Deep Security Manager - 20.0.879 (20 LTS Update 2024-01-17)
What's new in Deep Security Manager?
Deep Security Manager - 20.0.879 (20 LTS Update 2024-01-17)
Release date: January 17, 2024
Build number: 20.0.879New Features
Enhancements
- The Tomcat version was updated in Deep Security Manager. DSM-431/DSM-160
- A number of URLs on a verge of becoming invalid were updated on the Deep Security Manager Support website. DSM-352
- Deep Security Manager copyright information was updated to year 2024. DSM-133
- A dedicated banner is now displayed within Deep Security Manager to notify the users of Deep Security Virtual Appliance about the Deep Security Virtual Appliance EOL status. DS-76857/DSM-131
- Security updates for VRTS-10045, VRTS-10068, VRTS-10070. DSM-133
- Deep Security Manager copyright information was updated to year 2024. DSM-133
- Deep Security Manager can now force the removal of the service reference ID when the VMware vCenter connector is removed. This service reference ID is automatically created by VMware NSX-T to bind the Trend Micro service with the security profile. SEG-160298/DSM-49
Resolved issues
- Azure Connector experienced synchronization issue for Azure Virtual Machine Scale Sets with Flexible orchestration mode. DSM-436
- Apex Central did not have the information and therefore could not forward it to syslog or display in its log view due to the MCP content not being updated to include the FileSHA1 of an infected file. SEG-192045/PCT-6042/DSM-435
- The value of the behaviorMonitoringEnabled property in the Antimalware Configuration API was missing, resulting in a disconnect between the UI and API. PCT-5360/DSM-411
What's new in Deep Security Manager? | Deep SecuritySecurity updates
Security updates are included in this release. For more information about Trend Micro protectection against vulnerabilities, see Vulnerability Response. Note that in line with responsible disclosure practices, CVE details can only be made available for select security updates once patches have been made available for all impacted releases. DSM-402
- Highest CVSS: 7.5
- Highest severity: High
Deep Security Linux Agent - 20.0.1-690 (20 LTS Update 2024-01-17)
Deep Security Agent - 20.0.1-690 (20 LTS Update 2024-01-17)
Release date: January 17, 2024
Build number: 20.0.1-690Enhancements
- From 2024 onward, Deep Security Agent versioning is being revised from 20.0.0 to 20.0.1. This requires Deep Security Manager 20.0.854 or later. DSA-3584
- For details, see:
- Deep Security Agent (DSA) gap mitigation for version revision
- Linux Systems Need to Upgrade for Deep Security Agent (DSA) Version 20.0.1 January 2024 Release
Resolved issues
- Deep Security Agent was sometimes unable to connect to the local Smart Protection Server. DSA-3564
- When FIPS mode was disabled, Deep Security Agent used the OpenSSL configuration specified by the system environment variables rather than the config specified by the agent. PCT-4914/DSA-2651/DSA-2737/DSA-2738
- Deep Security Agent would incorrectly log network errors when the SAP scanner was enabled. DSA-3548
- Files added to the SAP Scanner allow list without including a file extension were being blocked when they should have been allowed. SF06565062/SEG-170933/DS-77132/DSA-3424
- When using Deep Security Agent on a system with Fanotify enabled, quarantining a file sometimes caused the system to freeze. PCT-6047/SEG-190061/DSA-2473
What's new in Deep Security Agent? | Deep SecurityKnown issues
- Using Firewall, Web Reputation Service, or Intrusion Prevention System on some Deep Security Agent 20.0.0 versions may lead to issues after importing the 20.0.1 Kernel Support Package (KSP). To avoid these issues, it is suggested that users upgrade to Deep Security Agent 20.0.1-690. For details, see https://success.trendmicro.com/dcx/s/solution/000296184. DSA-3505
- Updating to Deep Security Agent 20.0.1-690 from some 20.0.0 versions sometimes fails when using Deep Security Relay on Cloud One Endpoint & Workload Security. For details, see Failed remote upgrade of self-deployed Cloud One - Workload Security relay from 20.0.0-3445+ to version revision 20.0.1 DSA-3317
- With the release of Deep Security Agent 20.0.1-690, Trend Micro is changing the version number of the Kernel Support Package (KSP) from 20.0.0 to 20.0.1. This may cause issues downloading the latest kernel driver on some agent versions. To maintain kernel support after the KSP revision, it is suggested that users upgrade to Deep Security Agent 20.0.0-7943 or later. For details, see https://success.trendmicro.com/dcx/s/solution/000296280. DSA-3588
- Enabling Intrusion Prevention or Web Reputation Service in Deep Security Agent might result in a TLS inspection process (tm_netagent) error log rotation issue. For details, see TLS inspection process error log rotation problem in Deep Security. DSA-3773
Deep Security Windows Agent - 20.0.1-690 (20 LTS Update 2024-01-17)
Deep Security Agent - 20.0.1-690 (20 LTS Update 2024-01-17)
Release date: January 17, 2024
Build number: 20.0.1-690New features
- Command line scan: Deep Security Agent now supports on-demand scans triggered using dsa_scan from the command line. This is currently only available to Trend Cloud One - Endpoint & Workload Security customers. For more information, see Command-line basics. V1E-6993
Enhancements
- From 2024 onward, Deep Security Agent versioning is being revised from 20.0.0 to 20.0.1. This requires Deep Security Manager 20.0.854 or later. DSA-3584
- For details, see: Deep Security Agent (DSA) gap mitigation for version revision.
