attack Discovery detections.

  • Auth Priv Name
  • Auth Priv Attribute
  • Auth Priv Disable All
  • Source IP Address
  • Source IP Address Port
  • Destination URL
  • WMI Event
  • Windows Event Log Content

Enhancement 9 of Hotfix 201906

(SEG-50314)

This hotfix adds the following five fields in the Log Query page for Attack Discovery detections.

  • AMSI App Name
  • AMSI App File
  • AMSI App Version
  • AMSI App Content File
  • AMSI Content

Enhancement 10 of Hotfix 201906

(SEG-44954)

This hotfix enables the AD to sync with the Global Catalog and to support SSL connections.

Enhancement 11 of Hotfix 201906

(SEG-41759)

This hotfix allows users to import the Device Control approved list from the "Policies > Policy Resource > Device Control Approved Device List" page and apply the list to all Security Agent Policies.

Enhancement 12 of Hotfix 201906

(SEG-29449)

The hotfix enables Apex Central to use the report title to name the corresponding report notification email attachment.

Enhancement 13 of Hotfix 201906

(SEG-49374)

This hotfix updates the expression for the Data Loss Prevention(TM) (DLP) data identifier "Japan: Date" to the new era "令和".

Enhancement 14 of Hotfix 201906

Policy widget enhancements for Apex One (Mac):

  • Web Reputation: Includes a new option to send web reputation logs to the Apex One (Mac) server
  • Device Control: Allows underscores (_) for the vendor name in the USB Storage Approved List

Enhancement 15 of Hotfix 201906

The bell icon in the top right corner of the Apex Central management console provides information about new system updates, including when Apex One as a Service will be offline for scheduled maintenance.

Issue 1 of Hotfix 201905

(SEG-49078)

A missing setting in Apex Central causes the sp_BatchPurge process to go into an endless loop which then triggers a high DTU usage issue.

Solution:

This hotfix updates sp_BatchPurge to enable it to exit the endless loop normally to prevent the high DTU usage issue.

Issue 2 of Hotfix 201905

(SEG-49691)

Currently, when a product server queries Apex Central for Suspicious Object journals, and there are no new journals for that product server, the response body would be replaced by the IIS's custom response body, which may cause the product server to behave abnormally.

Solution:

This hotfix adds a setting in "web.config" which allows users to prevent the IIS server from replacing the response body with its own message.

Issue 1 of Hotfix 201903

(SEG-45472)

Users cannot export CSV files from the Log Query function when the value of the date is null in the database.

Solution:

The hotfix resolves this issue by enabling Apex Central as a Service to successfully export CSV files from the Log Query function even when the value of date is null in the database.

Issue 2 of Hotfix 201903

(SEG-44127)

The "AD connection disabled" warning icon appears in the "User/Endpoint Directory" page of the Apex Central as a Service console when the Active Directory (AD) server name is too long.

Solution:

This hotfix ensures that long AD server names no longer trigger the warning icon on the "User/Endpoint Directory" page.

Enhancement 1 of Hotfix 201903

(SEG-46311)

This hotfix extends the service response timeout setting to help prevent timeout issues.

Enhancement 2 of Hotfix 201903

(SEG-43646)

This hotfix hides non-endpoint features for "Reports" on the Apex Central as a Service web console.

Issue 1 of Hotfix 201902

(SEG-43087)

A "Proxy Execution Failed" error appears when users login to the Apex Central as a Service web console. This happens because an issue related to the tempdb out of space.

Solution:

This hotfix resolves the issue so tempdb does not run out of space and users can login to the Apex Central as a Service web console without any error.

Issue 2 of Hotfix 201902

(SEG-32352)

A high CPU usage issue occurs when the value of the "bigwatermark" field is NULL.

Solution:

This hotfix prevents the high CPU usage issue under this scenario.

Issue 3 of Hotfix 201902

(SEG-43497)

Users are redirected to blank result pages after clicking the respective links in the "DLP Incidents by Channel" and "DLP Template Matches" widgets.

Solution:

This hotfix ensures that the corresponding result pages display complete and accurate information.

Issue 4 of Hotfix 201902

(SEG-40588)

The policy deployment status of a new policy that is being deployed to agents remains "Pending".

Solution:

This hotfix ensures that the correct policy deployment status displays.

Issue 5 of Hotfix 201902

(SEG-42809)

When users create or modify a policy using IP address filtering in Microsoft(TM) Edge, the policy cannot be deployed.

Solution:

This hotfix ensures that users can create or modify a policy using IP address filtering in Microsoft Edge.

