Enhancements:
- Transport Layer Security (TLS) 1.2 - This patch enables SMEX 12.0 to run in environments where only TLS 1.2 is enabled and .Net Framework 4.5 is installed.
- URL Analysis - When an email message contains a URL that triggers a "404 Not Found" error, the Deep Discovery Analyzer (DDAn) URL analysis feature returns a -19 error code (prefetchd: server error or content does not exist). SMEX 12.0 treats this as an unanalyzed risk and takes action on the URL. This patch allows users to configure SMEX 12.0 to skip URLs if it receives specific error codes from DDAn.
- Spam Detection - This patch allows users to configure the SMEX 12.0 spam detection feature to skip Exchange internal email messages with an "SCL=-1" rating.
- This patch enables SMEX 12.0 to submit URLs under the "Noteworthy" WRS category to the Virtual Analyzer server for sandbox analysis.
- Spam Configuration - This patch allows user to configure an approved IP address list in the spam configuration page to enable spam scans to skip email messages from IP addresses on the list.
- Content Filter and Data Loss Prevention (DLP) Filter - This patch allows SMEX 12.0 to trust the Content Filter and DLP filter scan results from other SMEX 12.0 servers.
- LDAP Query - This patch improves the LDAP query logic to decrease the number of authentication requests when querying the Active Directory (AD) for user and group information.
- Log Query - This patch enables SMEX 12.0 to show the DLP matched content for attachments on the log query page.
- Data Loss Prevention Validators - This patch provides support for the Nigeria Verve Issuer Identification Number (IIN) validator.
- Virus Detection - This patch allows SMEX 12.0 to compress an email that contains a virus to a password-protected ZIP file and to forward the file to a specific sender.
- This Patch enables SMEX 12.0to attempt to call the Exchange Web Services (EWS) API again if it fails to call the API on the first attempt. This helps improve the success rate of manual and scheduled scans in scanning email messages.
Resolved Known Issues:
- Issue: SMEX 12.0 sends URLs to DDAn with a full stop at the end which prevents DDAn from handling the URLs.
Solution: This patch enables SMEX 12.0 to remove the full stop from the end of URLs before submitting these to DDAn for analysis. - Issue: SMEX 12.0 does not send new-born URLs to DDAn.
Solution: This patch enables SMEX 12.0 to send new-born URLs to DDAn. - Issue: The Search & Destroy feature of SMEX 12.0 cannot delete messages from the German version of Exchange 2013.
Solution: This patch provides a way to set the local language for the Search & Destroy feature in SMEX 12.0 to German in Exchange 2013. - Issue: After installing SMEX 12.0 SP 1 Patch 1, ScanMail cannot send files to the Virtual Analyzer server if users select the "Submit email messages to Virtual Analyzer" and "Register to the Virtual Analyzer" options at the same time on the Virtual Analyzer page.
Solution: This patch restricts users to select to register SMEX 12.0 to the Virtual Analyzer server first and allows users to select the "Submit email messages to Virtual Analyzer" option only after ScanMail has successfully registered to the Virtual Analyzer server. - Issue: Internal domains are not replicated when configuration replications is triggered from Trend Micro Control Manager (TMCM).
Solution: This patch adds the internal domain to the Control Manager replication list so that ScanMail can replicate internal domains through Control Manager. - Issue: SMEX 12.0 encounters an SQL error while running storage maintenance on a protected computer.
Solution: This patch updates the "DeleteDanglingMsgEntries" database command to ensure that SMEX 12.0 can perform storage maintenance on protected computers. - Issue: After installing SMEX 12.0, ScanMail does not automatically send notification email messages to senders and recipients of an email message if the Virtual Analyzer server returns an error.
Solution: This patch enables users to configure whether ScanMail sends notification email messages to senders and recipients of an email message if the Virtual Analyzer server returns an error. - Issue: SMEX 12.0 encounters a deadlock when the WinHTTP function operates synchronously even when ScanMail uses WinHTTP in asynchronous mode.
Solution: This patch resolves the deadlock issue. - Issue: In SMEX 12.0 on Microsoft Exchange 2010, when the source and target servers have different server roles, and administrators select an internal domain for replication, ScanMail fails to replicate the internal domains.
Solution: This patch enables ScanMail to add a return code to the response when it is configured to skip internal domains on a target server. This prevents access violations on the source server. - Issue: If the sender's or recipient's mailbox name contains a percentage sign (%) and the Edge transport debug log is enabled, Microsoft Exchange Transport service may stop unexpectedly.
Solution: This patch enables SMEX 12.0 to handle the debug log correctly and prevents Microsoft Exchange Transport service from stopping unexpectedly. - Issue: A manual scan or scheduled scan stops unexpectedly if SMEX 12.0 cannot access the mailbox database.
Solution: This patch resolves this issue. - Issue: After users select specific folders to scan during a manual or scheduled scan, the store level real-time scan cannot scan messages since the real-time scan checks the folder name which is specified in the manual or schedule scan.
Solution: This patch ensures that the manual and scheduled scan settings do not affect the real-time scan settings. - Issue: SMEX 12.0 communicates with the Active Update (AU) server by HTTP which is unencrypted.
Solution: This patch enables SMEX 12.0 to communicate with the AU server by HTTPS by default. - Issue: A Cross-Site Request Forgery (CSRF) vulnerability in SMEX 12.0 may allow remote attackers to submit a malicious request to the ScanMail server.
Solution: This patch resolves the CSRF vulnerability. - Issue: A cross-site scripting (XSS) vulnerability in SMEX 12.0 may enable attackers to inject client-side scripts into web pages viewed by other users.
Solution: This patch resolves the XSS vulnerability. - Issue: The approved sender list in the antispam filter is also applied to the WTP filter in SMEX 12.0.
Solution: This patch ensures that the antispam filter's approved sender list is not applied to the WTP filter. - Issue: The detected suspicious URLs in certain formats may not display correctly on the Web Reputation log query page.
Solution: This patch improves the normalization algorithm to ensure that extracted URLs can be displayed correctly in the log query page. - Issue: SMEX 12.0 allows users to download pattern and engine files from a customized AU source without checking the signature file for the downloaded components. This may trigger a vulnerability issue.
Solution: This patch restricts SMEX 12.0 to download only from the official TrendMicro AU server and to communicate with the server using HTTPS. This ensures that the signature file and certificate of each downloaded component are verified. - Issue: SMEX 12.0 does not take any action on an email message that has been detected as risky by the Virtual Analyzer server but cannot be detected by the Advanced Threat Scan Engine (ATSE) even when the Security Risk Scan action is set to "ActiveAction".
Solution: This patch enables SMEX 12.0 to take the quarantine all action on risky email messages that are not detected by the ATSE when the Security Risk Scan action is set to "ActiveAction".
Downloads:
To know more details about the enhancements and resolved issues mentioned above, refer to the Readme file.
Download the SMEX 12.0 Patch 2 SP1 Full Installation Package.