Archived Deep Security Agent release notes

For release notes from this year, see What's new in Deep Security Agent? .

For release notes from the long-term support LTS release, Deep Security Agent - Linux 12.0 readme.

Deep Security Agent - 12.0 update 5

Release date: December 16, 2019

Build number: 12.0.0-767

Enhancements

  • Excluded AWS Lustre from file system kernel hooking to prevent kernel panic. (SEG-65127/SF02650803/DSSEG-4955)

Resolved issues

  • When Application Control was enabled with Zenoss a high-volume of file events were created which caused high CPU usage. (SEG-56946/SEG-62440/SEG-64764/DSSEG-4792)
  • Deep Security Virtual Appliance took too long to release file descriptors after a VM vMotion. (DSSEG-4817)
  • Using environment variables in Integrity Monitoring rules was not working with Real-time Integrity Monitoring. (SF02611220/SEG-64777/SEG-65541/DSSEG-4953)

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated to curl 7.67.0. (DSSEG-4906)
  • Updated to openssl-1.0.2t. (DSSEG-4906)

Deep Security Agent - 12.0 update 4

Release date: November 28, 2019

Build number: 12.0.0-725

Enhancements

  • Enhanced the Anti-Malware kernel level exclusion on Linux. File events coming from remote file systems won't be handled by Deep Security Agent anymore when Network Directory Scan is disabled. (SEG-50838/DSSEG-4652)

Resolved issues

  • If you upgraded from Deep Security Agent core only, security updates failed. (DSSEG-4870/SEG-63999)
  • Application Control didn't work correctly with Deep Security Agent Red Hat 8 64-bit kernel 4.18.0-147.el8.x86_64. (DSSEG-4858)
  • Real-time Integrity Monitoring rules did not support trailing wildcard asterisks in a base directory. (DSSEG-4842)
  • Deep Security Agent real-time Anti-Malware scans didn't work correctly with Linux 5.3 kernel. (DSSEG-4611)

Deep Security Agent - 12.0 update 3

Release date: November 5, 2019

Build number: 12.0.0-682

New features

  • Added CentOS 8 as a supported platform. (DSSEG-4671)

Resolved issues

  • High CPU usage occurred when Application Control was enabled on an Apache Hadoop server that was creating a high volume of non-executable files in the Yarn user cache. (DSSEG-4631)
  • A Trojan file was not quarantined. (DSSEG-4644)
  • Virtual machines went offline after a vMotion because the database was locked. (DSSEG-4638)
  • The operating system sometimes crashed when a RATT tool was used to collect driver logs. (DSSEG-4435)
  • Deep Security failed to download security updates. (SF02043400/SEG-52069DSSEG-4431)

Deep Security Agent - 12.0 update 2

Release date: September 13, 2019

Build number: 12.0.0-563

New features

  • Added Oracle Linux 8 as a supported platform. (DS-37687)
  • Added a new rpm file in the installer package for PGP signed packages. For details, please see Check digital signatures on software packages. (SF02287602/SEG-57033/DSSEG-4607)

Resolved issues

  • In a Red Hat Enterprise Linux 5 or 6 or a CentOS 5 or 6 environment, Integrity Monitoring events related to the following rule were displayed even if users or groups were not created or deleted: 1008720 - Users and Groups - Create and Delete Activity. (DSSEG-4548)
  • When multiple Smart Protection Servers were configured, the Deep Security Agent process would sometimes crash due to an invalid sps_index. (DSSEG-4386)
  • The "Send Policy" action failed because of a GetDockerVersion command error in Deep Security Agent. (DSSEG-4082)
  • Deep Security Agent did not add Python extension module (PYD) files to the inventory of Application Control. (DSSEG-3588)
  • Deep Security Agent SSL inspection didn't work with a TLS/SSL connection in explicit mode. (DSSEG-4464)
  • Deep Security Anti-Malware detected sample malware files but did not automatically delete them. (SF02230778/SEG-55891/DSSEG-4569)
  • For certain configurations, an agent might fail to locate Azure fabric server and therefore is unable to rehome to the Azure connector properly. (DSSEG-4547)

Deep Security Agent - 12.0 update 1

Release date: August 9, 2019

Build number: 12.0.0-481

New features

  • Debian Linux 10 is supported in this release. (DSSEG-4262)

