The IERS (International Earth Rotation and Reference System Service) has communicated via an official bulletin that a positive leap second will be introduced at the end of December 2016. The leap second needs to be added in 2016 to keep the atomic clock time in sync with the Earth's actual rotational time.
Leap Seconds are a periodic one-second adjustment of Coordinated Universal Time (UTC) in order to keep a system's time of day close to the mean solar time. However, the Earth's rotation speed varies in response to climatic and geological events; and due to this UTC leap, seconds are irregularly spaced and unpredictable.
The last leap second was inserted on June 30, 2015, and the next leap second insertion is scheduled on December 31, 2016, at 23:59:60 UTC.
The sequence of dates of the UTC second markers will be:
2016 December 31, 23h 59m 59s
2016 December 31, 23h 59m 60s
2017 January 1, 0h 0m 0s
What Trend Micro products are affected?
Trend Micro’s Product Vulnerability Response and Service Engineering teams have conducted a thorough analysis of our products and services to identify if any technologies may be affected. They have confirmed that only Linux based products may be affected by the leap second and Windows based products are not affected.
The following Linux-based products have been found to be potentially affected by the upcoming leap second. Fortunately, the workaround for most of these products is to temporarily disable NTP before December 31, 2016, to prevent any potential issues. For the remaining products, a hotfix or patch with an updated kernel may be required.
|Deep Discovery Email Inspector||2.0 GM, SP1 and SP2||
As a workaround solution, disable ntp during the leap second:
|Network VirusWall Enforcer||3.0, 3.1, 3.2, 3.5||
What Trend Micro products are NOT affected?
|Control Manager||6.0||Windows will not handle leap second packet coming from NTP server. As a result, time on the Windows will be one second advanced than the actual time when the leap second is inserted. The time on the Windows will be adjusted gradually.|
|Deep Discovery Analyzer||5.1, 5.5||-|
|Deep Discovery Email Inspector||2.5||-|
|Data Loss Prevention||5.5, 5.6||-|
|Deep Security||8.0, 9.0, 9.5, 9.6||-|
|Deep Security as a Service||9.0, 9.5, 9.6||-|
|InterScan Messaging Security Virtual Appliance||9.0||-|
|InterScan Web Security Virtual Appliance (IWSVA)||5.6, 6.5, 6.5 SP2||
IWSVA is not impacted by leap second. OS may get xx:xx:60 (special time) if ntpdate command is invoked during the leap second, but second is not restricted between 00-59 in IWSVA. Therefore, the product will not be affected.
Here are the assessments for each known issue of RH6 kernel: Resolve Leap Second Issues in Red Hat Enterprise Linux. The issue is resolved in RHEL 6.3 kernel version 2.6.32-279. Since IWSVA uses higher kernel versions, it will not be affected.
|OfficeScan (OSCE)||11.0, XG||OSCE programs only run on Windows so it will not be affected by leap second.|
|ScanMail for Exchange (SMEX)||11.0||SMEX will not be impacted. The date and time are retrieved from the system clock through an API, so it will update the one second difference when the Windows host gets it time update from the NTP server.|
|ServerProtect for Linux||3.0||ServerProtect for Linux is mainly for RedHat, CentOS and SUSE.
|ServerProtect for Microsoft Windows/Novell Netware||5.8||There is no impact of leap second on SPNT 5.8.|
|Trend Micro SafeSync for Enterprise||-||-|
|Smart Protection Server||All||-|
|Trend Micro Mobile Security||All||-|
|Trend Micro Security for Mac (TMSM)||2.0||
Based on an article about Mac and leap second on 2008, the computers connected to Apple's time server will account for the leap second. Therefore, Mac machines will not be affected.
In addition, we didn't get any issue report for TMSM during the last leap second on June 30, 2015.
More information on why the Windows OS platform is not affected can be found here.
What if my product is not listed?
If the product has not reached End-of-Support, it is most likely that Trend Micro is still analyzing the vulnerability and its impact on your product. As soon as the analysis is completed, the product will be added in the list.
What if I have additional questions?
Trend Micro always highly recommends that vendor critical patches are applied as soon as possible upon release. Customers and partners who may need some additional information or have questions are encouraged to contact Technical Support or their authorized Trend Micro technical support representative for further assistance.