NOTE: The affected policies need to be reopened to reset the IP address range.

Issue 6 of Hotfix 201902

(SEG-43609)

A UUID index issue slows down the database performance.

Solution:

This hotfix prevents the performance issue by enabling related database tables to use sequential UUIDs.

Issue 1 of Hotfix 201901

(SEG-25274)

The Full Name of the Product Licensing Service (PLS) account is not updated when users re-run the AssignCustomer script.

Solution:

This hotfix updates the SaaS Utility Tool to help ensure that the full name of the PLS account can be updated successfully.

Issue 2 of Hotfix 201901

(SEG-42050)

The indices of Data Loss Prevention(TM) (DLP) related tables are based on GUID as a result, the indexes may fragment easily which raises the Apex Central as a Service database DTU.

Solution:

This hotfix prevents the issue by enabling Apex Central to rebuild the indices of DLP related tables at 00:00:30 daily.

Enhancement 1 of Hotfix 201901

(SEG-42436)

In reports, the x-axis labels on bar charts may overlap when there are multiple bars.

Procedure:

To configure the angle at for the x-axis labels in bar graphs on reports:

  1. Install this hotfix (see "Installation").
  2. Open the "Systemconfiguration.xml" file.
  3. Add the following key and set it to the preferred angle: m_iBarChart_XLabelAngle=y, supports values from -90 to 90
  4. Save the changes and close the file.

Issue 1 of Hotfix 201812

(SEG-40762)

The Apex One (Mac) 3.5 Policy Widget needs some updates to its input control feature and the corresponding information.

Solution:

This hotfix improves the Policy Widget input control and updates the required information.

Issue 2 of Hotfix 201812

(SEG-40762)

The specified "Maximum database size" setting under the WCU Endpoint Sensor Settings may not be sufficient.

Solution:

This hotfix changes the value of "Maximum database size" to 1 GB.

Issue 3 of Hotfix 201812

(SEG-40762)

There are WCU localization enhancements.

Solution:

This hotfix applies these enhancements.

Issue 4 of Hotfix 201812

(SEG-41100)

If the user clicked the generated link of root cause chain, the page may be blocked by the browser by default and the user may not notice the generated page.

Solution:

This hotfix adds a pop-up block warning when the generated root cause chain is blocked by the browser.

Issue 5 of Hotfix 201812

(SEG-40386)

Trend Micro Apex Central as a Service does not update the product profile string promptly after a product updates it profile. As a result, the old product profile still appears on the Apex Central as a Service web console.

Solution:

This hotfix ensures that product profile updates are saved promptly and appear on the Apex Central as a Service web console.

Enhancement 1 of Hotfix 201812

(SEG-40545)

This hotfix updates the support link for Apex Central/Apex One.

Enhancement 2 of Hotfix 201812

(SEG-40496)

This hotfix replaces the Secunia vulnerability information with TippingPoing vulnerability information.

Trend Micro Apex One™ as a Service


Issue 1 of Hotfix 201907

(SEG-52231)

A specific keyword triggers the Data Loss Prevention(TM) (DLP) template that does not have any criteria specified.

Solution:

This hotfix updates the DLP template to resolve this issue.

Issue 2 of Hotfix 201907

(SEG-52191)

If DLP is enabled, Google(TM) Chrome(TM) stops unexpectedly when users add an attachment or email addresses into the "BCC" field of an email message in Gmail.

Solution:

This hotfix updates the DLP module to resolve this issue.

Issue 3 of Hotfix 201907

(SEG-52233)

The OfficeScan DLP module cannot properly block users from uploading file attachments in version 75 of the Google Chrome web browser.

Solution:

This hotfix updates the DLP module to enable it to block the upload of file attachments on Google Chrome 75.

Issue 4 of Hotfix 201907

(SEG-54020)

An issue prevents the DLP content filter from detecting specific scripts or source codes.

Solution:

This hotfix updates the DLP template to resolve this issue.

Issue 5 of Hotfix 201907

(SEG-52269)

If the activation (AC) key is deployed after its expiration date has been extended, the ES service will still receive the original expiration date.

Solution:

This hotfix ensures that the ES service will receive the AC key's new expiration date.

Issue 6 of Hotfix 201907

(SEG-54380)

The Endpoint Sensor may purge the Root Cause Analysis results by mistake when Apex Central is managing more than one Apex One server.

Solution:

This hotfix resolves the issue.