Resolved issues

  • Red Hat Enterprise Linux 8 changed the default behavior of DHCP, which impacts Deep Security Agent's ability to detect whether it's running on an Azure VM instance. Therefore, the agent does not carry enough information in HostInfo to Deep Security Manager and fails to re-home to an Azure connector. (DSSEG-4085)
  • The advanced network engine option "Maximum data size to store when packet data is captured" did not work. (DSSEG-4113/SEG-48011)
  • Deep Security Agent real-time Anti-Malware scans and Application Control didn't work on kernel version 5.0.0-15-generic. (DSSEG-4228)
  • Deep Security Agent failed to install on Ubuntu 18.04. (SF01593513/SEG-43300/DSSEG-4119)
  • When using Ubuntu with Netplan network interface, Deep Security Anti-Malware and the network filter driver would not start correctly. (DSSEG-4306)
  • In some cases Integrity Monitoring Events dose not include Entity Name. (SF00889757/DSSEG-3761/SEG-31021)
  • The agent operating system would sometimes crash when Firewall interface ignores were set. (DSSEG-4377)
  • When a guest VM was migrated between ESXi hosts frequently (using vMotion), sometimes the VM couldn't save the state file. This caused the guest to lose the protection of the Deep Security Virtual Appliance for several minutes after migration, until the VM was reactivated by Deep Security Manager automatically under the new ESXi server. (DSSEG-4341)

For release notes from the long-term support LTS release, Deep Security Agent - Unix 12.0 readme.

Deep Security Agent - 12.0 update 5

Release date: December 16, 2019

Build number: 12.0.0-767

Enhancements

  • The Deep Security Agent for the AIX Operating System versions 6.1, 7.1 and 7.2 is added to this release. The security controls supported by this agent are the same as those of the Deep Security 9.0 Agent for AIX, that is Firewall, Intrusion Prevention, Integrity Monitoring and Log Inspection. Detailed feature support information is available on the Deep Security Help Center. The Deep Security 12.0 Agent for AIX incorporates the many improvements to the Deep Security Agent between Deep Security 9.0 and Deep Security 12.0 . This agent also has the same support life cycle as the Deep Security 12.0 LTS release. (DS-17159)

Resolved issues

  • When Application Control was enabled with Zenoss a high-volume of file events were created which caused high CPU usage. (SEG-56946/SEG-62440/SEG-64764/DSSEG-4792)
  • Deep Security Virtual Appliance took too long to release file descriptors after a VM vMotion. (DSSEG-4817)
  • Debug logging caused the Deep Security Agent to restart abnormally. (DSSEG-4948)
  • Using environment variables in Integrity Monitoring rules was not working with Real-time Integrity Monitoring. (SF02611220/SEG-64777/SEG-65541/DSSEG-4953)

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated to curl 7.67.0. (DSSEG-4906)
  • Updated to openssl-1.0.2t. (DSSEG-4906)

Deep Security Agent - 12.0 update 3

Release date: November 5, 2019

Build number: 12.0.0-682

Resolved issues

  • High CPU usage occurred when Application Control was enabled on an Apache Hadoop server that was creating a high volume of non-executable files in the Yarn user cache. (DSSEG-4631)
  • Deep Security failed to download security updates. (SF02043400/SEG-52069DSSEG-4431)

Deep Security Agent - 12.0 update 2

Release date: September 13, 2019

Build number: 12.0.0-563

Resolved issues

  • When multiple Smart Protection Servers were configured, the Deep Security Agent process would sometimes crash due to an invalid sps_index. (DSSEG-4386)
  • On Deep Security Agent for AIX, the GroupSet and UserSet 'Entity Set' types were not functioning properly when included in Integrity Monitoring rules. (DSSEG-4239)
  • The Deep Security Agent for AIX failed to receive policies that included a large number of rule sets. (DSSEG-4207)
  • On AIX servers, the Deep Security Agent's interface bypass feature incorrectly read the interface mac address provided by AIX for interfaces with names that are not three characters.  As a result these interfaces could not be bypassed. (DSSEG-4118)
  • Deep Security Agent did not add Python extension module (PYD) files to the inventory of Application Control. (DSSEG-3588)
  • Deep Security Agent SSL inspection didn't work with a TLS/SSL connection in explicit mode. (DSSEG-4464)
  • For certain configurations, an agent might fail to locate Azure fabric server and therefore is unable to rehome to the Azure connector properly. (DSSEG-4547)

Deep Security Agent - 12.0 update 1

Release date: August 9, 2019

Build number: 12.0.0-481

Resolved issues

  • Network events were sometimes lost in certain conditions. (DSSEG-4159)
  • In some cases Integrity Monitoring Events dose not include Entity Name. (SF00889757/DSSEG-3761/SEG-31021)

For release notes from the long-term support LTS release, Deep Security Agent - Windows 12.0 readme.

