What's new in Deep Security Manager?
For release notes from the long-term support LTS release, Deep Security Manager 12.0 readme.
For release notes from previous years, see Archived Deep Security Manager release notes
Deep Security Manager - 12.0 update 30
Release date: May 4, 2023
Build number: 12.0.544
Enhancements
- Deep Security Manager now receives events when an Agent upgrade fails to install due to Azure Code Signing verification. DSSEG-7837
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7771/DSSEG-7841
Highest CVSS: 8.8
Highest severity: High
Deep Security Manager - 12.0 update 29
Release date: October 4, 2022
Build number: 12.0.540
Resolved issues
- The Anti-Malware host report would incorrectly state Anti-Malware is online when the Deep Security console shows Anti-Malware Offline. SF05780825/SEG-149707/DSSEG-7706
- Deep Security Manager sometimes generated unexpected "Computer Updated" system events. SF05496967/SEG-138407/DSSEG-7678
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7705
Highest CVSS: 9.1
Highest severity: Critical
Deep Security Manager - 12.0 update 28
Release date: July 4, 2022
Build number: 12.0.537
Resolved issues
- Events for Log Inspection rule "1003613 - DHCP Server" were not being retrieved. SEG-125264/DSSEG-7630
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7561
Highest CVSS: 7.5
Highest severity: High
Deep Security Manager - 12.0 update 27
Release date: May 26, 2022
Build number: 12.0.535
Resolved issues
- Some rules did not display properly in Deep Security Manager when columns were sorted "By Group" (under Policies > Common Objects > Rules or under Computers > Computers).
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7532
Highest CVSS: 9.8
Highest severity: Critical
Deep Security Manager - 12.0 update 26
Release date: April 28, 2022
Build number: 12.0.533
Enhancements
- Updated Deep Security Manager to use the term "protected" instead of "anonymous" when referring to Trend Micro Feedback being shared with the Smart Protection Network. DSSEG-7536
Resolved issues
- Deep Security Manager was not receiving the number associated with "systemEventID" errors under some system configurations using Simple Network Management Protocol (SNMP). 04711592/SEG-122864/DSSEG-7263
- After changing the general settings for a policy (under Policies > (select a policy) > Settings > General), the Reset button used to reset all settings to inherent did not work for "Automatically send Policy changes to computers" or "Perform ongoing Recommendation Scans". DSSEG-7439
- Deep Security Manager displayed the incorrect number of overrides under Computer or Policy > Overrides. 03513073/SEG-83802/DSSEG-7455
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-7391
Highest CVSS: 7.5
Highest severity: High
Deep Security Manager - 12.0 update 25
Release date: March 08, 2022
Build number: 12.0.527
Resolved issues
- Deep Security Manager would sometimes re-download an outdated Kernel Support Package (KSP) that had previously been deleted. DSSEG-7483
Deep Security Manager - 12.0 update 23
Release date: November 29, 2021
Build number: 12.0.522
Resolved issues
- In Deep Security Manager's Computers tab, the "LAST COMMUNICATION" column sometimes would not sort correctly. SEG-120751/SF04862693/DSSEG-7281
Deep Security Manager - 12.0 update 22
Release date: November 01, 2021
Build number: 12.0.521
Enhancements
- Updated Deep Security Manager to allow adding the AWS instance ID field in system and security events using a (dsm_c) console command. SEG-109291/SF04487365/DSSEG-7055
Resolved issues
- Deep Security Manager sometimes received alerts for agents that had not been activated. SEG-112134/SF04588645/DSSEG-6962
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-6534/04742276/DSSEG-7231
Highest CVSS: 6.1
Highest severity: Medium
Deep Security Manager - 12.0 update 21
Release date: September 15, 2021
Build number: 12.0.516
Resolved issues
- In Deep Security Manager's Computers page, some columns ("LAST MANUAL SCAN FOR MALWARE" and "LAST SCHEDULED SCAN FOR MALWARE") would not sort properly. SF04406374/SEG-107465/DSSEG-6885
