This article expounds on the enhancements of Trend Micro Apex One On-Premise regarding the self-protection feature after applying Patch 5 (Build 9565).
The following notable changes are in response to threats that actively attempt to disable Security Agent protections:
- Self-Protection is enabled by Default and can no longer be configured:
- This maximizes protection uptime and resiliency against programs attempting to disable anti-malware protection.
- There is Always-On Self-Protection.
- The following settings will be removed:
- Protect Security Agent services
- Protect files in the Security Agent installation folder
- Protect Security Agent registry keys
- Protect Security Agent processes
- There is a new option for the Server Self-Protection feature:
After applying Apex One Patch 5, self-protection (disabled) settings configured via Apex Central Policy will be ignored.
To align this new specification, Apex Central Critical Patch build 5334 or above will also remove the Self-Protection options from the policy settings.