On July 7, 2020, Trend Micro sent out a KB advisory about an upcoming certificate security upgrade (July 15, 2020) on the server side of TMMS that may prevent the decryption check from becoming faulty in the near future.
In the KB advisory mentioned, mitigations were presented for both iOS and Android agents.
At present time, the Android mitigation is still valid. However, due to the latest version of the iOS agent (2.0.2021) still being under review by Apple, users are not able to update yet.
The device security scan status will change to “At-risk” or “Dangerous” after certificate expired, if the following configuration is checked.
Recommendation for Mitigation:
iOS customers can perform the following action before July 17, 2020 to mitigate the impact:
- Uncheck "Network Traffic Decryption".
Please note however that by unchecking this option, TMMS will not be able to protect users from a rouge access point until this is re-enabled.
We appreciate your patience as we are conducting this upgrade to avoid this issue.
If you have any questions or concerns, please contact Technical Support or your assigned Customer Service Manager.