What's new in Deep Security Manager?

For release notes from the long-term support LTS release, Deep Security Manager 12.0 readme.

For release notes from previous years, see Archived Deep Security Manager release notes

Deep Security Manager - 12.0 update 30

Release date: May 4, 2023

Build number: 12.0.544

Enhancements

  • Deep Security Manager now receives events when an Agent upgrade fails to install due to Azure Code Signing verification. DSSEG-7837

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7771/DSSEG-7841

Highest CVSS: 8.8

Highest severity: High

Deep Security Manager - 12.0 update 29

Release date: October 4, 2022

Build number: 12.0.540

Resolved issues

  • The Anti-Malware host report would incorrectly state Anti-Malware is online when the Deep Security console shows Anti-Malware Offline. SF05780825/SEG-149707/DSSEG-7706
  • Deep Security Manager sometimes generated unexpected "Computer Updated" system events. SF05496967/SEG-138407/DSSEG-7678

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7705

Highest CVSS: 9.1

Highest severity: Critical

Deep Security Manager - 12.0 update 28

Release date: July 4, 2022

Build number: 12.0.537

Resolved issues

  • Events for Log Inspection rule "1003613 - DHCP Server" were not being retrieved. SEG-125264/DSSEG-7630

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7561

Highest CVSS: 7.5

Highest severity: High

Deep Security Manager - 12.0 update 27

Release date: May 26, 2022

Build number: 12.0.535

Resolved issues

  • Some rules did not display properly in Deep Security Manager when columns were sorted "By Group" (under Policies > Common Objects > Rules or under Computers > Computers).

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7532

Highest CVSS: 9.8

Highest severity: Critical

Deep Security Manager - 12.0 update 26

Release date: April 28, 2022

Build number: 12.0.533

Enhancements

  • Updated Deep Security Manager to use the term "protected" instead of "anonymous" when referring to Trend Micro Feedback being shared with the Smart Protection Network. DSSEG-7536

Resolved issues

  • Deep Security Manager was not receiving the number associated with "systemEventID" errors under some system configurations using Simple Network Management Protocol (SNMP). 04711592/SEG-122864/DSSEG-7263
  • After changing the general settings for a policy (under Policies > (select a policy) > Settings > General), the Reset button used to reset all settings to inherent did not work for "Automatically send Policy changes to computers" or "Perform ongoing Recommendation Scans". DSSEG-7439
  • Deep Security Manager displayed the incorrect number of overrides under Computer or Policy > Overrides. 03513073/SEG-83802/DSSEG-7455

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7391

Highest CVSS: 7.5

Highest severity: High

Deep Security Manager - 12.0 update 25

Release date: March 08, 2022

Build number: 12.0.527

Resolved issues

  • Deep Security Manager would sometimes re-download an outdated Kernel Support Package (KSP) that had previously been deleted. DSSEG-7483

Deep Security Manager - 12.0 update 23

Release date: November 29, 2021

Build number: 12.0.522

Resolved issues

  • In Deep Security Manager's Computers tab, the "LAST COMMUNICATION" column sometimes would not sort correctly. SEG-120751/SF04862693/DSSEG-7281

Deep Security Manager - 12.0 update 22

Release date: November 01, 2021

Build number: 12.0.521

Enhancements

  • Updated Deep Security Manager to allow adding the AWS instance ID field in system and security events using a (dsm_c) console command. SEG-109291/SF04487365/DSSEG-7055

Resolved issues

  • Deep Security Manager sometimes received alerts for agents that had not been activated. SEG-112134/SF04588645/DSSEG-6962

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-6534/04742276/DSSEG-7231

Highest CVSS: 6.1

Highest severity: Medium

Deep Security Manager - 12.0 update 21

Release date: September 15, 2021

Build number: 12.0.516

Resolved issues

  • In Deep Security Manager's Computers page, some columns ("LAST MANUAL SCAN FOR MALWARE" and "LAST SCHEDULED SCAN FOR MALWARE") would not sort properly. SF04406374/SEG-107465/DSSEG-6885
  • Tenants were sometimes unable to update their license if the primary tenant enabled a proxy server with credentials (Administration > System Settings > Proxies > Deep Security Manager (Software Updates, CSSS, News Updates, Product Registration and Licensing)). VRTS-6038/04588945/DSSEG-6987