- Tenants were sometimes unable to update their license if the primary tenant enabled a proxy server with credentials (Administration > System Settings > Proxies > Deep Security Manager (Software Updates, CSSS, News Updates, Product Registration and Licensing)). VRTS-6038/04588945/DSSEG-6987
Deep Security Manager - 12.0 update 20
Release date: August 04, 2021
Build number: 12.0.515
Enhancements
- Updated Deep Security Manager to increase the number of "Maximum TCP connections " (Computers > Computers > Details > Settings > Advanced) to 1000000 by default. DSSEG-6995
Resolved issues
- In multi-tenant environments, licensing updates sometimes failed if the primary tenant had a proxy enabled for Deep Security Manager (Administration > System Settings > Proxies > Deep Security Manager (Software Updates, CSSS, News Updates, Product Registration and Licensing)). SEG-112726/04453369/DSSEG-6971
- Running multiple "Check for Security Update" scheduled tasks at the same time sometimes resulted in updates being skipped. SEG-110107/SF04490101/DSSEG-6930
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-6743/DSSEG-6997/DSSEG-7009
Highest CVSS: 9.1
Highest severity: High
Deep Security Manager - 12.0 update 19
Release date: July 06, 2021
Build number: 12.0.509
Resolved issues
- When a Deep Security Relay download failed, Deep Security Manager triggered a "Software Update" event that was missing the details of the relay issue. SF04443281/SEG-111629/DSSEG-6965
Deep Security Manager - 12.0 update 18
Release date: May 27, 2021
Build number: 12.0.503
Enhancements
- Updated Deep Security Manager to include SHA-1 values when exporting Anti-Malware "Identified Files" data into a .CSV file. DSSEG-6911
Resolved issues
- Deep Security Manager sometimes stopped processing scheduled tasks if the database connection was unstable. SEG-102044/SF04236155/DSSEG-6689
Deep Security Manager - 12.0 update 17
Release date: April 26, 2021
Build number: 12.0.501
Resolved issues
- Filtering a Smart Folder by tag was not working properly for new events added with Auto-Tagging (Events & Reports > (select event type) > Auto-Tagging). SEG-103100/SF04264168/DSSEG-6732
- Updating the password for an Azure Connector (Computers > Computers > right-click Azure Connector > Properties > Connection) sometimes didn't work, causing the account to lose its connection to Deep Security Manager. SEG-97244/SF04027400/DSSEG-6628
- Deep Security Manager's "Security Updates Overview" (Administration > Updates > Security) sometimes showed "No Scheduled Task" even if there was one in Administration > Scheduled Tasks. SEG-97381/DSSEG-6764
- Deep Security Manager had connection issues under some multi-tenant configurations. DSSEG-6469
- The "View Renewal Instructions" URL was broken in the License Properties menu (Administration > Licenses > View Details). SEG-104258/SF04308332/DSSEG-6768
Deep Security Manager - 12.0 update 16
Release date: March 22, 2021
Build number: 12.0.493
Resolved issues
- The Deep Security Manager was installing an incorrect version of the relay in some cases. DSSEG-6604
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-6574
Highest CVSS Score: 7.5
Highest severity: High
Deep Security Manager - 12.0 update 15
Release date: January 28, 2021
Build number: 12.0.490
Enhancements
- Updated Deep Security Manager to make the "Computer Description" field for Smart Folders usable as a search criteria (Computers & Smart Folders ). SEG-85288/DSSEG-6436
Resolved issues
- The Deep Security Manager console command used to set a preferred IP address for Deep Security Agents with multiple IPs was sometimes not working, causing some agents to be unable to connect. DSSEG-6521
- When you added a Log Inspection rule or Intrusion Prevention rule, a Web Application Firewall sometimes blocked the page. SEG-87396/SF03668760/DSSEG-6283
- Anti-Malware Scan scheduled tasks that had timed out were sometimes starting again instead of triggering a "Scheduled Task Skipped" event. SEG-95139/03837423/DSSEG-6548
