Deep Security Linux Agent - 20.0.0-6313 (20 LTS Update 2023-01-31)
Deep Security Agent - 20.0.0-6313 (20 LTS Update 2023-01-31)
Release date: January 31, 2023
Build number: 20.0.0-6313New feature
- Agent self-protection: This feature helps prevent users on the local system from tampering with the agent. For more information, and help configuring agent self-protection, see Enable or disable agent self-protection in Linux.
- Rocky Linux 9 support: Deep Security Agent (version 20.0.0-6313+) now supports Rocky Linux 9, including FIPS mode and Secure Boot support (This requires Deep Security Manager version 20.0.716+). DS-73727
Enhancements
- Deep Security no longer supports certificates signed with the SHA-1 algorithm. The agent now requires SSL certificates issued using SHA-256 to communicate with the Deep Security Manager. C1WS-5676
- To prevent communication errors between the Deep Security Agent and Deep Security Manager, follow the instructions to Upgrade the Deep Security cryptographic algorithm.
- If one of more agents were updated to version 20.0.0-6313 or newer before upgrading the cryptographic algorithms, follow the steps in Deep Security Agent (DSA) offline when OpenSSL 3 rejects certificate with SHA-1 algorithm.
- With Anti-Malware and Behavior Monitoring enabled, Deep Security Agent now monitors for suspicious behavior to improve protection against MITRE attack scenarios. This functionality requires Deep Security Manager version 20.0.716+. DS-73644
- Deep Security Agent (version 20.0.0-6313+) now supports FIPS mode for Oracle Linux 8. (This requires Deep Security Manager version 20.0.711+). DS-73778
What's new in Deep Security Agent? | Deep SecurityResolved issues
- For component updates, Deep Security Agent would attempt with and without use of a proxy and generate an event for each attempt. To make event reporting more straightforward, this behavior has been changed so that after a successful update the agent will only show the final successful event. SF06207160/SEG-160085/DSSEG-7765
- Deep Security Agent crashes and issues connecting with Deep Security Manager caused Anti-Malware Offline events. SF06061098/SEG-154701/DS-74665
- With Web Reputation Enabled, some characters entered in console commands were not being parsed properly. For example, an underscore (_) entered in a command was replaced with a dash (-), and an uppercase Z was replaced with a lowercase z. DS-74335
With Activity Monitoring enabled, a connectivity issue caused Deep Security agents to appear offline for some Trend Micro Cloud One - Workload Security customers. The agent introducing this issue is no longer available. For more details, please see Removal of Deep Security Agent 20.0.0-5953 for Linux. SEG-161456
- With Activity Monitoring enabled, the internal MQTT channel sometimes became inaccessible. This caused high CPU usage and Deep Security Agent errors (MQTT offline, hub is busy, cannot connect to dsa-connect) as well as Trend Micro Vision One connectivity loss and the inability to send telemetry. SEG-160263/SEG-161138/SEG-160116/SEG-159318/DS-74638/DS-75367/DS-75193
- Application Control sometimes failed to block programs running in namespace mode. SF05929869/SEG-151363/DS-74116
- Integrity Monitoring sometimes failed to create events after running certain console commands (for example, passwd or mv commands). 05718251/SEG-148552/DS-72643
- Older Application Control events were not being removed from the database as intended, causing the events.db file size to increase indefinitely. SF06172729/SEG-159548/DS-74706
- When Integrity Monitoring event generation is interrupted by a process or system crash, it could lead to incorrect events being created. SF05508030/SEG-138756/DS-72470
Deep Security Windows Agent - 20.0.0-6313 (20 LTS Update 2023-01-31)
Deep Security Agent - 20.0.0-6313 (20 LTS Update 2023-01-31)
Release date: January 31, 2023
Build number: 20.0.0-6313New features
Enhancements
- Deep Security no longer supports certificates signed with the SHA-1 algorithm. The agent now requires SSL certificates issued using SHA-256 to communicate with the Deep Security Manager. C1WS-5676
- To prevent communication errors between the Deep Security Agent and Deep Security Manager, follow the instructions to Upgrade the Deep Security cryptographic algorithm.
- If one of more agents were updated to version 20.0.0-6313 or newer before upgrading the cryptographic algorithms, follow the steps in Deep Security Agent (DSA) offline when OpenSSL 3 rejects certificate with SHA-1 algorithm.
- With Anti-Malware and Behavior Monitoring enabled, Deep Security Agent now monitors for suspicious behavior to improve protection against MITRE attack scenarios. This functionality requires Deep Security Manager version 20.0.711+. DS-73644
- Updated Deep Security Agent to support the "Trend Micro Toolbar for Enterprise" Chrome browser extension, improving HTTPS protection for Web Reputation Service. DS-74870
What's new in Deep Security Agent? | Deep SecurityResolved issues
- Deep Security Agent sometimes caused file handle leaks when communicating with Deep Security Manager or agent command-line tools. DS-75111
- For component updates, Deep Security Agent would attempt with and without use of a proxy and generate an event for each attempt. To make event reporting more straightforward, this behavior has been changed so that after a successful update the agent will only show the final successful event. SF06207160/SEG-160085/DSSEG-7765
- With Web Reputation Enabled, some characters entered in console commands were not being parsed properly. For example, an underscore (_) entered in a command was replaced with a dash (-), and an uppercase Z was replaced with a lowercase z. DS-74335
Deep Security UNIX Agent - 20.0.0-6313 (20 LTS Update 2023-01-31)
Deep Security Agent - 20.0.0-6313 (20 LTS Update 2023-01-31)
Release date: January 31, 2023
Build number: 20.0.0-6313Enhancements
- Deep Security no longer supports certificates signed with the SHA-1 algorithm. The agent now requires SSL certificates issued using SHA-256 to communicate with the Deep Security Manager. C1WS-5676
- To prevent communication errors between the Deep Security Agent and Deep Security Manager, follow the instructions to Upgrade the Deep Security cryptographic algorithm.
- If one of more agents were updated to version 20.0.0-6313 or newer before upgrading the cryptographic algorithms, follow the steps in Deep Security Agent (DSA) offline when OpenSSL 3 rejects certificate with SHA-1 algorithm.
What's new in Deep Security Agent? | Deep SecurityResolved issues
- Updated Deep Security Agent for AIX platforms to support Advanced Threat Scan Engine (ATSE) version 21.600. DS-75323
- For component updates, Deep Security Agent would attempt with and without use of a proxy and generate an event for each attempt. To make event reporting more straightforward, this behavior has been changed so that after a successful update the agent will only show the final successful event. SF06207160/SEG-160085/DSSEG-7765
- The Deep Security Agent log file (ds-agent.log) sometimes failed to rotate, causing it to use more disk space than intended. SF05306459/SEG-137003/DS-72899
- With Web Reputation Enabled, some characters entered in console commands were not being parsed properly. For example, an underscore (_) entered in a command was replaced with a dash (-), and an uppercase Z was replaced with a lowercase z. DS-74335