Trend Micro WFBS – Excessive Policy Violation Detected Notification

 Users of Trend Micro Worry Free Business Security Standard and Advanced (SP1 and SP2) ran into a bit of a surprise over the last 24 hours or so. If you are getting messages of 
“Unauthorized changes blocked” for the TMBSRV.exe process (Unauthorized changes blocked! Client/Server Security Agent has blocked the following programs to protect your computer. To unblock the programs, contact your administrator), then you need to run the hotfix provided this afternoon (9/21/2010) from Trend Micro:



Details are at http://esupport.trendmicro.com/4/Behavior-Monitoring-blocks-the-TMBMSRVexe-process.aspx.
To address the problem, please apply Critical Patch Build 3221. You can download it from the following links.
Critical Patch Build 3221 for Worry-Free Business Security Standard/Advanced 6.0 SP1 or SP2
Readme
 
A workaround that appears to be working according to Kevin Royalty is:


Disabling Behavior Monitoring in the Trend console, then updating the client machines either by update now or let them auto update. Turn Behavior Monitoring back on after they have updated.


http://community.trendmicro.com/t5/Business-Security-Forum/Mass-Policy-Violations-from-TMBMSRV-exe/td-p/14038/page/8

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>