Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

Trend Micro products affected by the Leap Second (June 30, 2015)

    • Updated:
    • 9 Jun 2015
    • Product/Version:
    • InterScan Web Security Virtual Appliance 5.6
    • InterScan Web Security Virtual Appliance 6.0
    • InterScan Web Security Virtual Appliance 6.5
    • Platform:
    • N/A N/A
Summary

The IERS (International Earth Rotation and Reference System Service) has communicated via an official bulletin that a positive leap second will be introduced at the end of June 2015. The leap second needs to be added in 2015 to keep the atomic clock time in sync with the Earth's actual rotational time.

Leap Seconds are a periodic one-second adjustment of Coordinated Universal Time (UTC) in order to keep a system's time of day close to the mean solar time. However, the Earth's rotation speed varies in response to climatic and geological events; and due to this UTC leap, seconds are irregularly spaced and unpredictable.

The last leap second was inserted on June 30, 2012, and the next leap second insertion is scheduled on June 30, 2015, at 23:59:60 UTC.

The sequence of dates of the UTC second markers will be:    

2015 June 30,     23h 59m 59s
2015 June 30,     23h 59m 60s
2015 July  1,       0h  0m  0s

Details
Public

What Trend Micro products are affected?

Trend Micro’s Product Vulnerability Response and Service Engineering teams have conducted a thorough analysis of our products and services to identify if any technologies may be affected. They have confirmed that only Linux based products may be affected by the leap second and Windows based products are not affected.

The following Linux-based products have been found to be potentially affected by the upcoming leap second.  Fortunately, the workaround for most of these products is to temporarily disable NTP before June 30, 2015, and then re-enable it after July 1, 2015, to prevent any potential issues. For the remaining products, a hotfix or patch with an updated kernel may be required.

ProductVersionSolution
InterScan Web Security Virtual Appliance5.6, 6.0 SP1 and 6.5The ntpd deamon in IWSVA is disabled by default. However, there is a cron job to sync time every day. Trend Micro testing has found that only devices that have their clock set to UTC +6 could be potentially affected, which is a very small subset of territories.
Deep Discovery Email Inspector2.0 GM, SP1 and SP2

As a workaround solution, disable ntp during the leap second:

  1. Log in to the DDEI web console.
  2. Go to Administration > System Settings.
  3. Click Time and enable the Set time manually option

The next major release is in the fourth quarter of 2015.

Network VirusWall Enforcer3.0, 3.1, 3.2, 3.5

As workaround solution, disable ntp during the leap second:

  1. Go to /var/cron/cron/root and run the command:

    # vi /var/cron/cron/root

  2. Disable the line of 15 * * * * /etc/init.d/rcNTP.sh.
  3. Click Save.
  4. After the leap second time, go to /var/cron/cron/root and enable ntp service.

The next major release is in 2016.

More information on why the Windows OS platform is not affected can be found here.

What if my product is not listed?

If the product has not reached End-of-Support, it is most likely that Trend Micro is still analyzing the vulnerability and its impact on your product. As soon as the analysis is completed, the product will be added in the list.

What if I have additional questions?

Trend Micro always highly recommends that vendor critical patches are applied as soon as possible upon release. Customers and partners who may need some additional information or have questions are encouraged to contact Technical Support or their authorized Trend Micro technical support representative for further assistance.

Additional References

Premium
Internal
Rating:
Category:
SPEC
Solution Id:
1111187
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.


Need More Help?

Create a technical support case if you need further support.