Symptom

Workaround

When calling ColnitializeSecurity, the call fails if passing RPC_C_IMP_LEVEL_NONE under certain conditions.
When calling ColnitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error message that's returned on the failure is: STATUS_BAD_IMPERSONATION_LEVEL.

This issue is resolved in KB4057401.

Symptom

Workaround

When calling ColnitializeSecurity, the call will fail when passing RPC_C_IMP_LEVEL_NONE under certain conditions.
When calling ColnitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error returned on failure is STATUS_BAD_IMPERSONATION_LEVEL.

This issue is resolved in KB4057142.

An issue preventing Trend Micro Products from starting successfully on machines running on Windows Server 2012 R2 and 2016

Product / Version includes:

ScanMail for Exchange12.5

Last updated: 2021/08/28

Solution ID: KA-0008172

Category: Troubleshoot

Summary

Microsoft is aware of a new publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks” that affect many modern processors and operating systems including Intel, AMD, and ARM.

Microsoft has released several updates to help mitigate these vulnerabilities:

CVE-2017-5753 - Bounds check bypass
CVE-2017-5715 - Branch target injection
CVE-2017-5754 - Rogue data cache load

Currently, Trend Micro has identified that the following products’ service may fail to start after applying Widows Security Update KB4056895 and KB4056898 (available for Windows Server 2012 R2), and KB4056890 (available for Windows Server 2016):

Product	Version	Language	OS
ScanMail for Microsoft Exchange	12.5	EN	Windows Server 2012 R2 Windows Server 2016

SMEX 12.5 Master Service start failure is caused by the same known issue existing in these three Windows Security Updates.

This Microsoft known issue is resolved in KB4057401 (available for Windows Server 2012 R2) and KB4057142 (available for Windows Server 2016). To avoid ScanMail Master Service start failure, make sure to cover these two Windows Security Updates during deployment.

KB4056895 and KB4056898 (available for Windows Server 2012 R2)

Known issues in this update:

Symptom	Workaround
When calling ColnitializeSecurity, the call fails if passing RPC_C_IMP_LEVEL_NONE under certain conditions. When calling ColnitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error message that's returned on the failure is: STATUS_BAD_IMPERSONATION_LEVEL.	This issue is resolved in KB4057401.

KB4056890 (available for Windows Server 2016)

Known issues in this update:

Symptom	Workaround
When calling ColnitializeSecurity, the call will fail when passing RPC_C_IMP_LEVEL_NONE under certain conditions. When calling ColnitializeSecurity, the call may fail when passing RPC_C_AUTHN_LEVEL_NONE as the authentication level. The error returned on failure is STATUS_BAD_IMPERSONATION_LEVEL.	This issue is resolved in KB4057142.