Deep Security Manager - 12.0 update 20

Release date: August 04, 2021

Build number: 12.0.515

Enhancements

  • Updated Deep Security Manager to increase the number of "Maximum TCP connections " (Computers > Computers > Details > Settings > Advanced) to 1000000 by default. DSSEG-6995

Resolved issues

  • In multi-tenant environments, licensing updates sometimes failed if the primary tenant had a proxy enabled for Deep Security Manager (Administration > System Settings > Proxies > Deep Security Manager (Software Updates, CSSS, News Updates, Product Registration and Licensing)). SEG-112726/04453369/DSSEG-6971
  • Running multiple "Check for Security Update" scheduled tasks at the same time sometimes resulted in updates being skipped. SEG-110107/SF04490101/DSSEG-6930

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-6743/DSSEG-6997/DSSEG-7009

Highest CVSS: 9.1

Highest severity: High

Deep Security Manager - 12.0 update 19

Release date: July 06, 2021

Build number: 12.0.509

Resolved issues

  • When a Deep Security Relay download failed, Deep Security Manager triggered a "Software Update" event that was missing the details of the relay issue. SF04443281/SEG-111629/DSSEG-6965

Deep Security Manager - 12.0 update 18

Release date: May 27, 2021

Build number: 12.0.503

Enhancements

  • Updated Deep Security Manager to include SHA-1 values when exporting Anti-Malware "Identified Files" data into a .CSV file. DSSEG-6911

Resolved issues

  • Deep Security Manager sometimes stopped processing scheduled tasks if the database connection was unstable. SEG-102044/SF04236155/DSSEG-6689

Deep Security Manager - 12.0 update 17

Release date: April 26, 2021

Build number: 12.0.501

Resolved issues

  • Filtering a Smart Folder by tag was not working properly for new events added with Auto-Tagging (Events & Reports > (select event type) > Auto-Tagging). SEG-103100/SF04264168/DSSEG-6732
  • Updating the password for an Azure Connector (Computers > Computers > right-click Azure Connector > Properties > Connection) sometimes didn't work, causing the account to lose its connection to Deep Security Manager. SEG-97244/SF04027400/DSSEG-6628
  • Deep Security Manager's "Security Updates Overview" (Administration > Updates > Security) sometimes showed "No Scheduled Task" even if there was one in Administration > Scheduled Tasks. SEG-97381/DSSEG-6764
  • Deep Security Manager had connection issues under some multi-tenant configurations. DSSEG-6469
  • The "View Renewal Instructions" URL was broken in the License Properties menu (Administration > Licenses > View Details). SEG-104258/SF04308332/DSSEG-6768

Deep Security Manager - 12.0 update 16

Release date: March 22, 2021

Build number: 12.0.493

Resolved issues

  • The Deep Security Manager was installing an incorrect version of the relay in some cases. DSSEG-6604

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-6574

Highest CVSS Score: 7.5

Highest severity: High

Deep Security Manager - 12.0 update 15

Release date: January 28, 2021

Build number: 12.0.490

Enhancements

  • Updated Deep Security Manager to make the "Computer Description" field for Smart Folders usable as a search criteria (Computers & Smart Folders ). SEG-85288/DSSEG-6436

Resolved issues

  • The Deep Security Manager console command used to set a preferred IP address for Deep Security Agents with multiple IPs was sometimes not working, causing some agents to be unable to connect. DSSEG-6521
  • When you added a Log Inspection rule or Intrusion Prevention rule, a Web Application Firewall sometimes blocked the page. SEG-87396/SF03668760/DSSEG-6283
  • Anti-Malware Scan scheduled tasks that had timed out were sometimes starting again instead of triggering a "Scheduled Task Skipped" event. SEG-95139/03837423/DSSEG-6548
  • The "Automatically delete Server Logs older than" setting in Administration > System Settings > Storage appeared for tenants, when it should have only appeared for the primary tenant. DSSEG-6483
  • When Deep Security Agent was running with Anti-Malware real-time scans, it sometimes caused random failures on unrelated applications. SEG-85142/03527705/DSSEG-6082

