Trend Micro products and the Heartbleed Bug - [CVE-2014-0160] OpenSSL 1.0.1 Vulnerability

Support
Solution ID Last Updated
1103084 Sep. 24, 2014 1:33 AM (PST)


Product / Version Platform
Control Manager - 3.0, 5.0, 5.5, 6.0;Deep Security - 9.0, Deep Security - 8.0, Deep Security - 7.0, Deep Security - 7.5;InterScan Messaging Security Suite - 7.5 Windows, InterScan Messaging Security Suite - 7.1 Linux;InterScan Messaging Security Virtual Appliance - 8.5, InterScan Messaging Security Virtual Appliance - 7.0, InterScan Messaging Security Virtual Appliance - 8.0, InterScan Messaging Security Virtual Appliance - 8.2;InterScan Web Security Virtual Appliance - 3.1, InterScan Web Security Virtual Appliance - 5.0, InterScan Web Security Virtual Appliance - 5.5, InterScan Web Security Virtual Appliance - 5.1, InterScan Web Security Virtual Appliance - 5.6;Network VirusWall - 3500i 3.0, Network VirusWall - 2500 2;OfficeScan - 10.0, OfficeScan - 10.5, OfficeScan - 10.6;OfficeScan - 11.0;SafeSync for Enterprise - 2.1;ServerProtect for Linux - 3.0;Smart Protection Server - 3.0;Worry-Free Business Security Standard/Advanced - 9.0;
Linux - Red Hat - RHEL 6 64-bit, Linux - Red Hat - RHEL 6 32-bitWindows - 2003 Enterprise, 2003 Standard, 2008 Enterprise, 2008 Standard, 2012 Enterprise, 2012 Standard,

Problem Description

What is Heartbleed?
The Heartbleed bug is a serious vulnerability in the popular OpenSSL cryptographic software library. OpenSSL is an implementation of the SSL/TLS encryption protocol used to protect the privacy of Internet communications. OpenSSL is used by many web sites and other applications such as email, instant messaging and VPNs.
Heartbleed allows an attacker to read the memory of systems using certain versions of OpenSSL, potentially allowing them to access usernames, password, or even the secret security keys of the server. Obtaining these keys can allow malicious users to observe all communications on that system, allowing further exploit.
Who is impacted by Heartbleed?
Given that this vulnerability has existed for at least two years, an organization that has deployed servers running OpenSSL versions 1.0.1 through 1.0.1f in that period is likely vulnerable to the Heartbleed Bug and should take immediate steps to remediate.
While there are some initial reports of attacks based on the Heartbleed vulnerability, these are preliminary reports and it should be noted that it is very difficult to determine if this attack has occurred in the past. Accordingly, even if an organization is not currently vulnerable, it may have been in the past and it should therefore take immediate steps to remediate if they have deployed the vulnerable OpenSSL versions.
Because some of Trend Micro’s products are using the affected OpenSSL version, these products are affected by this vulnerability. This article contains the list of products that are affected and the recommended action to take to eliminate the risks. Also included in this article is a list of products that are not affected by this vulnerability.