Issue 7 of Hotfix 201907

(SEG-52034)

In rare instances, the Endpoint Sensor may receive the investigation results from an agent at the same time that the same agent is being uninstalled. When this happens, the Endpoint Sensor may not be able to send all the results back to TIC.

Solution:

This hotfix prevents this issue.

Issue 8 of Hotfix 201907

(SEG-54769)

During an upgrade, the Security Agent attempts to verify the digital signatures of legacy files removed in a previous update. After being unable to verify the files, the Security Agent begins an infinite verification loop.

Solution:

This hotfix allows the Security Agent to skip the verification of the missing legacy files to avoid the infinite loop.

Enhancement 1 of Hotfix 201907

(SEG-53333)

This hotfix enables the DLP module to support version 75 of the Google Chrome web browser.

Issue 1 of Hotfix 201906

(SEG-50759)

The CMAgent service may stop unexpectedly while Apex One sends spyware logs to Apex Central.

Solution:

This hotfix resolves the issue by enabling Apex One to re-initialize the structure of spyware logs before sending the logs to Apex Central.

Issue 2 of Hotfix 201906

(SEG-47641)

An issue prevents the Apex One Data Loss Prevention(TM) (DLP) module from blocking the transfer of sensitive information to "dlptest.com".

Solution:

This hotfix updates the parsers for "dlptest.com" to ensure that these can block the transfer of sensitive information to the website.

Issue 3 of Hotfix 201906

(SEG-47372)

While browsing websites, users may encounter the message blocked pop-up message from the Apex One security agent even when the security agent did not block any message.

Solution:

This hotfix resolves the issue by updating the Apex One security agent program.

Issue 4 of Hotfix 201906

(SEG-53820)

The iVP server service cannot start while processing a specific certificate.

Solution:

This hotfix updates the iVP server to prevent the certificate processing error.

Enhancement 1 of Hotfix 201906

(SEG-53430)

Apex One Security Agents with or without the Endpoint Sensor feature enabled support the Windows 10 May 2019 (1903/19H1) release.

Issue 1 of Hotfix 201905

(SEG-48570)

The Apex Central server cannot receive logs from the Apex One server due to an incorrect status log value.

Solution:

This hotfix updates the Apex One server to prevent the incorrect status log value.

Issue 2 of Hotfix 201905

(SEG-46217)

The Apex One Data Loss Prevention(TM) (DLP) module does not work in Google Chrome with HTTPS.

Solution:

This hotfix resolves the issue by updating the DLP module.

Issue 3 of Hotfix 201905

(SEG-47987)

There is a large number of notification messages in the queue which leads to a high memory usage issue and causes Apex One to restart.

Solution:

This hotfix enables Apex One to free unused memory to fix this issue.

Issue 4 of Hotfix 201905

(SEG-49838)

The Apex One server does not send the policy information to Apex Central after deploying a policy.

Solution:

This hotfix updates the Apex One server program to resolve this issue.

Issue 5 of Hotfix 201905

(SEG-48866)

Users may not be able to add a domain from the Apex One agent tree of the Apex One web console when importing the server settings from another supported server version and Agent Grouping is enabled.

Solution:

This hotfix resolves the issue by ensuring that the Apex One Settings Export Tool retrieves the correct configuration file.

Issue 6 of Hotfix 201905

(SEG-50054), (SEG-49287)

The Apex One NT Listener service ("TmListen.exe") may stop unexpectedly after users enable the "NIC description" option on the Apex One Firewall Profiles and apply the settings to Apex One security agents.

Solution:

This hotfix resolves the issue by updating the Apex One security agent program.

Issue 7 of Hotfix 201905

(SEG-45353)

The Security Agent program may become corrupted when users install it from the MSI installation package (Windows Installer) using the wrong command in the command line.

Solution:

This hotfix enables the Security Agent installation to abort the MSI installation process if it encounters an unexpected command.

Issue 8 of Hotfix 201905

(SEG-46868)

When the system installs or upgrades a third-party software, it tries to access some registry keys under the tbimdsa registry key, which may cause the software installation to fail.

Solution:

This hotfix provides a way to disable the self-protection only function of the tbimdsa registry key to help ensure that third-party software installation and upgrades proceed normally.

