Hatena::ブログ(Diary)

まっちゃだいふくの日記★とれんどふりーく★ このページをアンテナに追加 RSSフィード Twitter

カレンダー
<< 2017/07 >>
1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31

このBlogは個人的に収集しているセキュリティ情報や製品情報について書いています。
また、トレンドマイクロ製品+パターン+ウィルスの情報も提供しています。
Trendmicro Japanがイエローアラート以上を出した場合いろいろな情報を提供するようにしています。
Matcha's Security Blogにてセキュリティ情報(英語)も提供しています
各ウイルスバスターの不具合やBlogでの反応:クラウド(2015)クラウド(2014)クラウド(2013)201220112011続き201020092008
情報なし:20162017
日本の情報セキュリティ勉強会ポータルサイト

2017年07月11日(火曜日)

[][]Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9 公開のお知らせ(2017/06/27):サポート情報 : トレンドマイクロ

情報元のブックマーク

Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9リリース。

Trend Micro Deep Security 9.6 Service Pack 1 Patch 1 Update 9 を下記日程にて公開いたします。

■ 公開開始日

2017 年 06 月 27 日 (火)

■ 対象モジュール

Deep Security Manager

Deep Security Virtual Appliance

LinuxDeep Security Agent

WindowsDeep Security Agent

WindowsDeep Security Notifier

■ 追加機能/修正内容

追加機能や修正内容は付属のReadmeをご覧ください。

※日本語のReadmeは一か月以内を目安に公開いたします。

■ 入手方法

本製品の各コンポーネントは最新版ダウンロードページの「統合サーバセキュリティ対策」カテゴリからダウンロードできます。

「最新版ダウンロードページ」

繧オ繝昴?シ繝域ュ蝣ア : 繝医Ξ繝ウ繝峨?槭う繧ッ繝ュ

Manager

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancements are included in this release:
   
   Enhancement 1:  [DSSEG-1059]
                   Deep Security Manager now provides a single
                   deployment script for both Windows and Linux and adds
                   the ability to select a proxy setting and add it to
                   the deployment script.

   Note 1:         - For SUSE Linux Enterprise Server 10, the
                     sha256sum command is not added by default. The
                     script can be modified to skip the sha256sum check.
                   - Linux deployment scripts now require that you
                     have curl installed.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 2:  [DSSEG-781/SEG-875]
                   In some environments, the Anti-Malware Solution
                   Platform (AMSP) could cause high disk input/output
                   when the common scan cache was on.

   Solution 2:     By default, the AMSP common scan cache is on. To
                   disable it, open a Windows command prompt on the Deep
                   Security Manager computer, go to the Deep Security
                   Manager root folder, and run this command:
                   dsm_c -action changesetting -name settings.configuration.disableAmspCommonScanCache -value true
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issues:
   
   Issue 1:        [DSSEG-1125]
                   On the "Deployment Scripts" page, when a user
                   selected a manager proxy that does not require
                   authentication, it would display a command that was
                   not necessary. As a result, the Deep Security Agent
                   sometimes failed to connect via the proxy.

   Solution 1:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:        [DSSEG-1108]
                   The "Deployment Scripts" page included a "Proxy to
                   contact Relay(s)" option, which is not supported with
                   Deep Security 9.6.

   Solution 2:     This option has been removed to avoid confusion.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 3:        [DSSEG-1060]
                   In previous releases, the Deep Security Manager
                   installer only accepted a colon as the separator in
                   the host name on the Database screen. In a silent
                   install, it was
                   "DatabaseScreen.Hostname=Hostname\IP:Port number".

   Solution 3:     In this release, you can use either a colon or comma
                   as the separator.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 4:        [DSSEG-1056/SEG-7464]
                   In Deep Security Manager, the number of rules listed
                   as "Unresolved Recommendations" sometimes did not
                   match the number of rules in the "Recommended for
                   Assignment" list.

   Solution 4:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 5:        [DSSEG-1001]
                   Synchronizing with vCenter sometimes caused an
                   internal deadlock in Deep Security Manager.

   Solution 5:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 6:        [DSSEG-744/SEG-1206]
                   The default ICRC log level for a Deep Security Agent
                   on Linux is "debug", which causes the ds_am-icrc.log
                   file to grow quickly.

   Solution 6:     Change the default ICRC log level to "warn". For a
                   fresh agent installation, the default ICRC log level
                   will be set to "warn" by default. To update an
                   existing agent on Linux:
                   1. Upgrade the Deep Security Manager to the build
                      that contains the fix.
                   2. On the Deep Security Manager computer, open a
                      windows command prompt, go to the Deep Security
                      Manager root folder, and run this command:
   
                   dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value true
   
                   3. Upgrade the Deep Security Agent to the build that
                      contains the fix.
                   4. After the agents are upgraded and the default
                      ICRC log level has been corrected, we recommend
                      that you turn off the key. To do this, go to the
                      Deep Security Manager computer, open a windows
                      command prompt, go to the Deep Security Manager
                      root folder, and run this command:
   
                   dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value false
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 7:        [DSSEG-699]
                   Some users experienced issues with scheduled tasks,
                   where the task was being performed on the wrong day.
                   This was because the task day was scheduled in the
                   timezone of the Deep Security Manager or tenant,
                   which could be significantly different from the user
                   timezone. While the time of day would be correctly
                   converted between the user timezone and the
                   scheduling timezone, in some cases if the conversion
                   caused the day or date to change (for example,
                   Wednesday May 10th 10pm UTC is equivalent to a
                   Thursday May 11th 2am UTC+4), the task would be
                   scheduled 24 hours too early or too late.