Solution

What Trend Micro products are affected?
Product/VersionComponent AffectedSeveritySolution/Additional Information
Deep Security 8.0, 9.0 Deep Security Relay (DSR) Very Low Critical Patch
SafeSync for Enterprise 2.1 Windows Client NA Critical Patch
Serverprotect for Linux (SPLX) 3.0 Admin UI Very Low Critical Patch
Endpoint Application Control (TMEAC) 1.0 Apache Tomcat web server package Low Critical Patch
Portable Security (TMPS) 2.0 Remote Communication Module Low Critical Patch
House Call 8.0 SmartScan Very Low Fixed through ActiveUpdate (AU)
InterScan Messaging Security Suite (IMSS) for Linux 7.1 SP1 SmartScan Very Low Critical patch will be released on May 15
InterScan Messaging Security Virtual Appliance (IMSVA)  8.5 and 8.5 SP1 SmartScan Very Low Critical patch will be released on May 15
OfficeScan (OSCE) 11.0* SmartScan Very Low Critical Patch
Titanium 7.0 and 7.2 SmartScan Very Low Fixed via Active Update (AU)
Worry Free Business Security (WFBS) 9.0* SmartScan Very Low Repacked full installer as well as Critical Patch 1439
*Affected only if the server is configured to use SmartScan as the default scan method. When traditional scan is used, the product is not affected by the vulnerability.
What Trend Micro products are not affected?
ProductVersionAffected?Notes
Advanced Reporting and Management (ARM) 1.0, 1.5, 1.6 No Not using OpenSSL 1.01~1.01f
Case Diagnostic Tool (CDT) 2.0, 2.6 No Not using OpenSSL
Core Protection Module (CPM) 1.6, 10.5, 10.6, 10.6 SP1, 10.6 SP2 No Not using OpenSSL 1.01~1.01f
Core Protection Module (CPM) for Mac 1.1 No Not using OpenSSL 1.01~1.01f
CSC (Stargate) 6.6 No Not using OpenSSL 1.01~1.01f
DDA (Deep Discovery Advisor) 2.95, 3.0, 3.0 SP1, 3.1 No Not using OpenSSL 1.01~1.01f
DDI (Deep Discovery Inspector) 3.0, 3.1, 3.2, 3.5, 3.6 No Not using OpenSSL 1.01~1.01f
Deep Edge 300 1.5, 2.0, 2.1 No Not using OpenSSL 1.01~1.01f
Deep Security for Web Apps 2 No Not using OpenSSL
Data Loss Prevention (DLP) 3.1, 5.0, 5.2, 5.5, 5.6, 5.7 No Not using OpenSSL 1.01~1.01f
Email Security Platform for Service Providers - White Label 3 No Not using OpenSSL 1.01~1.01f
eManager 5.22, 5.5, 5.7, 6, 6.6, 6.7 No Not using OpenSSL
eManager(V6.8+) 6.8, 7.0, 7.1, 7.5 No Not using OpenSSL 1.01~1.01f
Facebook Privacy Scan App (FPSA)   No Not using OpenSSL 1.01~1.01f
Hosted Email Security (IMHS) 1.9, 2.0 No Not using OpenSSL 1.01~1.01f
HouseCall 7.1 No Not using OpenSSL
HouseCall_OEM 7.1 JP No Not using OpenSSL
InterScan Gateway Security Appliance (IGSA) 1.5(TW, JP) No Not using OpenSSL 1.01~1.01f
IM Security 1.5, 1.51 No Not using OpenSSL
InterScan Messaging Security Appliance (IMSA) 7 No Not using OpenSSL 1.01~1.01f
InterScan Messaging Security Suite (IMSS) 7.0, 7.0 SP1,7.1, 7.1 SP1 Win No Not using OpenSSL 1.01~1.01f
InterScan Messaging Security Virtual Appliance (IMSVA) 7.0, 8.0, 8.2 No Not using OpenSSL 1.01~1.01f
ISSS (Integrated Smart Scan Server) 1 No Not using OpenSSL 1.01~1.01f
InterScan VirusWall (ISVW) 7 No Not using OpenSSL 1.01~1.01f
ISVW for SMB 7 No Not using OpenSSL 1.01~1.01f
iTIS 2 No Not using OpenSSL
iTIS 3 No Not using OpenSSL
iTMMS 1 No Not using OpenSSL 1.01~1.01f
InterScan Web Security Appliance (IWSA) 3.1 SP1 No Not using OpenSSL 1.01~1.01f
InterScan Web Security as a Service (IWSaaS) 1.8 No Not using OpenSSL 1.01~1.01f
InterScan Web Security Suite (IWSS) 3.1 No Not using OpenSSL 1.01~1.01f
InterScan Web Security Virtual Appliance (IWSVA) 5.0, 5.1, 5.5, 5.6, 6.0(EN) No Not using OpenSSL 1.01~1.01f
Licensing Management Portal (LMP)   No Not using OpenSSL
Network VirusWall Enforcer (NVWE) 1.3(JP), 1.8(JP), 2.0 & SP1 ,3.0, 3.1(EN), 3.2(EN, JP) No Not using OpenSSL 1.01~1.01f