Deep Security Manager - 12.0 update 14

Release date: November 12, 2020

Build number: 12.0.484

Resolved issues

  • Scheduled Scans on vCloud Director VMs did not work. SEG-82971/SF03421234/DSSEG-6037
  • The "Malware Scan Status" widget on the Dashboard occasionally displayed the wrong data. SEG-81776/03398406/DSSEG-6359
  • The auto-renew mechanism for the certificate used for TLS communication between Deep Security Manager and Deep Security Agent didn't work as expected. The expired certificates resulted in the manager and agents being unable to communicate with each other, which caused many offline agents to appear on the web console. SEG-79146/SF03240076/DSSEG-6321
  • Occasionally, issues occurred when vCenters attempted to sync with Deep Security Manager. SEG-90204/SF03773453/DSSEG-6382

Deep Security Manager 12.0 update 13

Release date: October 1, 2020

Build number: 12.0.480

Enhancements

  • The pager numbers, phone numbers, or mobile numbers listed on the Users Properties page of Deep Security Manager can be configured to be more than 30 digits. SEG-80854/SF03098096/DSSEG-5890
  • Deep Security verifies the signature on the Deep Security Agent to ensure that the software files have not changed since the time of signing. DSSEG-5874

Resolved issues

  • Some Intrusion Prevention rules were designed to operate exclusively in "Detect Only" mode, however you were able to change their behavior on the policy and computer pages. SEG-83700/SF03456778/DSSEG-5998
  • The "Ransomware Event History" widget on the dashboard displayed incorrect information. SEG-86045/SF03618147/DSSEG-6142
  • The MasterAdmin could not create a scheduled task for all computers. SEG-86413/SF03320936/DSSEG-6131

Deep Security Manager 12.0 update 12

Release date: August 19, 2020

Build number: 12.0.473

Resolved issues

  • When there was a Log Inspection database corruption issue, it did not affect the Log Inspection status on the Deep Security Manager. SEG-77081/02984526/DSSEG-5726
  • There was a rights issue with Scheduled Tasks that caused incorrect behaviors to occur when creating them. SEG-78610/SF03320936/DSSEG-5752
  • Imported VMs in vCloud were unable to activate. SEG-75542/03189161/DSSEG-5813
  • Upgrading to Deep Security Manager 12 was blocked if you installed Deep Security Virtual Appliance into NSX-V 6.4.7 on ESXi 7.0. SEG-82636,/SEG-82637/DSSEG-5926
  • The Computer Status widget on Deep Security Manager's dashboard did not display the correct number of managed computers. SEG-80171/03189161/DSSEG-5885

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5814/VRTS-4652/03296737/DSSEG-5772

Highest CVSS Score: 9.8

Highest severity: Critical

Deep Security Manager 12.0 update 11

Release date: July 9, 2020

Build number: 12.0.466

Enhancements

  • The 'upgrade on activation' feature will only upgrade the agent on the computer from the last two major releases. If the agent does not meet the criteria, customer must upgrade the agent manually to a release within the last two major releases. Then the 'upgrade on activation' feature will detect the newer version and complete the upgrade to the designated release. DSSEG-5715

Resolved issues

  • If you re-imported different software packages with the same name, the packages were not considered modified. DSSEG-5707
  • The description of the default SSL configuration was misleading. SEG-68686/DSSEG-5191
  • An error occurred when properties were changed on the Log Inspection rule "1002729 - Default Rules Configuration" in Policy > Common Objects > Log Inspection Rules. SEG-77260/SF03263573/DSSEG-5727

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.