Procedure:

To disable the self-protection only function of the tbimdsa registry key:

  1. Install this hotfix (see "Installation").
  2. Open the "ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One installation directory.
  3. Under the "Global Setting" section, manually add the following key and set its value to "1".
  • [Global Setting]
  • SP_DisableTbimdsaRegistryKeyProtection = 1 NOTE: Setting the value to "1" disables the tbimdsa registry key self-protection only feature.
  1. Save the changes and close the file.
  2. Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
  3. Click "Save" to deploy the following setting to clients.
  • Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro\PC-cillinNTCorp\CurrentVersion\AEGIS
  • Key: SP_DisableTbimdsaRegistryKeyProtection
  • Type: DWORD
  • Value: 1
  1. Restart Apex One agents.

Issue 9 of Hotfix 201905

(VRTS-3162)

An attacker may be able to force the Security Agent console process (PccNT.exe) to load a malicious .dll file from a specified directory.

Solution:

This hotfix updates the Security Agent program to resolve this DLL injection vulnerability.

Enhancement 1 of Hotfix 201905

(SEG-46754)

This hotfix updates the Apex One Security Agent program to allow users to disable the balloon notification when a scheduled scan starts.

Procedure:

To disable the balloon notification when a scheduled scan starts:

  1. Install this hotfix (see "Installation").
  2. Open the "Ofcscan.ini" file in the "\PCCSRV\" folder on the Apex One server installation directory.
  3. Under the "Global Setting" section, manually add the following keys and values.
  • [Global Settings]
  • SkipBalloonNum=1
  • SkipBalloonID0=104
  1. Save the changes and close the file.
  2. Open the Apex One web console and go to the "Agents > Global Agent Settings" screen.
  3. Click "Save" to deploy the setting to clients. The Apex One server deploys the command to Security Agent and adds the following registry entry on all Security Agent computers:
  • Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro \PC-cillinNTCorp\CurrentVersion\Misc.
  • Key: SkipBalloonNum
  • Type: DWORD
  • Value: 1
  • Path: HKEY_LOCAL_MACHINE\SOFTWARE\TrendMicro \PC-cillinNTCorp\CurrentVersion\Misc.
  • Key: SkipBalloonID0
  • Type: DWORD
  • Value: 104

Enhancement 2 of Hotfix 201905

(SEG-49840)

This hotfix updates the DLP template to reduce the performance impact of Apex One.

Issue 1 of Hotfix 201904

(SEG-46565)

The Ipxfer tool does not work on a domain switching Apex One security agent.

Solution:

This hotfix resolves the issue by updating the program version logic condition to use the correct API.

Issue 2 of Hotfix 201904

(SEG-46645)

The Web Reputation HTTPS filtering feature does not work on the Google Chrome web browser.

Solution:

This hotfix updates the User-Mode Hooking (UMH) module to solve this issue.

Issue 3 of Hotfix 201904

(SEG-47997)

The Apex One Application Control lockdown feature does not work after users switch to a different user account.

Solution:

This hotfix ensures that the feature works normally.

Issue 4 of Hotfix 201904

(SEG-46703)

After migrating agents from Trend Micro OfficeScan(TM) to Apex One, the corresponding uninstall entry in the Microsoft(TM) Windows(TM) "Programs and Features" list still appears as "Trend Micro OfficeScan Agent".

Solution:

This hotfix updates the Apex One Security Agent program to ensure that the uninstall entry updates automatically.

Enhancement 1 of Hotfix 201904

(SEG-44852)

This hotfix enables users to repack the Security Agent MSI installer package to include the latest version of the Smart Scan Pattern.

Procedure:

To repack the Security Agent MSI installer package to include the latest version of the Smart Scan Pattern.

  1. Install this hotfix (see "Installation").
  2. Open the "ofcserver.ini" file in the "\PCCSRV\Private\" folder on the Apex One server installation directory using a text editor.
  3. Under the "[INI_PACK_MSI_SECTION]" section, manually add the following key, and set its value to "1".
  • [Global Setting]
  • PackMSIWithLatestiCRCPattern=1
  1. Save the changes and close the file.
  2. Single Sign-On (SSO) to the Apex One web console from Apex Central. Click "Agents > Agent Packaging Tool > Repackage Now" and wait for the package repack to complete.

Issue 1 of Hotfix 201903

(SEG-43575)

After moving an Apex One as a Service Security Agent to a new domain, the Security Agent automatically applies all the policy settings of the new domain. This occurs because the "Apply settings of new domain to selected agents" is enabled by default on the "Move Agent" screen.

Solution:

After applying this hotfix, Security Agents being moved to new domains will not apply the policy settings of the new domain but will retain the existing policy settings.

Issue 2 of Hotfix 201903

(SEG-45136), (SEG-45877)

When users deploy a policy from the Apex Central console, the Apex One as a Service Security Agents do not receive the settings automatically even when the policy status has changed to "Deployed" on the Apex Central web console.

