Vulnerability Protection Agent 2.0 SP2 Patch 7 is now available in Trend Micro Download Center.

Enhancements

• The Vulnerability Protection Agent installer no longer installs all feature modules when the module plug-in files are located in the same folder as the installer. The required plug-in files are downloaded from a Relay when a policy is applied to a protected computer.
• The version of OpenSSL used by the Vulnerability Protection Agent and Vulnerability Protection Relay has been updated to openssl-1.0.2o.

Resolved known issues

• The Network Filter Driver lacked error handling for some cases when memory allocation failed. This sometimes resulted in a system crash, especially when the system memory was exhausted.
• Due to a side effect from a previous fix, the Network Filter Driver would pass packets through a broadband wireless interface.
• When a TCP connection was established with the same tuples as a previously tracked one, the network engine could set the connection track to an incorrect status. This sometimes happened on a busy server where rapid connections reused a recycled connection. The network engine treated it as an "Out of connection" error and dropped the packet.
• This release includes a security improvement regarding CVE-2011-1473, wherein the renegotiation has been disabled on the Vulnerability Protection Agent side.
• Vulnerability Protection Agent could reach high CPU usage when handling Windows registry key.
• Deep Security Agent's Intrusion Prevention module silently dropped zero payload UDP packets.
• The Tbimdsa driver crashed due to an invalid IPv6 header.

For further details on enhancements and resolved issues, refer to the ReadMe.