This Critical Patch resolves the following issue(s):
An issue related to case-sensitivity settings may result in unsuccessful Active Directory synchronization.
Solution
This Critical Patch resolves the issue.
A known vulnerability (CVE-2018-1285) is found in Apache log4net 2.0.10 and earlier versions.
Solution
This Critical Patch updates the log4net version in Apex Central to enhance product security.
Active Directory user names containing a single quote character may cause the system to send email messages with the one-time report every minute.
Solution
This Critical Patch resolves the issue.
An issue related to security headers causes the "Control traffic on isolated endpoints" setting to be unconfigurable.
Solution
This Critical Patch resolves the issue.
A missing byte-order mark (BOM) in the CSV file exported from the User-Defined Suspicious Objects screen causes the system to display garbled text on the web console after importing the file.
Solution
This Critical Patch resolves the issue.
A known vulnerability (CVE-2022-31629) is found in PHP 7.4.32 and earlier versions.
Solution
This Critical Patch updates the PHP version in Apex Central to enhance product security.
A Session Fixation vulnerability is found in Apex Central.
Solution
This Critical Patch updates the related modules to protect against a potential security issue.
No logs display when users single sign-on to Apex One and try to perform a log search from the Agent Tree or view detection logs from the Dashboard.
Solution
This Critical Patch resolves the issue.
The following enhancements are included in this Critical Patch:
This Critical Patch adds a new CEF key "TMCMdevicePlatform" to include the operating system information in all detection syslogs.
This Critical Patch fixes the SQL injection security issue.
This Critical Patch enhances the performance of historical investigation when multiple Apex One servers are connected to Apex Central.
This Critical Patch enables Apex Central to support the "Network Content Inspection Engine (5.14, Kernel mode, 64-bit, Conf: 6500)" component for Trend Micro Deep Discovery Inspector 6.5.
This Critical Patch updates the related modules to prevent the username information from being exposed in the Uniform Resource Locator (URL).
This Critical Patch enables Apex Central to display Apex One (Mac) policies in Product Status View.
There are no files included in this Critical Patch release.
To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com
To access the Online Help, go to http://docs.trendmicro.com
1. Trend Micro Apex Central Build 3906 - Traditional Chinese - Windows - x32-x64
There are no known issues for this Critical Patch release.
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
The banner on the "User-Defined Suspicious Objects" tab contains inaccurate information.
Solution
This hotfix ensures that the banner displays accurate information.
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Solution
Procedure
An issue prevents automation APIs from relocating or uninstalling agents.
Solution
The hotfix helps ensure that agents can be relocated or uninstalled using automation APIs.
The Web Console Timeout setting does not work normally.
Solution
This hotfix ensures that the Web Console Timeout setting works normally.
Apex Central cannot overwrite policy settings when the Apex One agent changes a policy locally.
Solution
This hotfix ensures that policies are deployed normally.
An I18N issue is found in Users/Endpoints.
Solution
This hotfix resolves the I18N issue.
The pie chart in "DLP template Matches" widget displays the "Others" category even when the option is not selected.
Solution
This hotfix adds an additional filter logic to ensure that information categorized under "Others" does not appear in the pie chart when the option is not selected.
Apex Central deploys the wrong action setting for IP-type User-Defined Suspicious Objects (UDSO) that have been added to the SO list using Custom Intelligence Automation APIs.
Solution
This hotfix ensures that the correct action for IP-type USDOs are deployed to managed products.
The "Trusted Program List" of the Apex One Security Agent policy setting is case-sensitive.
Solution
This hotfix makes the "Trusted Program List" policy setting case-insensitive.
Uses cannot download and save reports when there are non-English alphanumeric characters in the report name.
Solution
This hotfix resolves the issue so users can save and download reports using file names with non-English alphanumeric characters.
Apex Central SaaS displays unrelated categories in static report template on Microsoft(TM) Internet Explorer(TM) 11.
Solution
The hotfix ensures that only the following four categories are displayed in static reports in Apex Central SaaS.
The "Virus Scan Engine (Windows XP/Server 2003, x64)" component name is no longer accurate since Control Manager stopped support for Microsoft(TM) Windows(TM) Server 2003.
Solution
This hotfix renames the "Virus Scan Engine (Windows XP/Server 2003, x64)" component to "Virus Scan Engine (Windows)".
Apex Central stops synchronizing the suspicious object (SO) list from Trend Deep Discovery Analyzer once multiple Deep Discovery Analyzers have registered to Apex Central.
Solution
This hotfix ensures that Apex Central synchronizes the SO list successfully when multiple Deep Discovery Analyzers are registered to Apex Central.
The "Pass/Log" action in "Intrusion Prevention" logs on log query results may confuse users.
Solution
This hotfix replaces the "Pass/Log" action on the log query results page to "Log" when in "detect only" mode.
This hotfix enables Apex Central to add user name information in Device Control syslog messages.
This hotfix ensures that sub services can restart normally after stopping unexpectedly.
This hotfix enables Apex Central to apply policies promptly to an agent that originally does not have a policy once it triggers a filter policy because of changes to its properties, such as an IP change resulting in matching the filter policy's criteria, instead of waiting until the daily policy re-enforcement to apply policies on the agent.
The original default values of "Maximum TCP Connections" and "Maximum UDP Connections" in the "Apex One Security Agent > Vulnerability Protection > Network Engine Setting" tab are too small and cause the generation of a large number of Intrusion Prevention logs.
This hotfix applies the following changes to limit the number of Intrusion prevention logs: