Category Archives: 5279

Trend Micro WFBS 5.1 and 5.0 Patches

Body:

Last week Trend announced the release of a number of patches for their Worry Free Business Security products targeted at the SMB market. These patches are both a rollup of all accumulative patches plus an additional patch that did not quite make the rollup itself.

The information below comes from an informal channel communication that Kieran Cook – one of the local Trend engineers sends out from time to time.  This is EXACTLY the type of communication we need to see from vendors on a more regular basis. It leaves NO DOUBT what patches need to be applied and in what order.  If you want to get onto Kierans informal mailing list then send him an email via this link

Trend will later this week be releasing the next version of their WFBS product, v6.0.  Stay tuned here for more information and about how you can get your own copy of my Trend WFBS 6.0 Visual Installation Guide.

Worry-Free Business Security 5.1 Critical Patch – Build 1292 (Standard & Advanced)

Description:

 

"Ntrtscan.exe" closes unexpectedly and an error message appears when Client/Server Security Agent attempts to scan folders with names that exceed 1040 characters.

***Note: it should be installed on top of Patch 1. (Below)***

Download

Location:

 

http://www.Trendmicro.com/download/product.asp?productid=39

http://www.Trendmicro.com/download/product.asp?productid=40

 

Worry-Free Business Security 5.1 Patch 1 (Standard & Advanced)

Description:

 

This patch includes hot fixes and critical patches 1239, 1244 to resolve issues discovered after version 5.1 was released.

Note: customers already installed individual critical patches can still apply this Patch. The installer will automatically overwrite the existing installed critical patches.

Download

Location:

 

http://www.Trendmicro.com/download/product.asp?productid=39

http://www.Trendmicro.com/download/product.asp?productid=40

 

Worry-Free Business Security 5.0 Critical Patch – Build 1449 (Standard & Advanced)

Description:

 

"Ntrtscan.exe" closes unexpectedly and an error message appears when Client/Server Security Agent attempts to scan folders with names that exceed 1040 characters.

 

Note: it should be installed on top of Patch 1.

Download

Location:

 

http://www.Trendmicro.com/download/product.asp?productid=99

http://www.Trendmicro.com/download/product.asp?productid=100

Worry-Free Business Security 5.0 Advanced Patch 3 (Standard & Advanced)

Description:

 

This patch includes fixes and critical patch 1400, 1404, 1414, 1418, 1434 to resolve issues discovered after version 5.0 was released.

 

Note: customers already installed individual critical patches can still apply this Patch. The installer will automatically overwrite the existing installed critical patches.

Download

Location:

 

http://www.Trendmicro.com/download/product.asp?productid=99

http://www.Trendmicro.com/download/product.asp?productid=100

Original:

 

Original: WFBS_50_WIN_EN_Patch2.exe

Updated:

 

WFBS_50_WIN_EN_Patch3.exe

Add the following hot fixes and critical patches after Patch2:

1. Hot fix 1435

2. Hot fix 1441

3. Hot fix 1442

4. Critical Patch 1434

5. Hot fix 1429

6. Hot fix 1438

 

Category: TrendMicro
Published: 26/05/2009 8:35 AM

Upgrading to Trend WFBS 5.1?

Body:

If you are upgrading to Trend Worry-Free Business Security 5.1 and you are coming from their v5.0 product then you will want to go and install Patch 2 first.  Patch 2 resolves a few issues in 5.0 that caused the upgrade to 5.1 to fail.  Best Practice – install this patch before upgrading to 5.1 – it’s only a 43MB download 🙂

You can get the patch from the following locations

WFBS 5.0 Standard http://www.trendmicro.com/download/product.asp?productid=100

WFBS 5.0 Advanced http://www.trendmicro.com/download/product.asp?productid=99

Category: TrendMicro
Published: 27/01/2009 9:46 AM

Trend WFBS 5.1 Beta coming – SBS/EBS support

Body:

Boxshot for Worry-Free Business Security Trend have just released the beta for the 5.1 release of Worry-Free Business Security.  The major components of this release are;

What’s new in Worry-Free Business Security™ v5.1?

  • Additional Microsoft Operating System support: Microsoft Small Business Server 2008 (Cougar) and Microsoft Essential Business Server 2008 (Centro) Support
  • Microsoft Exchange 2007 Server on Windows 2008 Support
  • Web Threat Protection Feedback Loop Support
  • CSA memory reduction to under 40Mb (this is accomplished with the new Virus Scan API 8.9)
  • Integrated install with Worry Free Remote Manager

https://www.trendbeta.com/index.php?get=356&content=450

With the release of Cougar just around the corner, we need to get as much feedback as possible about any potential issues or conflicts with SBS 2008.  The timeframe for the beta is still frustratingly short (October 1st to October 20th) as the longer we maintain the beta the longer we have to wait for the release of WFBS 5.1

 

Internet Security Pro Boxshot 196x196

ANZ RESELLERS ONLY – As an additional incentive, any ANZ reseller that takes part in the beta test and submits the feedback form for will get a FREE 3 user copy  of the new Trend Micro Internet Security 2009 PRO (RRP $129).

Category: TrendMicro
Published: 28/08/2008 5:17 PM

Blocking UPS SPAM Mail

Body:

I use TrendMicros InterScan Messaging Hosted Security service as part of Worry-Free Business Security Advanced to provide front line SPAM and Malware detection to all mail coming into my family domain and to the sbsfaq.com domain.  I’ve been using it for nearly 12 months now.  In order to test the effectiveness of a SPAM solution, I’ve got a mailbox configured with old / defunct email addresses that I no longer use. Email addresses of info@sbsfaq.com, editor@sbsfaq.com and faq@sbsfaq.com collect nothing but SPAM.  Below you can see the last 10 days of email to these email addresses. They comprise of the daily SPAM reports from Trend and you will notice that only 2 pieces of SPAM made it through.  I’m finding that their detection rate simply rocks with the IMHS service.  I’m not seeing any of the UPS SPAM Mail that many are getting in the recent weeks. If you have WFBS 5.0 Advanced then you can use the IMHS service as part of your subscription and it really really helps reduce the crud that comes in via email.

image

Category: TrendMicro
Published: 31/07/2008 1:16 PM

SPAM Filtering Options in Trend Worry-Free Business Security

Body:

 

With the release of Trends WFBS 5.0 (formerly known as CS and CSM Security) Trend have upgraded the Antispam components in a number of ways. For some this is causing some confusion. Hopefully I can help resolve that.

When you purchase WFBS Advanced over Standard, you get support for Exchange Server. This is the typical choice for Small Business Server owners who use Exchange for their mail. The WFBS Standard suite has no support for Exchange Server and therefore a lot of what is below does not apply.

So what do you get?

WFBS Standard includes a client agent (CSA) that installs on the desktop PC’s. People that deploy WFBS Standard normally will not have an in-house Exchange server and their mail is often hosted on a POP3 mail server with your ISP. To protect them from SPAM you can enable the inbuilt protection that is part of the CSA installed on each PC.  The screenshot below shows how to configure this agent.

image

 

WFBS Advanced on the other hand has several layers of Antispam that can be used to help thwart the spam from getting into the users inbox.  This assumes that your mail is hosted on an in-house Exchange server such as Small Business Server 2003. The Antispam features include the following…

ERS – Email Reputation Services – This is a cool feature that is built into the Messaging Agent (MSA) for WFBS. You can see in the screen below that I’ve got this enabled and you can also see it has a Standard and Advanced option (now isn’t that confusing!!!).  What this is is effectively the ability of the Trend MSA to look at the source IP address that the incoming email connection is coming from and then decide based on rules if it should even allow the connection to take place. It does this by a lookup of a Trend maintained Email Reputation database that tracks known spammers. If the address is on the list then it drops the connection altogether therefore preventing the email from getting in at all.  If your address is not on the list then the email comes in and proceeds to the next level of SPAM filtering called Content Scanning.  The Standard and Advanced ERS lists are cool too. You can see I’ve configured for Advanced and there is a web based control panel if you need to tweak it for yourself. The Standard list contains all KNOWN spammers whereas the Advanced list contains the newest potential spammers. Trend monitor these newer spammers IP’s to determine if they are indeed sending out SPAM or if in fact they are a legitimate business doing a mail out to their customer base. Consequently you may find your mail coming into your organisation from one of the people on the dynamic list delayed by up to 4 hours whilst Trend evaluate if they are spammers or not.  I understand that if you are verified as a spammer then you get moved to the known spammers list.

image

 

Content Scanning – Ok – so after the inbound mail gets past ERS, it’s in your mail system and then can be content scanned using the Trend Antispam scanning engine.  If it’s found to be spam then it’s placed in your SPAM Mail folder (dependant on your configuration of Trend).  Here the user can retrieve it and look at it and deal with it as they see fit.

image

 

IMHS – Interscan Messaging Hosted Security – is another option that you may choose to use in conjunction with the above two. This is a hosted solution that filters your mail before it gets to your Exchange Server. To configure this you will need to change your DNS MX Records to point to Trends Mail servers and then configure your server to only receive mail from the Trend servers.  I’ve been using this service for nearly 12 months now and I’ve found a dramatic drop in the amount of SPAM that I get through to my inbox. These days I get almost zero SPAM in my inbox.  You can see from the pie chart below that 81% of my inbound mail in the last week is being blocked BEFORE it even evaluates it as SPAM. A further 4% is then checked and declared as SPAM.  That means overall my Internet connection and my mail system is having to deal with 85% LESS email than before.  Here in Australia where we pay per megabyte for Internet usage, this type of things translates to real business benefits.  The 81% that has been blocked below is using Trends Hosted ERS service which they themselves use in front of their own mail servers.  Therefore if you look at this article in whole, you could block 81% of your SPAM traffic using nothing more than the ERS service mentioned above.  As for the mail marked as SPAM by the IMHS – it goes into a queue and I get a daily report of what is in the queue – I can then use the web based console to review and release the mail if I want to.

image

 

So – what do I use?  For my main system (SBSfaq.com) I use the IMHS to filter all mail before it hits my SBS server – that keeps my Internet connection clear of the garbage that normally would slow me down.  For other systems of mine (i.e. my test systems) that are exposed to the Internet, I use the ERS and Content Scanning facilities.

 

I’ll be updating my Trend Guide for CSM to WFBS 5.0 shortly – it will be available for purchase via www.sbsfaq.com and available free to subscribers.

Category: TrendMicro
Published: 16/07/2008 11:52 AM

Trend WFBS 5.0 Errors after installation

Body:

I’ve had a few people mention to me that after they’ve installed the latest Trend Worry Free Business Security 5.0 on their SBS servers that they have had some new errors in their event logs.  I’ve not seen this in the upgrades that I’ve done so I’ve been a little perplexed as to what it is that they are all talking about.  Thanks to Norm Hughes from Quadrant Computers and the Melbourne SBS Group, who has given me the errors he’s seeing and some explanation he got from Trend Micro on the issue.

Here are the error messages from the System Log:

Source: SideBySide

Category: None

Event ID: 34

Description:  Component identity found in manifest does not match the identity of the component requested

Source: SideBySide

Category: None

Event ID: 58

Description: Syntax error in manifest or policy file "C:\smex80temp\Microsoft.VC80.MFCLOC.MANIFEST" on line 5.

Source: SideBySide

Category: None

Event ID: 59

Description: Generate Activation Context failed for C:\smex80temp\MFC80U.DLL. Reference error message: The manifest file contains one or more syntax errors.

Norm says that he got the following response from Trend Micro when questioned.

"The SidebySide issues are not Trend Micro issues but MIcrosoft ones. This is actually an issue with Microsoft Visual C++ 2005 Redistributable Package (x86). For reference, you can also check this via the Web/Google which is http://forums.primopdf.com/showthread.php?t=1146 To fix the issue, kindly download and apply the Microsoft Fix posted at http://www.microsoft.com/downloads/details.aspx?familyid=32BC1BEE-A3F9-4C13-9C99-220B62A191EE&displaylang=en "

Norm also goes on to say that so far he has only seen these errors on SBS 2003 SP1 systems and NOT on systems that have Windows 2003 SP2 applied – that may be why I’ve not seen them because all my servers have SP2 already.  Thanks Norm for the contribution.

Category: TrendMicro
Published: 1/07/2008 6:55 AM

Trend WFBS 5.0 Blocks Malware…

Body:

This week at the Perth SMB IT Professionals Group, Sandi Hardmeirer, used my laptop to demonstrate ways that potential spyware attacks could take place on unsuspecting users without them even clicking on links in a web page.  She showed us a video which displayed how a well respected website was infected with malvertisements (bad advertisements) that redirected the user to other websites without any interaction at all.  Following the redirection the bad website would proceed to install malicious code on the users PC for their own nefarious purposes.

During the demonstration, Sandi attempted to visit a URL that was known to be bad, and I was impressed to see that my Trend WFBS 5.0 client software blocked her from getting there.  From the screenshot below, you can see that the Web Reputation Services built into the Trend software has blocked the web browser from accessing this malicious site.  It gave me the option to approve the website I was attempting to go to, but naturally we declined 🙂

Well done Trend – one more step forward for the good guys.

image

Category: TrendMicro
Published: 19/06/2008 12:40 AM

Trend Training coming to a city near you.

Body:

This only applies for my Australian and New Zealand readers, but if you’ve not gotten the email from Trend already, check out below for training coming to a city near you.  This includes training on the upcoming CSM for SMB v5.0 (aka WFBS v5.0).  I’m heading to the Sydney event tomorrow so hope to see you there.


Dear Partner,

Please join Trend Micro for their quarterly partner training. This year, we’re doing things a little different delivering both sales and technical training to all partners.

To register for these sessions, please click the appropriate link –

For more detail on these courses, please see below.

In the meantime, we look forward to receiving your registration.

Marie Evans Trend Micro


Small Business Worry-Free Sales and Marketing Overview

  • Worry-Free 5.0
  • WFRM v1.6
  • SB Hosted Services

This session will focus on the new Worry-Free Business Security (v5) release and look at major product improvements, licensing changes and how the new product impacts new and existing customers in the 5-100 node market. 

We will also look at the new Trend Micro Mobile Messaging Security Suite and the Trend Micro Messaging Archiver solution.

Dates, Times and Venues:
Perth: 6th May – Hyatt Regency: 99 Adelaide Terrace – 8:45am to 10:00am
Brisbane: 6th May – Sofitel: 249 Turbot Street – 8:45am to 10:00am
Auckland: 6th May – Hyatt Regency: Corner of Princes Street & Waterloo Quadrant – 8:30am to 9:30am
Sydney: 7th May – Marriott: 36 College Street – 8:45am to 10:00am
Wellington: 7th May – Duxton: 170 Wakefield Street – 8:30am to 9:30am
Adelaide: 8th May – Stamford Plaza: 150 North Terrace – 8:45am to 10:00am
Christchurch: 9th May – Millennium: 14 Cathedral Square – 8:30am to 9:30am
Melbourne: 9th May – Stamford Plaza: 111 Little Collins Street – 8:45am to 9:30am


Worry-Free Technical Overview

  • Hints, tips and tricks for updating from 3.6 to v5
  • General update/introduction to the new WFBS v5 product

Dates, Times and Venues:
Perth: 6th May – Hyatt Regency: 99 Adelaide Terrace – 10:00am to 11:00am
Brisbane: 6th May – Sofitel: 249 Turbot Street – 10:00am to 11:00am
Auckland: 6th May – Hyatt Regency: Corner of Princes Street & Waterloo Quadrant – 11:30am to 12:30pm
Sydney: 7th May – Marriott: 36 College Street – 10:00am to 11:00am
Wellington: 7th May – Duxton: 170 Wakefield Street – 11:30am to 12:30pm
Adelaide: 8th May – Stamford Plaza: 150 North Terrace – 10:00am to 11:00am
Christchurch: 9th May – Millennium: 14 Cathedral Square – 11:30am to 12:30pm
Melbourne: 9th May – Stamford Plaza: 111 Little Collins Street – 10:00am to 11:00am


Mid-Market/Enterprise Plug-Ins Technical Overview

Plug-Ins
Plug-in architecture will now span the entire Trend Micro desktop/server security offering…….

  • What is it?
  • How will it benefit you?
  • How will it benefit the customer?

Dates, Times and Venues:
Perth: 6th May – Hyatt Regency: 99 Adelaide Terrace – 8:45am to 10:00am
Brisbane: 6th May – Sofitel: 249 Turbot Street – 8:45am to 10:00am
Auckland: 6th May – Hyatt Regency: Corner of Princes Street & Waterloo Quadrant – 9:30am to 10:30am
Sydney: 7th May – Marriott: 36 College Street – 8:45am to 10:00am
Wellington: 7th May – Duxton: 170 Wakefield Street – 9:30am to 10:30am
Adelaide: 8th May – Stamford Plaza: 150 North Terrace – 8:45am to 10:00am
Christchurch: 9th May – Millennium: 14 Cathedral Square – 9:30am to 10:30am
Melbourne: 9th May – Stamford Plaza: 111 Little Collins Street – 8:45am to 9:30am


A look at Web Threats

  • What they are
  • How they work
  • How Trend Micros Web Reputation technology gives us a competitive edge.
  • Plus a quick look at our latest product updates/releases.