- The "Automatically delete Server Logs older than" setting in Administration > System Settings > Storage appeared for tenants, when it should have only appeared for the primary tenant. DSSEG-6483
- When Deep Security Agent was running with Anti-Malware real-time scans, it sometimes caused random failures on unrelated applications. SEG-85142/03527705/DSSEG-6082
Deep Security Manager - 12.0 update 14
Release date: November 12, 2020
Build number: 12.0.484
Resolved issues
- Scheduled Scans on vCloud Director VMs did not work. SEG-82971/SF03421234/DSSEG-6037
- The "Malware Scan Status" widget on the Dashboard occasionally displayed the wrong data. SEG-81776/03398406/DSSEG-6359
- The auto-renew mechanism for the certificate used for TLS communication between Deep Security Manager and Deep Security Agent didn't work as expected. The expired certificates resulted in the manager and agents being unable to communicate with each other, which caused many offline agents to appear on the web console. SEG-79146/SF03240076/DSSEG-6321
- Occasionally, issues occurred when vCenters attempted to sync with Deep Security Manager. SEG-90204/SF03773453/DSSEG-6382
Deep Security Manager 12.0 update 13
Release date: October 1, 2020
Build number: 12.0.480
Enhancements
- The pager numbers, phone numbers, or mobile numbers listed on the Users Properties page of Deep Security Manager can be configured to be more than 30 digits. SEG-80854/SF03098096/DSSEG-5890
- Deep Security verifies the signature on the Deep Security Agent to ensure that the software files have not changed since the time of signing. DSSEG-5874
Resolved issues
- Some Intrusion Prevention rules were designed to operate exclusively in "Detect Only" mode, however you were able to change their behavior on the policy and computer pages. SEG-83700/SF03456778/DSSEG-5998
- The "Ransomware Event History" widget on the dashboard displayed incorrect information. SEG-86045/SF03618147/DSSEG-6142
- The MasterAdmin could not create a scheduled task for all computers. SEG-86413/SF03320936/DSSEG-6131
Deep Security Manager 12.0 update 12
Release date: August 19, 2020
Build number: 12.0.473
Resolved issues
- When there was a Log Inspection database corruption issue, it did not affect the Log Inspection status on the Deep Security Manager. SEG-77081/02984526/DSSEG-5726
- There was a rights issue with Scheduled Tasks that caused incorrect behaviors to occur when creating them. SEG-78610/SF03320936/DSSEG-5752
- Imported VMs in vCloud were unable to activate. SEG-75542/03189161/DSSEG-5813
- Upgrading to Deep Security Manager 12 was blocked if you installed Deep Security Virtual Appliance into NSX-V 6.4.7 on ESXi 7.0. SEG-82636,/SEG-82637/DSSEG-5926
- The Computer Status widget on Deep Security Manager's dashboard did not display the correct number of managed computers. SEG-80171/03189161/DSSEG-5885
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5814/VRTS-4652/03296737/DSSEG-5772
Highest CVSS Score: 9.8
Highest severity: Critical
Deep Security Manager 12.0 update 11
Release date: July 9, 2020
Build number: 12.0.466
Enhancements
- The 'upgrade on activation' feature will only upgrade the agent on the computer from the last two major releases. If the agent does not meet the criteria, customer must upgrade the agent manually to a release within the last two major releases. Then the 'upgrade on activation' feature will detect the newer version and complete the upgrade to the designated release. DSSEG-5715
Resolved issues
- If you re-imported different software packages with the same name, the packages were not considered modified. DSSEG-5707
- The description of the default SSL configuration was misleading. SEG-68686/DSSEG-5191
- An error occurred when properties were changed on the Log Inspection rule "1002729 - Default Rules Configuration" in Policy > Common Objects > Log Inspection Rules. SEG-77260/SF03263573/DSSEG-5727
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases.