OfficeScan (OSCE) 8.0 SP1, 10, 10 SP1, 10.5, 10.6, 10.6 SP1, 10.6 SP2, 10.6 SP3 No Not using OpenSSL 1.01~1.01f
OfficeScan (OSCE) Toolbox 1 No Not using OpenSSL 1.01~1.01f
PortalProtect 2.0, 2.1 No Not using OpenSSL
PortalProtect 2.0, 2.1 No Not using OpenSSL
ProtectLink 1 No Not using OpenSSL 1.01~1.01f
Rootkit Buster   No Not using OpenSSL
SafeSync 5 No Not using OpenSSL 1.01~1.01f
SafeSync for Business 5.1 No Not using OpenSSL 1.01~1.01f
SafeSync for xSP 2 No Not using OpenSSL 1.01~1.01f
SafeSync Mobile 1.2 No Not using OpenSSL 1.01~1.01f
ScanMail for Exchange (SMEX) 10, 10 SP1, 10.2, 10.2 SP2, 11 No Not using OpenSSL
ScanMail for IBM Domino (SMID) 5.6 No Not using OpenSSL 1.01~1.01f
ScanMail for Lotus Domino (SMLD) 3.0, 3.1, 5.0, 5.5 No Not using OpenSSL 1.01~1.01f
ScanMail Mobile Security for Exchange (SMMS) 1 No Not using OpenSSL
SecureCloud 2.0, 3.0, 3.5, 3.6 No Not using OpenSSL 1.01~1.01f
ServerProtect Windows/Netware (SPNT) 5.7, 5.8 No Not using OpenSSL
Smart Protection Server (SPS) 3.0 No Not using OpenSSL 1.01~1.01f
Smart Surfing 1.6 No Not using OpenSSL
Threat Discovery Appliance (TDA) 2, 2.5, 2.55, 2.6 No Not using OpenSSL 1.01~1.01f
Titanium/TIS Titanium (6.x/5.x/3.x/2.x), TIS(17.x/16.x) No Not using OpenSSL 1.01~1.01f
Control Manager (TMCM) 5.5, 6.0, 6.0 SP1 No Not using OpenSSL 1.01~1.01f
TMDP (Direct Pass) 1.36, 1.8, 1.9 No Not using OpenSSL
Endpoint Encryption (TMEE) 5.5, 5.6, 5.7, 5.8 No Not using OpenSSL
Endpoint Encryption (TMEE) Data Armor 3.0, 5.0 No Not using OpenSSL
Endpoint Encryption (TMEE) Drive Armor 3.0, 5.0 No Not using OpenSSL
Endpoint Encryption (TMEE) File Armor 3.0, 5.0 No Not using OpenSSL
Endpoint Encryption (TMEE) Key Armor 3.0, 5.0 No Not using OpenSSL
Endpoint Encryption (TMEE) Policy Server 3.1, 5.0 No Not using OpenSSL
Trend Micro Email Encryption Gateway (TMEEG) 5, 5.5 No Not using OpenSSL 1.01~1.01f
Information Center (TMIC) 2.5 No Not using OpenSSL 1.01~1.01f
Mobile Backup and Restore (MBR) 1.2, 1.3.1, 1.4 No Not using OpenSSL 1.01~1.01f
Mobile Security (TMMS) for Cellcom 2.1 No Not using OpenSSL 1.01~1.01f
Mobile Security (TMMS) for Consumer 1.2, 2.0, 2.1, 2.2, 2.5, 2.6, 3.0, 3.1, 3.5, 5.05 No Not using OpenSSL
Mobile Security (TMMS) for Enterprise 5.0, 5.1,5.5, 7.0, 7.1, 8.0, 9.0 No Not using OpenSSL 1.01~1.01f
Mobile Security (TMMS) for KDDI 2.0, 2.1 No Not using OpenSSL
Mobile Security (TMMS) for NTTW 2.0, 2.0.1 No Not using OpenSSL
Mobile Security (TMMS) for OEM 2.1, 2.1.1, 2.2, 3.1, 3.5 No Not using OpenSSL
Online Guardian (TMOG) 1.0, 1.5, 1.6,1.8 No Not using OpenSSL
Online Guardian (TMOG)-Server 1 No Not using OpenSSL
Trend Micro Kids Safety Protection for PS3 1 No Not using OpenSSL
Trend Micro Longevity 3 No Not using OpenSSL
Trend Micro Web Security for PS3 1 No Not using OpenSSL
Trend Secure - My Account   No Not using OpenSSL 1.01~1.01f
Worry-Free Business Security Standard/Advanced (WFBS) 5.1, 6.0, 7.0, 8.0 No Not using OpenSSL 1.01~1.01f
WFMS 2 No Not using OpenSSL 1.01~1.01f
Worry-Free Remote Manager (WFRM) 2.5, 2.6, 3.0, 3.1 No Not using OpenSSL 1.01~1.01f
What if my product is not listed?
If the product has not reached End-of-Support, it is most likely that Trend Micro is still analyzing the vulnerability and it’s impact on your product. As soon as the analysis is completed, the product will be added in the list.
What if I have additional questions?
For additional inquiries, contact Technical Support.


Rate this Solution
Did this article help you?

Please provide your comments to help us improve this solution.

 
  *This form is an automated system. General questions, technical, sales and product-related issues submitted through this form will not be answered.
 
 

Connect with us on