Solution:

This hotfix resolves this issue to ensure that Security Agents receive all the settings after a policy is deployed.

Issue 3 of Hotfix 201903

(SEG-45211)

When the "Do not allow users to access the Security Agent console from the system tray or Windows Start menu setting" option is enabled on the Apex One as a Service web console, the Apex One Security Agent console cannot be accessed while "PccNT.exe" is running.

Solution:

This hotfix updates a parameter in "wofielauncher.exe" to resolve the issue.

Issue 4 of Hotfix 201903

(SEG-45529)

A Behavior Monitoring application error appears in the Microsoft(TM) Windows(TM) event log.

Solution:

This hotfix updates the Behavior Monitoring module to resolve this issue.

Issue 5 of Hotfix 201903

(SEG-45081)

If a user clicks the "Stop" button and then the "Cancel" button while the agent updates components or runs a scan, the process state is terminated automatically.

Solution:

This hotfix ensures that Apex One does not terminate the process state under the scenario described above.

Issue 6 of Hotfix 201903

(SEG-45885)

Users encounter the following:

  • The Application Control agent stops unexpectedly while querying the Active Directory server.
  • The Application Control agent may run into a memory leak issue.

Solution:

This hotfix resolves all three issues described above.

Issue 7 of Hotfix 201903

(SEG-45785)

After users deploy the Vulnerability Protection policy to agents, the policy status on the Apex central console is not updated promptly.

Solution:

This hotfix updates the Trend Micro Vulnerability Protection module to resolve this issue.

Issue 8 of Hotfix 201903

(SEG-45617)

When the Application Control module is enabled, Security Agents download the Trend Micro Certified Safe Software Service (TMCSSS) pattern weekly. Since each pattern can be up to 100 MB in size, these files may eventually use up all available disk space on the Apex One server.

Solution:

This hotfix prevents the issue by enabling the Apex One server to keep only the two latest TMCSSS pattern files.

Issue 9 of Hotfix 201903

(SEG-40590)

An Apex One agent that runs on Windows 7 and automatically detects proxy settings will not be able to connect to the Apex One server.

Solution:

This hotfix resolves the issue by updating the Apex One agent program to ensure that it can retrieve the correct proxy configuration.

Issue 10 of Hotfix 201903

(SEG-43854), (SEG-45538)

After uninstalling the Apex One Security Agent from a computer, the uninstall entry still appears in the Windows "Apps & features > Programs and Features" list.

Solution:

This hotfix resolves the issue by updating the Apex One Security Agent program.

Enhancement 1 of Hotfix 201903

(SEG-43655)

Under certain conditions, the Apex One Application Control module sends large amounts of detection logs within a short period which can cause the server side database to grow quickly.

Issue 1 of Hotfix 201902

(SEG-43112)

In certain environments, the "Apex Central Policy Status" page displays the deployment progress slowly or the deployment status may also remain in "Pending" state.

Solution:

This hotfix improves the policy target accuracy for more effective policy deployment.

Issue 2 of Hotfix 201902

(SEG-42993)

The Apex One database service stops unexpectedly while updating the policy status.

Solution:

This hotfix updates the Apex One database server file to resolve this issue.

Issue 3 of Hotfix 201902

(VRTS-2993)

The "Component Versions" screen of the Apex One as a Service Security Agent console may be affected by a cross-site scripting (XSS) vulnerability.

Solution:

This hotfix updates the Apex One as a Service Security Agent program to resolve the vulnerability.

Issue 1 of Hotfix 201901

(SEG-40263), (SEG-40628), (SEG-41287)

The Apex One server side sometimes receives a null policy token from the Security Agent. Due to this issue, administrators are unable to update the corresponding policy status.

Solution:

This hotfix enhances the error handling mechanism to find the appropriate globally unique identifier (GUID) of a policy for policy status reporting, even if the reported policy status includes a null policy token.

Issue 2 of Hotfix 201901

(SEG-40263), (SEG-40628), (SEG-41287)

Customer environments may encounter issues wherein the Apex Central policy status page remains stuck in the "Pending" state.

Solution:

This hotfix enhances the policy status tracking mechanism to handle long policy targets in batches.

Issue 3 of Hotfix 201901

(SEG-41746), (SEG-41287)

Customer environments may observe that the "Apex Central Policy Status" page reflects the deployment progress slowly or the status suddenly changes to "Pending" state.