   Solution 7:     With this release of Deep Security, all new scheduled
                   tasks are created with a specified associated
                   timezone. This can be edited in the scheduled task
                   properties. Any existing tasks will have schedules
                   displayed in the timezone in which they are currently
                   scheduled (tenant or Deep Security Manager).
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

LinuxDeep Security Agent

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancement is included in this release:
   
   Enhancement 1:  [DSSEG-602/SEG-263]
                   The "ratt" diagnostic tool for Deep Security Agents
                   on Linux did not provide statistics for the display
                   of the different types of generic memory allocation
                   in a driver memory statistics dump.

   Solution 1:     Those statistics are now provided in the "ratt"
                   diagnostic tool.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   

   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issues:
   
   Issue 1:        [DSSEG-1036/SEG-5710/SF00373887]
                   SAP anti-malware feature was not able to recognize an
                   e-mail message (.msg) file and issued
                   "TM_BLOCK_UNSUITABLE_EXTENSION" since it is not a
                   supported MIMETYPE.

   Solution 1:     The SAP anti-malware feature is now able to verify a
                   message file (.msg) as the Microsoft Word
                   (application/msword) MIMETYPE.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:        [DSSEG-1016]
                   The Deep Security Virtual Appliance's security update
                   failed or VMs were offline because the Scheduler
                   thread exited abnormally.

   Solution 2:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 3:        [DSSEG-999]
                   If the Deep Security Agent failed to download the
                   Kernel Support Package, the agent would not retry the
                   download.

   Solution 3:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 4:        [DSSEG-980]
                   In some circumstances, the kernel module for a Linux
                   version of the Deep Security Agent could be replaced
                   by an earlier version of the kernel support package.

   Solution 4:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 5:        [DSSEG-979]
                   When connections were reset, they were not removed in
                   the kernel module until the connection timed out.
                   This resulted in the maximum number of TCP
                   connections being reached.

   Solution 5:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 6:        [DSSEG-923]
                   Certain types of incoming packets were provided from
                   the Linux Kernel to the Deep Security Agent Network
                   Packet engine without any ethernet header. This
                   caused an error when decoding the packets, causing
                   them to be dropped.

   Solution 6:     The Network Packet engine was modified to detect the
                   absence of the ethernet header and decode the packet
                   correctly.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 7:        [DSSEG-744/SEG-1206]
                   The default ICRC log level for a Deep Security Agent
                   on Linux is "debug", which causes the ds_am-icrc.log
                   file to grow quickly.

   Solution 7:     Change the default ICRC log level to "warn". For a
                   fresh agent installation, the default ICRC log level
                   will be set to "warn" by default. To update an
                   existing agent on Linux:
                   1. Upgrade the Deep Security Manager to the build
                      that contains the fix.
                   2. On the Deep Security Manager computer, open a
                      windows command prompt, go to the Deep Security
                      Manager root folder, and run this command:
   
                   dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value true
   
                   3. Upgrade the Deep Security Agent to the build that
                      contains the fix.
                   4. After the agents are upgraded and the default
                      ICRC log level has been corrected, we recommend
                      that you turn off the key. To do this, go to the
                      Deep Security Manager computer, open a windows
                      command prompt, go to the Deep Security Manager
                      root folder, and run this command:
   
                   dsm_c -action changesetting -name settings.configuration.resetICRCLogConfig -value false
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

WindowsDeep Security Agent / Relay / Notifier

2. What's New
========================================================================

   2.1 Enhancements
   =====================================================================
   The following enhancements are included in this release:
   
   Enhancement 1:  [DSSEG-904]
                   This release of Deep Security Agent adds support for
                   Windows 10 RS2.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Enhancement 2:  [DSSEG-781/SEG-875]
                   In some environments, the Anti-Malware Solution
                   Platform (AMSP) could cause high disk input/output
                   when the common scan cache was on.

   Solution 2:     By default, the AMSP common scan cache is on. To
                   disable it, open a Windows command prompt on the Deep
                   Security Manager computer, go to the Deep Security
                   Manager root folder, and run this command:
                   dsm_c -action changesetting -name settings.configuration.disableAmspCommonScanCache -value true
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   2.2 Resolved Known Issues
   =====================================================================
   This release resolves the following issues:
   
   Issue 1:        [DSSEG-1016]
                   The Deep Security Virtual Appliance's security update
                   failed or VMs were offline because the Scheduler
                   thread exited abnormally.

   Solution 1:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   Issue 2:        [DSSEG-982/SEG-954/00319947/SEG-954/00319947]
                   Deep Security Agent AMSP module "tmactmon.sys"
                   crashed with a core dump.

   Solution 2:     This issue is fixed in this release.
                   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Deep Security Virtual Applianceのreadme.txtが見当たらないのは仕様なのか・・・

screenshot

スパム対策のためのダミーです。もし見えても何も入力しないでください
ゲスト

コメントを書くには、なぞなぞ認証に回答する必要があります。

トラックバック - http://d.hatena.ne.jp/ripjyr/20170711/1499709196
当ページでは、掲載内容による不具合、問題に関する責任もちません、内容が正確である保障もできません。m(__)m
各自の自己責任で、情報の確認をお願いします

毎日のトップに掲載されている今日の記念日は、MIEさんのページから頂いております。ありがとうございます。