Updated: December 20, 2016 (02:30 GMT)
On December 19, 2016, Trend Micro received several customer reports of potential false URL detections from customers using Trend Micro products that have Web Reputation Services (WRS) enabled.
As of approximately 2:30 AM (GMT) on Dec. 20th, we have temporarily disabled the backend sourcing mechanism that is believed to be related to the root cause of the issue, restored a recent database backup, unblocked URLs that we have believed were incorrectly flagged and confirmed that the WRS ratings servers have been updated now which should resolve the majority of the incorrect detections. In addition, organizations that use Smart Protection Server (SPS) to manage WRS for their environment should be receiving new updates (3.x: 10031427, 2.x: Url00498.075) that also help to resolve the issue.
If there are still some incorrectly flagged URLs, customers may continue and are encouraged to check the URL(s) on https://sitesafety.trendmicro.com to see if it is still being flagged as malicious and if so, submit suspected false positives for review and reclassification via Trend Micro’s Success Portal.
Trend Micro has begun a detailed analysis on why these false detections occurred and what actions can be taken to ensure it will not happen again. We will provide updated information as it becomes available.
We apologize for any inconvenience that this issue may have caused, and encourage any customer who has questions or needs further assistance to contact their authorized Trend Micro support representative.