  • Highest CVSS Score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
  • Highest severity: High

DSSEG-5738/DSSEG-5886/DSSEG-5744

Deep Security Manager 12.0 update 10

Release date: May 28, 2020

Build number: 12.0.458

New features

Improved management and quality

Instance Metadata Service Version 2 (IMDSv2) support: IMDSv2 is supported with Deep Security Agent 12.0 update 10. For details, see How does Deep Security Agent use the Amazon Instance Metadata Service? DSSEG-5463

Enhancements

  • Updated the Events & Reports > Scheduled Reports page so that you're unable to create a report that might result in a failure. An alert appears that specifies the settings you must set before creating the scheduled report. SEG-72578/02958064/DSSEG-5525
  • Added the following hidden setting command:

    • dsm_c -action changesetting -name com.trendmicro.ds.antimalware:settings.configuration.maxSelfExtractRTScanSizeMB -value 512

    When Deep Security Agent could not determine the type of the target file, the scan engine loaded the file to memory to determine if it was a self-extracting file. If there were many of these files, the scan engine consumed memory. Using the hidden command setting above, the file-size limitation is set to 512MB for loading target files. When the file-size exceeds the set limitation, the scan engine skips this process and scans the file directly. DSSEG-5097

    To implement this enhancement:

    1. Run this command in Deep Security Manager to change the value in the database.
    2. Send the policy to your target Deep Security Agent to deploy the setting.

Resolved issues

  • There were detection issues with real-time Anti-Malware scans. SEG-72928/SF03050515/DSSEG-5452
  • When several emails with large bodies were queued, they were loaded all at once instead of in batches, which caused a large amount of memory to be used. SEG-71863/SF03024164/DSSEG-5628
  • When Firewall rules, Intrusion Prevention rules, Integrity Monitoring rules or Log Inspection rules were added, updated or removed on a computer using the APIs, the policy wasn't sent to the computer. SEG-74583/SF03099843/DSSEG-5481

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5540/DSSEG-5605/SEG-70989/SF02964497/DSSEG-5653/DSSEG-5652

Highest CVSS Score: 6.5

Highest Severity: Medium

Deep Security Manager 12.0 update 9

Release date: May 4, 2020

Build number: 12.0.446

Enhancements

  • Improved the Computers page by reducing the memory consumption and time spent while loading the page.SEG-69380/DSSEG-5437
  • Updated Deep Security Manager to allow vCloud accounts to be added even if the virtual machine hardware information is missing. SEG-72729/SF03054267/DSSEG-5354
  • Added support for Windows Server 2019. DSSEG-5213

Resolved issues

  • Active Directory synchronization sometimes would not finish. SEG-52485/DSSEG-5477
  • Anti-Malware events that were marked as "Pass" were not properly counted on the dashboard or under Anti-Malware events. SEG-70872/SF02904003/DSSEG-5278
  • Deep Security Agents occasionally failed to download software components from the relays if multiple components are available at the same time. SEG-66691/DSSEG-5444
  • When you clicked the + button on the Dashboard, you couldn't type a new entry in the New Dashboard Name field. DSSEG-5535
  • Rule updates couldn't be applied because of an issue with the Oracle database. DSSEG-5357

Security Updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. DSSEG-5307/DSSEG-5580

Deep Security Manager - 12.0 update 8

Release date: April 1, 2020

Build number: 12.0.426

New features

Enhanced platform support

  • Red Hat Enterprise Linux 8 (64-bit)

Enhancements

  • Updated the descriptions related to memory on the System Information page so they're more accurate and easier to understand. (DSSEG-5134)
  • If an Anti-Malware action fails, the results will be displayed in the Syslog results field. (SEG-69456/SF02896227/DSSEG-5300)
  • Added installation log rotation for Deep Security Manager. (SEG-66918/02765043/DSSEG-5126)

Resolved issues

  • Deep Security Manager did not allow NSX-T to download the required files that NSX-T needs to check if the partner OVF is signed by VMware. As a result, the DSVA OVF could not be properly deployed. (DSSEG-5195)
  • When Integrity Monitoring was enabled, the following warning message appeared: "Security Update: Pattern Update on Agents/Appliance Failed". (SEG-67859/DSSEG-5265)
  • When generating multiple reports simultaneously, sometimes the report data was not correct. (SEG-71688/SF03011491/DSSEG-5289)