- Highest CVSS Score: 8.1 (AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)
- Highest severity: High
DSSEG-5738/DSSEG-5886/DSSEG-5744
Deep Security Manager 12.0 update 10
Release date: May 28, 2020
Build number: 12.0.458
New features
Improved management and quality
Instance Metadata Service Version 2 (IMDSv2) support: IMDSv2 is supported with Deep Security Agent 12.0 update 10. For details, see How does Deep Security Agent use the Amazon Instance Metadata Service? DSSEG-5463
Enhancements
- Updated the Events & Reports > Scheduled Reports page so that you're unable to create a report that might result in a failure. An alert appears that specifies the settings you must set before creating the scheduled report. SEG-72578/02958064/DSSEG-5525
- Added the following hidden setting command:
- Run this command in Deep Security Manager to change the value in the database.
- Send the policy to your target Deep Security Agent to deploy the setting.
dsm_c -action changesetting -name com.trendmicro.ds.antimalware:settings.configuration.maxSelfExtractRTScanSizeMB -value 512
When Deep Security Agent could not determine the type of the target file, the scan engine loaded the file to memory to determine if it was a self-extracting file. If there were many of these files, the scan engine consumed memory. Using the hidden command setting above, the file-size limitation is set to 512MB for loading target files. When the file-size exceeds the set limitation, the scan engine skips this process and scans the file directly. DSSEG-5097
To implement this enhancement:
Resolved issues
- There were detection issues with real-time Anti-Malware scans. SEG-72928/SF03050515/DSSEG-5452
- When several emails with large bodies were queued, they were loaded all at once instead of in batches, which caused a large amount of memory to be used. SEG-71863/SF03024164/DSSEG-5628
- When Firewall rules, Intrusion Prevention rules, Integrity Monitoring rules or Log Inspection rules were added, updated or removed on a computer using the APIs, the policy wasn't sent to the computer. SEG-74583/SF03099843/DSSEG-5481
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. DSSEG-5540/DSSEG-5605/SEG-70989/SF02964497/DSSEG-5653/DSSEG-5652
Highest CVSS Score: 6.5
Highest Severity: Medium
Deep Security Manager 12.0 update 9
Release date: May 4, 2020
Build number: 12.0.446
Enhancements
- Improved the Computers page by reducing the memory consumption and time spent while loading the page.SEG-69380/DSSEG-5437
- Updated Deep Security Manager to allow vCloud accounts to be added even if the virtual machine hardware information is missing. SEG-72729/SF03054267/DSSEG-5354
- Added support for Windows Server 2019. DSSEG-5213
Resolved issues
- Active Directory synchronization sometimes would not finish. SEG-52485/DSSEG-5477
- Anti-Malware events that were marked as "Pass" were not properly counted on the dashboard or under Anti-Malware events. SEG-70872/SF02904003/DSSEG-5278
- Deep Security Agents occasionally failed to download software components from the relays if multiple components are available at the same time. SEG-66691/DSSEG-5444
- When you clicked the + button on the Dashboard, you couldn't type a new entry in the New Dashboard Name field. DSSEG-5535
- Rule updates couldn't be applied because of an issue with the Oracle database. DSSEG-5357
Security Updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. DSSEG-5307/DSSEG-5580
Deep Security Manager - 12.0 update 8
Release date: April 1, 2020
Build number: 12.0.426
New features
Enhanced platform support
- Red Hat Enterprise Linux 8 (64-bit)
Enhancements
- Updated the descriptions related to memory on the System Information page so they're more accurate and easier to understand. (DSSEG-5134)
- If an Anti-Malware action fails, the results will be displayed in the Syslog results field. (SEG-69456/SF02896227/DSSEG-5300)
- Added installation log rotation for Deep Security Manager. (SEG-66918/02765043/DSSEG-5126)
Resolved issues
- Deep Security Manager did not allow NSX-T to download the required files that NSX-T needs to check if the partner OVF is signed by VMware. As a result, the DSVA OVF could not be properly deployed. (DSSEG-5195)
- When Integrity Monitoring was enabled, the following warning message appeared: "Security Update: Pattern Update on Agents/Appliance Failed". (SEG-67859/DSSEG-5265)