Deep Security Agent - 12.0 update 5

Release date: December 16, 2019

Build number: 12.0.0-767

Resolved issues

  • When Application Control was enabled with Zenoss a high-volume of file events were created which caused high CPU usage. (SEG-56946/SEG-62440/SEG-64764/DSSEG-4792)
  • Deep Security Virtual Appliance took too long to release file descriptors after a VM vMotion. (DSSEG-4817)
  • Using environment variables in Integrity Monitoring rules was not working with Real-time Integrity Monitoring. (SF02611220/SEG-64777/DSSEG-4953)
  • The server hanged intermittently and utilized a lot of memory. (SF02351375/SEG-59668/DSSEG-4747)

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses.

  • Updated to curl 7.67.0. (DSSEG-4906)
  • Updated to openssl-1.0.2t. (DSSEG-4906)

Deep Security Agent - 12.0 update 4

Release date: November 28, 2019

Build number: 12.0.0-725

Resolved issues

  • Deep Security Anti-Malware for windows repeatedly crashed and tried to create a crash dump for Anti-Malware which caused high CPU. (SF02621665/SEG-63997/DSSEG-4889)
  • High CPU usage occurred when Application Control was enabled on an Apache Hadoop server that was creating a high volume of non-executable files in the Yarn user cache. (DSSEG-4631)
  • When computers wrote document files to a file server, Anti-Malware needed to scan the files frequently, which caused other computers to fail to write the file because the file was being scanned.

    For modern OSs like Win2016 or Win2012, please reboot the machine to apply this enhancement after upgrading the Deep Security Agent.

    (SF02497125/DSSEG-4746/SEG-61541)

  • The "Type" attribute wasn't displayed in Integrity Monitoring events when the default "STANDARD" attribute was set to monitor registry value changes. (DSSEG-4625)
  • The Anti-Malware Solution Platform (AMSP) log server sometimes crashed. (DSSEG-4620/SEG-51877)
  • The operating system sometimes crashed when a RATT tool was used to collect driver logs. (DSSEG-4435)
  • Deep Security Agent restarted abnormally along with an "Unable to send data to Notifier app." error message in ds_agent.log. (DSSEG-2089)
  • A Deep Security Anti-Malware driver occupied a lot of paged pool memory. (SF02185196/SEG-54652/DSSEG-4224)

    • If you are using a modern operating system, such as Windows Server 2016 or Windows Server 2012, reboot the computer to apply this fix after upgrading the Deep Security Agent.

  • Deep Security failed to download security updates. (SF02043400/SEG-52069DSSEG-4431)

Deep Security Agent - 12.0 update 3

Release date: November 5, 2019

Build number: 12.0.0-682

This build has been deprecated due to issues with high CPU. Use a more recent build or contact your support provider for assistance.

For more information, see Removal of Trend Micro Deep Security Agent 12.0 Update 3 for Windows (build:12.0.0-682).

Deep Security Agent - 12.0 update 2

Release date: September 13, 2019

Build number: 12.0.0-563

New features

  • Added Windows Server 2019 version 1903 as a supported platform.

Resolved issues

  • When the system region format is "Chinese (Traditional, Hong Kong SAR)", Deep Security Notifier displayed simplified Chinese instead of traditional Chinese. (DSSEG-4432/SEG-48075)
  • When multiple Smart Protection Servers were configured, the Deep Security Agent process would sometimes crash due to an invalid sps_index. (DSSEG-4386)
  • The "Send Policy" action failed because of a GetDockerVersion command error in Deep Security Agent. (DSSEG-4082)
  • Deep Security Agent did not add Python extension module (PYD) files to the inventory of Application Control. (DSSEG-3588)
  • Deep Security Agent SSL inspection didn't work with a TLS/SSL connection in explicit mode. (DSSEG-4464)
  • For certain configurations, an agent might fail to locate Azure fabric server and therefore is unable to rehome to the Azure connector properly. (DSSEG-4547)

Deep Security Agent - 12.0 update 1

Release date: August 9, 2019

Build number: 12.0.0-481

Resolved issues

  • The advanced network engine option "Maximum data size to store when packet data is captured" did not work. (DSSEG-4113/SEG-48011)
  • In some cases Integrity Monitoring Events dose not include Entity Name. (SF00889757/DSSEG-3761/SEG-31021)
  • An incorrect reboot request event sometimes occurred. (DSSEG-3722)