Solution:

This hotfix enhances the Apex One server to handle only the policy targets that have been updated -- instead of handling all the policy targets each time. This update helps reduce the processing efforts in the dynamic filter triggered policy deployment.

Issue 4 of Hotfix 201901

(SEG-42101)

Users may observe that the Apex Central Policy Status page includes some offline agents that are currently in a pending state.

Solution:

The hotfix enhances the online/offline status accuracy to correct some of the policy pending issues.

Issue 5 of Hotfix 201901

(SEG-42249)

When using Apex One as an upgraded service environment, the system filters out older agent versions of OfficeScan XG Service Pack 1, causing these agents to remain in a pending status. This issue occurs when OfficeScan XG Service Pack 1 agent does not include iProducts.

Solution:

This hotfix enables Apex One to recognize the older versions of the Security Agents and sets the correct policy status accordingly.

Issue 6 of Hotfix 201901

(SEG-40735)

Under certain scenarios, the Trend Micro Watchdog process stops unexpectedly.

Solution:

This hotfix updates the Trend Micro Watchdog module to resolve this issue.

Issue 7 of Hotfix 201901

(SEG-40548)

The link to the support page in the Apex One as a Service console redirects to the on premise OfficeScan page.

Solution:

This hotfix updates the support link to redirect to the correct Apex One as a Service support page.

Issue 8 of Hotfix 201901

(SEG-42331), (SEG-41746)

The following error appears on the policy status in the Apex Central console:

"Vulnerability Protection Service: System error. Error ID:420."

Solution:

This hotfix updates the Trend Micro Vulnerability Protection module to prevent the error.

Issue 1 of Hotfix 201812

(SEG-41585)

A memory leak issue related to the Apex One Master Service prevents users from performing a Single Sign-on (SSO) to the Apex One console from the Apex Central console.

Solution:

This hotfix updates the Apex One server program to enable it to free unused memory promptly to prevent the memory leak issue.

Issue 2 of Hotfix 201812

(SEG-40862)

The Predictive Machine Learning feature may prevent users from saving Microsoft(TM) Office files normally.

Solution:

This hotfix mitigates the probability of this issue by enabling Apex One as a Service to allow Office programs to run with deferred scanning by Predictive Machine Learning.

Trend Micro Apex One™ (Mac) as a Service


Enhancement 1 of Hotfix 201907

This hotfix improves SQL query performance when retrieving client status information for Apex Central.

Enhancement 2 of Hotfix 201907

This hotfix enhances the endpoint sensor data collection mechanism to filter out some noise data.

Enhancement 3 of Hotfix 201907

This hotfix enhances the Apex One (Mac) agent's scanning performance in Mac OS 10.14.

Enhancement 1 of Hotfix 201906

This hotfix improves the error handling mechanism of the Apex One (Mac) 2019 server.

Enhancement 1 of Hotfix 201904

This hotfix updates the Apex One (Mac) as a Service server configuration.

Issue 1 of Hotfix 201902

(SEG-43563)

Launching the Apex One (Mac) agent console from the toolbar can cause a Mac running on the Mojave platform to stop unexpectedly.

Solution:

This hotfix enables the Apex One (Mac) agent to support Mojave platform variables to fix this issue.

Enhancement 1 of Hotfix 201902

Two "X" text clear buttons appear in the "Search for endpoints" input box when you open the Apex One (Mac) web console on Microsoft(TM) Internet Explorer(TM) or Edge.

Enhancement 2 of Hotfix 201902

In Internet Explorer, long user names appear garbled on the top right corner of the Apex One (Mac) web console.

Enhancement 1 of Hotfix 201901

This hotfix improves the error handling mechanism of the Apex One (Mac) 2019 server's move agent function and ensures that the correct error message displays.

6. Contact Information

A license to Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, you must renew Maintenance on an annual basis at Trend Micro's then-current Maintenance fees.

Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.

http://www.trendmicro.com/us/about-us/contact/index.html

NOTE: This information is subject to change without notice.

7. About Trend Micro

Smart, simple, security that fits

As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information.

Copyright 2019, Trend Micro Incorporated. All rights reserved.

Trend Micro, Trend Micro Apex Central, Trend Micro Apex One, Trend Micro Apex One (Mac) and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies.

8. License Agreement

View information about your license agreement with Trend Micro at: http://www.trendmicro.com/us/about-us/legal-policies/license-agreements/

Third-party licensing agreements can be viewed:

  • By selecting the "About" option in the application user interface
  • By referring to the "Legal" page of the Administrator's Guide