Deep Security Manager - 12.0 update 7

Release date: February 28, 2020

Build number: 12.0.416

Enhancements

  • Added a progress bar to Administration> User Management > Roles > New > Computer Rights > Selected Computers to indicate when the page is still loading. (SEG-61331/DSSEG-4941)
  • Improved performance when image files are repeatedly downloaded to the browser. (SEG-64280/DSSEG-5141)

Resolved issues

  • When the "Untagged" filter was selected on the dashboard, some widgets continued to display tagged items. (SEG-63290/SF02585007/DSSEG-4910)
  • The computers list did not search for "Software Update Status" correctly. This affected the computers list and the "out-of-date" computer reports and widgets that used it for displaying affected computers. (SEG-62740/DSSEG-4840)
  • The Firewall status for virtual machines did not update if PortScan was not allowed to run on the tenant. (SEG-63713/SF02554452/DSSEG-5041)
  • Tenants in a multi-tenant setup could move their relays to the primary tenant relay group. This would cause the relays to disappear from their 'Relay Management' page. Tenants are now prevented from moving their relays to the primary tenant relay group. (SEG-57715/02322762/DSSEG-5240)
  • Deep Security Manager with PostgreSQL sometimes stopped forwarding events to AWS SNS. (SEG-67362/SF02798561/DSSEG-5077)
  • The Scan for Integrity and Rebuild Baseline buttons were grayed out and disabled on Computers > Computer Details > Integrity Monitoring > General even after the corresponding operation was completed. (SEG-69921/02932025/DSSEG-5229)
  • When Intrusion Prevention rules were assigned or unassigned based on the recommendations, the policy editor's performance was poor and the recommendations were not applied. (SEG-63540/SF02573474/DSSEG-4965)
  • Deep Security Manager sometimes failed to generate a summary report. (SEG-68840/SF02850674/DSSEG-5165)
  • Adding a vCloud connector failed on vCloud Director version 9.7 or later because the SDK was not supported. (DSSEG-5185)
  • Agentless protection did not work on vCloud Director version 9.5 or later. (DSSEG-5185)

Security Updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. (DSSEG-5230/DSSEG-5140/DSSEG-5171)

  • Updated JRE to the latest Bundled Patch Release (8.0.241/8.43.0.6). (DSSEG-5180)

Deep Security Manager - 12.0 update 6

Release date: January 17, 2020

Build number: 12.0.393

Enhancements

  • Added the "TrendMicroDsPacketData" field to Firewall events that are syslog forwarded via the Deep Security Manager. (DSSEG-4856)
  • Added the following hidden setting command to prevent Behaviour Monitoring from detecting .dlls:

    • dsm_c -action changesetting -name com.trendmicro.ds.antimalware:settings.configuration.bmExploitLoadRemoteLibExceptionList -value "abc.dll;123.dll"

    To implement this enhancement send the policy to Deep Security Agent.

    In addition to the "123.dll" base name, wildcards are also supported. You can add a value such as "\10.1.1.1\remote*", and all the .dlls in this remote path won't be detected. (DSSEG-4976)

Resolved issues

  • The column names in the CSV output of the "Security Module Usage Report" were partially misaligned with the data columns. (SEG-66258/SF02718206/DSSEG-5029)
  • In the Malware Scan Configuration window (Computers/Policies > Anti-Malware > General > Manual Scan > Edit > Advanced and select Scan Compressed File) the Maximum number of files to extract setting could not be set to 0, meaning unlimited. (SEG-65997/02685854/DSSEG-5040)
  • Shipping events to an external syslog server was slow when the option to send extended event descriptions was enabled. This lead to unacceptable delays until events arrived at the syslog server. (DSSEG-4984)
  • When adding new dashboards in Deep Security Manager, if you clicked "+" on the Dashboard page and then pressed Enter several times in quick succession, multiple dashboards were created and the first dashboard would lose widgets. (DSSEG-5089)
  • The advanced search on the Computers page did not work properly when the criteria included "Version field" and the value was "N/A". (SEG-66513/02740746/DSSEG-5106)

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. (DSSEG-5056)