Dates, Times and Venues:
Perth: 6th May – Hyatt Regency: 99 Adelaide Terrace – 10:00am to 11:00am
Brisbane: 6th May – Sofitel: 249 Turbot Street – 10:00am to 11:00am
Auckland: 6th May – Hyatt Regency: Corner of Princes Street & Waterloo Quadrant – 10:30am to 11:30am
Sydney: 7th May – Marriott: 36 College Street – 10:00am to 11:00am
Wellington: 7th May – Duxton: 170 Wakefield Street – 10:30am to 11:30am
Adelaide: 8th May – Stamford Plaza: 150 North Terrace – 10:00am to 11:00am
Christchurch: 9th May – Millennium: 14 Cathedral Square – 9:30am to 10:30am
Melbourne: 9th May – Stamford Plaza: 111 Little Collins Street – 10:00am to 11:00am


Category: TrendMicro
Published: 6/05/2008 1:44 PM

Trend release new engine VSAPI 8.7

Body:

Trend have announced that they are releasing a new engine v8.7 which addresses a number of improvements to overcome resource issues that occurred some time back as well as implementing new features.  The new engine will automatically download and distribute to your sites from April 22nd onwards, so you don’t need to do anything about it.  However, if you want to get in and download and test it yourselves before hand you can do so by going to http://www.trendmicro.com/download/engine.asp and grabbing it.

Here’s their info release on the subject.

Trend Micro has officially released their new engine (VSAPI 8.7) for Windows, Linux and SolarisSPARC Platforms.  The primary benefit’s of this release are that it provides kernel memory optimization and it offloads the zoo pattern detection. This actually corrected the issue of Scan Engine 8.55 which disabled the “SystemMapView” option, to fix a conflict with Express Mail Server.

The engine is available now for download and manual update of supported products from http://www.trendmicro.com/download/engine.asp .  The update is scheduled to appear on the Trend Micro ActiveUpdate servers on April 22nd meaning all products will receive the update automatically on update.

VSAPI 8.7 contains the following Features and Enhancement:

· RAR SFX, CHM, NSIS, ZIP SFX Decompression Algorithm Support

· Operator Support for Decompression Algorithm in Generic Un-packer

· Healing Mechanism

· Customized I/O Plug-in Interface Support

· Script Base Operator Enhancement

· RPF2 Section Unload Mechanism

· Kernel Memory Management Enhancement

· Unpack Module Vulnerability Fix

· AV Escalation Case

· SEG Merge Fixes From Last Version

· Klocwork Defect Case

· AV Service Escalation Fixes

Products Affected (for Windows, Linux, SolarisSparc )

Consumer

· Trend Internet Security (TIS)

· Trend AntiVirus (TAV)

· HouseCall

SMB

· CSM for SMB

· ISVW

· IGSA

Enterprise

· OfficeScan

· Trend Micro Control Manager (TMCM)

· IMSx

· IWSx

· PortalProtect

· SMEX

· SMD

· SPLX

· IM

Category: TrendMicro
Published: 12/04/2008 8:00 AM

Trend Taiwan – Day 5

Body:

Ok – so I’m posting this a day late 🙂  Friday was my last day at Trend.  It was a week that I really enjoyed.  I met lots of new people and got the unique chance to express directly to these people about all the things that matter to us in the SMB IT Professional / Reseller Community.  I’ll post next week on some wrap up items.

On my last day, I began with spending 2 hours presenting / discussing with the teams that I’ve met about a summary of my experiences, along with suggestions as to how I felt they could better improve things overall.  Naturally much of the specifics need to remain under NDA for the moment, but I will post more on this once we’ve clarified a few of the ideas that were discussed.  During the discussions one of the team members was asking a number of high level questions.  I’d not seen this team member before during the week and wondered who he was.  His questions were really focused on understanding not only the technical needs of our market, but the business aspects as well.  If you’ve been presenting for as long as I have, you soon realise that a person like this is not "your normal developer".  After the session finished, he came up and introduced himself to me – he was Oscar Chang – Chief Development Officer and Executive Vice President for the entire Trend Micro organisation.  Oscar was very happy to have been able to understand just how they could do better to help improve what they do for and with us.  I must admit to being surprised to having such a high level person attend my briefing and on reflection this makes me see just how much Trend are really serious about meeting our needs in the SMB space.  I look forward to future discussions with Oscar on how they can do things for us.

It’s a little sad at the same time that I’ll be leaving this team.  I’ve learned a little Chinese over the last week, although my conversational ability extends to hello, thank you, this is delicious food, and this is not so delicious food, plus a few slang words that the guys taught me in relation to girls 😉  They told me though that these were "men only" words that we should keep to ourselves – not sure if they are pulling my leg or not.  All in all it was a fantastic opportunity and I hope that I represented the SMB community well to Trend.

I want to thank the man responsible for this – Mr Dal Gemmell – he’s on of the Global SMB Product Managers responsible for the SMB space.

Category: TrendMicro
Published: 23/03/2008 1:22 AM