Resolved issues
- Deep Security Agent was sometimes unable to connect to the local Smart Protection Server. DSA-3564
- Deep Security Agent could have memory leaks on some systems while trying to route to Domain Controllers. DSA-3266
- Deep Security Agent sometimes froze at launch if Windows APIs were verifying digital signatures for portable executable (PE) files. DSA-3626
- When FIPS mode was disabled, Deep Security Agent used the OpenSSL configuration specified by the system environment variables rather than the config specified by the agent. PCT-4914/DSA-2651/DSA-2737/DSA-2738
What's new in Deep Security Agent? | Deep SecurityKnown issues
- Using Firewall, Web Reputation Service, or Intrusion Prevention System on some Deep Security Agent 20.0.0 versions may lead to issues after importing the 20.0.1 Kernel Support Package (KSP). To avoid these issues, it is suggested that users upgrade to Deep Security Agent 20.0.1-690. For details, see https://success.trendmicro.com/dcx/s/solution/000296184. DSA-3505
- Updating to Deep Security Agent 20.0.1-690 from some 20.0.0 versions sometimes fails when using Deep Security Relay on Cloud One Endpoint & Workload Security. For details, see Failed remote upgrade of self-deployed Cloud One - Workload Security relay from 20.0.0-3445+ to version revision 20.0.1 DSA-3317
- Enabling Intrusion Prevention or Web Reputation Service in Deep Security Agent might result in a TLS inspection process (tm_netagent) error log rotation issue. For details, see TLS inspection process error log rotation problem in Deep Security. DSA-3773
Deep Security UNIX Agent - 20.0.1-690 (20 LTS Update 2024-01-17)
Deep Security Agent - 20.0.1-690 (20 LTS Update 2024-01-17)
Release date: January 17, 2024
Build number: 20.0.1-690Enhancements
- From 2024 onward, Deep Security Agent versioning is being revised from 20.0.0 to 20.0.1. This requires Deep Security Manager 20.0.854 or later. DSA-3584
- For details, see: Deep Security Agent (DSA) gap mitigation for version revision.
Resolved issues
- Deep Security Agent was sometimes unable to connect to the local Smart Protection Server. DSA-3564
What's new in Deep Security Agent? | Deep SecurityKnown issues
- Using Firewall, Web Reputation Service, or Intrusion Prevention System on some Deep Security Agent 20.0.0 versions may lead to issues after importing the 20.0.1 Kernel Support Package (KSP). To avoid these issues, it is suggested that users upgrade to Deep Security Agent 20.0.1-690. For details, see https://success.trendmicro.com/dcx/s/solution/000296184. DSA-3505
- Updating to Deep Security Agent 20.0.1-690 from some 20.0.0 versions sometimes fails when using Deep Security Relay on Cloud One Endpoint & Workload Security. For details, see Failed remote upgrade of self-deployed Cloud One - Workload Security relay from 20.0.0-3445+ to version revision 20.0.1 DSA-3317
Deep Security Agent for macOS - 20.0.0-224 (20 LTS Update 2024-01-17)
Deep Security Agent for macOS - 20.0.0-224 (20 LTS Update 2024-01-17)
Release date: January 17, 2024
Build number: 20.0.0-224What's new in Deep Security Agent for macOS - Workload Security | Trend Micro Cloud One™ DocumentationResolved Issues:
- After generating a new client certificate, the macOS agent did not update the cache in time, causing Deep Security Agent to activate repeatedly.
DS および C1EWS のエージェントソフトウェアであるDSA 20.0.0 は、限定サポートOS上での動作を制御するため、2024 年 1 月からバージョン表記を改訂し、20.0.x が使用されます。
DCX
今後、トレンドマイクロは DSA 20.0.1, 20.0.2, 20.0.x と毎年バージョン表記を更新する予定です。