- When generating multiple reports simultaneously, sometimes the report data was not correct. (SEG-71688/SF03011491/DSSEG-5289)
Deep Security Manager - 12.0 update 7
Release date: February 28, 2020
Build number: 12.0.416
Enhancements
- Added a progress bar to Administration> User Management > Roles > New > Computer Rights > Selected Computers to indicate when the page is still loading. (SEG-61331/DSSEG-4941)
- Improved performance when image files are repeatedly downloaded to the browser. (SEG-64280/DSSEG-5141)
Resolved issues
- When the "Untagged" filter was selected on the dashboard, some widgets continued to display tagged items. (SEG-63290/SF02585007/DSSEG-4910)
- The computers list did not search for "Software Update Status" correctly. This affected the computers list and the "out-of-date" computer reports and widgets that used it for displaying affected computers. (SEG-62740/DSSEG-4840)
- The Firewall status for virtual machines did not update if PortScan was not allowed to run on the tenant. (SEG-63713/SF02554452/DSSEG-5041)
- Tenants in a multi-tenant setup could move their relays to the primary tenant relay group. This would cause the relays to disappear from their 'Relay Management' page. Tenants are now prevented from moving their relays to the primary tenant relay group. (SEG-57715/02322762/DSSEG-5240)
- Deep Security Manager with PostgreSQL sometimes stopped forwarding events to AWS SNS. (SEG-67362/SF02798561/DSSEG-5077)
- The Scan for Integrity and Rebuild Baseline buttons were grayed out and disabled on Computers > Computer Details > Integrity Monitoring > General even after the corresponding operation was completed. (SEG-69921/02932025/DSSEG-5229)
- When Intrusion Prevention rules were assigned or unassigned based on the recommendations, the policy editor's performance was poor and the recommendations were not applied. (SEG-63540/SF02573474/DSSEG-4965)
- Deep Security Manager sometimes failed to generate a summary report. (SEG-68840/SF02850674/DSSEG-5165)
- Adding a vCloud connector failed on vCloud Director version 9.7 or later because the SDK was not supported. (DSSEG-5185)
- Agentless protection did not work on vCloud Director version 9.5 or later. (DSSEG-5185)
Security Updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. (DSSEG-5230/DSSEG-5140/DSSEG-5171)
- Updated JRE to the latest Bundled Patch Release (8.0.241/8.43.0.6). (DSSEG-5180)
Deep Security Manager - 12.0 update 6
Release date: January 17, 2020
Build number: 12.0.393
Enhancements
- Added the "TrendMicroDsPacketData" field to Firewall events that are syslog forwarded via the Deep Security Manager. (DSSEG-4856)
- Added the following hidden setting command to prevent Behaviour Monitoring from detecting .dlls:
dsm_c -action changesetting -name com.trendmicro.ds.antimalware:settings.configuration.bmExploitLoadRemoteLibExceptionList -value "abc.dll;123.dll"
To implement this enhancement send the policy to Deep Security Agent.
In addition to the "123.dll" base name, wildcards are also supported. You can add a value such as "\10.1.1.1\remote*", and all the .dlls in this remote path won't be detected. (DSSEG-4976)
Resolved issues
- The column names in the CSV output of the "Security Module Usage Report" were partially misaligned with the data columns. (SEG-66258/SF02718206/DSSEG-5029)
- In the Malware Scan Configuration window (Computers/Policies > Anti-Malware > General > Manual Scan > Edit > Advanced and select Scan Compressed File) the Maximum number of files to extract setting could not be set to 0, meaning unlimited. (SEG-65997/02685854/DSSEG-5040)
- Shipping events to an external syslog server was slow when the option to send extended event descriptions was enabled. This lead to unacceptable delays until events arrived at the syslog server. (DSSEG-4984)
- When adding new dashboards in Deep Security Manager, if you clicked "+" on the Dashboard page and then pressed Enter several times in quick succession, multiple dashboards were created and the first dashboard would lose widgets. (DSSEG-5089)
- The advanced search on the Computers page did not work properly when the criteria included "Version field" and the value was "N/A". (SEG-66513/02740746/DSSEG-5106)
Security updates
Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Response. (DSSEG-5056)