New features

• Red Hat Enterprise Linux 8.6 (PowerPC little-endian) on-demand scan support: Deep Security Agent 20.0.0-7943+ supports only the Anti-Malware on-demand scan feature for Red Hat Enterprise Linux 8.6 (PowerPC little-endian). This requires Deep Security Manager 20.0.817+. Security updates are currently unsupported for this platform.
• SUSE Linux Enterprise Server 12 (PowerPC little-endian) on-demand scan support: Deep Security Agent 20.0.0-7943+ supports only the Anti-Malware on-demand scan feature for SUSE Linux Enterprise Server 12 (PowerPC little-endian). This requires Deep Security Manager 20.0.817+. Security updates are currently unsupported for this platform.
• SUSE Linux Enterprise Server 15 (PowerPC little-endian) on-demand scan support: Deep Security Agent 20.0.0-7943+ supports only the Anti-Malware on-demand scan feature for SUSE Linux Enterprise Server 15 (PowerPC little-endian). This requires Deep Security Manager 20.0.817+. Security updates are currently unsupported for this platform.
  • Security updates are currently unsupported on PowerPC platforms. The Advanced Threat Scan Engine (ATSE) status will not display correctly, and the following alerts are expected on RHEL 8.6, SUSE 12, and SUSE 15:
    • Security Update: Security Update Check and Download Failed (Agent/Appliance error)
    • Status: Out of Date

Enhancements

• New commands exist to get proxy information from the command line:
  • dsa_query -c GetProxyInfo
  • dsa_query -c GetProxyInfo details=true
  • DSA-864
• All Trend Micro public keys that are used to validate kernel module signatures are now included by default in the Deep Security Agent packages. SF06915385/SEG-185980/DSA-1569
• Updated Deep Security Agent to support 20.0.1 Kernel Support Packages. In order to continue Linux Kernel support in 2024, please upgrade to Deep Security Agent to 20.0.0-7943+. For details, see Platform support updates for Deep Security Agent (DSA) version revision in January 2024 Update Release. DSA-1217

Resolved issues

• When Activity Monitoring was enabled some systems encountered a memory leak. DS-78200

Enhancements

• In order to display agent pattern updates properly, Deep Security Agent 20.0.0-7943+ requires Deep Security Manager 20.0.759+. SEG-190866/SEG-191017/DSA-1531
• New commands exist to get proxy information from the command line:
  • dsa_query -c GetProxyInfo
  • dsa_query -c GetProxyInfo details=true
  • DSA-864
• Web Reputation Service now supports the "Trend Micro Toolbar for Enterprise" browser extension for Microsoft Edge on Windows 10 (64-bit), Windows 11, Windows Server 2016, Windows Server 2019 and Windows Server 2022. DSA-1565

Resolved issues

• When Log Inspection was enabled, Deep Security Agent sometimes crashed on Windows Server 2019 systems. DS-77766

Enhancements

• New commands exist to get proxy information from the command line:
  • dsa_query -c GetProxyInfo
  • dsa_query -c GetProxyInfo details=true
  • DSA-864

Enhancements

• The permission to clear warnings and errors "canClearWarningsAndErrors" can now be granted separately to roles. SF06516228/SEG-168657/DS-77463
• Changed the error message displayed when a user that doesn't have the necessary permissions tries to edit Device Control settings. SEG-180964/C1WS-14961/DSM-56
• Some default values for Real Time Anti-Malware configuration have changed: DS-77469/C1WS-13588/DSM-36
  • Predictive Machine Learning: Pass > Quarantine
  • Windows Antimalware Scan Interface (AMSI): Pass > Terminate
• When creating a Smart Folder, vCenter "Power State" is now a Computer Property option. DSM-6/DS-77643
• Smart Folder Computer Property options are now sorted in alphabetical order. DSM-6/DS-77643

Resolved issues

• In the web console, AIX 7.3 agents did not display the OS version in the Platform field. DS-72424/DSM-128
• The User Management > Roles > Role Properties window wouldn't load if a lot of computers were protected. SEG-170672/DS-76826/C1WS-12373/DSM-10
• The SHA256 hash value of files will now be included in SNS Anti-Malware events when SHA256 is selected in Anti-Malware > Advanced > File Hash Calculation. SEG-168652/DS-76448/C1WS-14048/DSM-7

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-10326/DSM-158

• Highest CVSS: 6.1
• Highest severity: Medium