After Trend Micro released Virus Scan Engine (VSAPI) version 11 via the OfficeScan ActiveUpdate (AU) servers on March 5, 2019, several reports were received regarding OfficeScan agents experiencing an update loop while receiving the update from the OfficeScan server.
After investigating, it was found that this behavior is similar to a previously reported issue involving the critical patches (CPs) that were released for the Windows 10 April 2018 Update. Customers who had not upgraded to a later CP build were strongly encouraged to update to the latest build to avoid a similar issue.
Scope of Impact
Agents with Windows 10 April 2018 Update supporting CPs may encounter this issue:
- OfficeScan 11.0 SP1 Critical Patch 6540
- OfficeScan XG Critical Patch 1876
- OfficeScan XG SP1 Critical Patch 5147
Recommendations
Trend Micro recommends customers who are experiencing the agent update loop to take the following steps to resolve this issue:
- Disable the Server Schedule update for Virus Scan Engine 32- and 64-bit.
- Rollback the Scan Engine from the server web console, go to Updates > Rollback and click Roll Back Server and Agent Versions for Virus Scan Engine 32- and 64-bit.
- Install the latest CP based on the current OfficeScan version:
- Re-enable the Server Schedule Update for Virus Scan Engine 32- and 64-bit. Customers can also trigger a manual update to deploy Scan Engine immediately.
For support assistance, please contact Trend Micro Technical Support.