Enhancements

• Updated Deep Security Agent kernel device module files to comply with Security-Enhanced Linux (SELinux) requirements. DSSEG-7378
• Deep Security Agent now reports host information with additional details. DS-72609
• Deep Security Agent now reports host metadata for installed software with additional details. DS-72608
• Updated Deep Security Agent to add multi-thread support for On-Demand scan and Scheduled Scan. DS-72797/DS-72798
• Deep Security Agent now supports the automatic update of Advanced TLS Traffic Inspection as operating system libraries change (Computer or Policy > Settings > TLS Inspection Package Update). This requires Deep Security Manager version 20.0.677+. DS-72828

Resolved issues

• Trust Entities settings were not being re-applied after turning Application Control off and back on again. SF05930535/SEG-152439/DS-73312
• When installed on a system that uses secure boot without importing the required sign key, Deep Security Agent generated an Anti-Malware Engine error code with "Reason ID: 13" when it should have generated the code with "Reason ID: 11". For details on Reason IDs, see Warning: Anti-Malware Engine has only Basic Functions. DS-72891
• Deep Security Agent reported host metadata in an unexpected format. DS-73411

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-8100/VRTS-8101/DS-73087/DS-72528

• Highest CVSS score: 7.0
• Highest severity: High

Enhancements

• Deep Security Agent now supports the automatic update of Advanced TLS Traffic Inspection as operating system libraries change (Computer or Policy > Settings > TLS Inspection Package Update). This requires Deep Security Manager version 20.0.677+. DS-72828

Resolved issues

• Integrity Monitoring events (Events & Reports > Integrity Monitoring) were created with "N/A" displayed in the KEY and TYPE columns. SF05533287/SEG-139293/DS-71899
• Updating Deep Security Agent and removing the expired TLS session key caused some systems to crash. SF06007238/SEG-153175/DS-73404
• With Anti-Malware enabled, some computers got stuck in a "Security Update In Progress" state. SF05106626/SEG-129777/DSSEG-7500
• With Deep Security Agent self-protection enabled, enabling or disabling Advanced TLS inspection service caused "Event ID 7006" in the Windows Service Control Manager. DS-73305
• Deep Security Agent reported host metadata in an unexpected format. DS-73411

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-8100/VRTS-8101/DS-73087/DS-72528

• Highest CVSS score: 7.0
• Highest severity: High

Enhancements

• Updated Deep Security Agent to add multi-thread support for On-Demand scan and Scheduled Scan. DS-72797/DS-72798

Resolved issues

• Deep Security Agent reported host metadata in an unexpected format. DS-73411

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-8100/VRTS-8101/DS-73087/DS-72528

• Highest CVSS score: 7.0
• Highest severity: High

Resolved issues

• Deep Security Manager sometimes displayed the wrong state for items in an Anti-Malware Report (Events & Reports > Generate Reports). SF05780825/SEG-149707/DS-72871
• With Perform Ongoing Recommendation Scans set to "Yes" and an Ongoing Scan Interval set at "4 Weeks" (Computer or Policy > Settings > General > Recommendations), Deep Security Manager executed the scans much more frequently than the set interval. SF05658685/SEG-148153/DSSEG-7707

New features:

• Activity Monitoring: Deep Security Agent supports Remote Shell response from the Trend Micro Vision One Portal. For details and a list of supported commands, see Remote Shell.

In preview:

• Activity Monitoring: Deep Security Agent now supports Custom Script response from Trend Micro Vision One Portal.
• Trigger or cancel a manual Scan: Deep Security Agent can trigger or cancel a manual scan when "Allow agent to trigger or cancel a manual scan from Trend Micro's notifier application" is selected (Computer or Policy > Anti-Malware > General > Manual Scan)).
• Security update rollbacks: Deep Security Agent now supports rolling back security updates.