Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

ScanMail for Microsoft Exchange (SMEX) 12.0 Critical Patch 1755 for Service Pack 1 (SP1) Patch 1 is now available

    • Updated:
    • 27 Oct 2017
    • Product/Version:
    • ScanMail for Exchange 12.0
    • Platform:
    • N/A N/A
Summary

Critical Patch 1755 resolves several vulnerabilities in SMEX 12.0 Patch 1 for SP1.

Details
Public

Resolved Issues

  • Issue: SMEX 12.0 Patch 1 for SP1 communicates with the Active Update (AU) server by HTTP which is unencrypted.
    Solution: This critical patch enables SMEX to communicate with the AU server by HTTPS by default.
    To configure this feature:
    1. Install the critical patch.
    2. Open the Registry Editor.
    3. Locate the following key and set the appropriate values:

      Path: HKLM\SOFTWARE\TrendMicro\ScanMail for Exchange\CurrentVersion
      Key: AUFromHTTPSServer
      Type: REG_DWORD
      Data value:
      "1" = (default) enables the solution
      "0" = disables the solution

    4. Restart SMEX.
  • Issue: A Cross-Site Request Forgery (CSRF) vulnerability in SMEX 12.0 Patch 1 for SP1 may allow remote attackers to submit a malicious request to the ScanMail server.
    Solution: This critical patch resolves the CSRF vulnerability.
  • Issue: A cross-site scripting (XSS) vulnerability in SMEX 12.0 Patch 1 for SP1 may enable attackers to inject client-side scripts into web pages viewed by other users.
    Solution: This critical patch resolves the XSS vulnerability.

System Requirements:

Install this critical patch only on computers protected by the latest SMEX 12.0 Patch 1 for SP1. Download the latest Service Pack and patch from Trend Micro Download Center.

Recommended Action:

Trend Micro recommends that you apply Critical Patch 1755 on SMEX 12.0 Patch 1 for SP1.

Download SMEX 12.0 Critical Patch 1755 for SP1 Patch 1.

Download the corresponding Readme file for more information.

Reference:

SECURITY BULLETIN: Trend Micro ScanMail for Exchange 12.0 Multiple Vulnerabilities 

Premium
Internal
Rating:
Category:
Install; Update
Solution Id:
1118673
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.