Trend Micro Incorporated February 2023
NOTICE: This Readme file was current as of the date above. However, all customers are advised to check Trend Micro's website for documentation updates at http://docs.trendmicro.com.
Trend Micro™ Worry-Free Business Security Services™ for small offices protects multiple Windows computers, Macs, and Android devices located in or out of the office from viruses and other threats from the web. Unique Web Threat Protection stops threats before they reach devices and inflict damage or steal data. This safer, smarter, simpler protection from web threats will not cause devices to slow down. You can centrally manage security from anywhere without the need to add a server, install server software, configure settings, or maintain updates. Trend Micro security experts host and constantly update the service for you. Trend Micro™ Worry-Free Business Security Services™ is:
Safer: Powered by XGen™ security, Worry-Free Business Security Services uses a blend of threat protection techniques to eliminate security gaps - in any activity, on any endpoint, anywhere. XGen security:
Goes beyond next-generation technologies and protects against the full range of threats. Progressively filters out threats using the most efficient technique for maximum detection without false positives.
Blends signatureless techniques, including machine learning, behavioral analysis, variant protection, census check, application control, and good-file check with file and web reputation.
Safer: Protect multiple Windows and Mac computers and Android devices located in or out of the office with a single antivirus, anti-spyware business solution. Protect multiple iOS devices with mobile device management features.
Smarter: Stop viruses and other threats without configuring settings or maintaining updates.
Simpler: Centrally manage and check the status of protected devices anywhere (no server required).
Visit the following website for a complete list of new features and enhancements:
To download or view electronic versions of the documentation set for this product, go to http://docs.trendmicro.com
In addition to this Readme file, the documentation set for this product includes the following:
Online Help: The Online Help contains an overview of features and key concepts, and information on configuring and maintaining Worry-Free Business Security Services. To access the Online Help, go to http://docs.trendmicro.com.
Support Portal: The Support Portal contains information on troubleshooting and resolving known issues. To access the Support Portal, go to http://esupport.trendmicro.com.
The Worry-Free Business Security Services Security Agent can be installed on Microsoft Windows, Mac OS, iOS, or Android platforms. The Security Agent is also compatible with various third-party products.
Visit the following website for a complete list of system requirements and compatible third-party products:
Known issues in this release:
When the following conditions apply, newly encountered programs downloaded from the web are logged as "email client" in the Source field.
The end user's file system is in FAT32 format.
The Prompt users before executing newly encountered programs downloaded through HTTP or email applications (Server platforms excluded) setting is enabled in POLICIES > Global Security Agent Settings > Security Settings on the Worry-Free Business Security Services web console.
After Windows 10 users uninstall the Security Agent, Windows Defender does not turn on automatically.
If users click the web console URL in an email notification without signing into the web console first, users are redirected to the Sign In screen. After signing in, users have to click the web console URL in the email notification again to be redirected to the log events screen.
If users sign into the web console using Account A and then click the web console URL in an email notification configured in Account B, Worry-Free Business Security Services automatically signs out Account A. To view the log events, sign in using Account B and then click the web console URL in the email notification again.
Issue: Once the Worry-Free Business Security Services license has expired, BitLocker automatically triggers the decryption process on managed endpoints. If the endpoints happen to be in Suspended or Locked status, BitLocker cannot decrypt the endpoints.
Workaround: Resume BitLocker protection or unlock the endpoint, and then uninstall the Security Agent to trigger the decryption process again.
The Security Agents screen cannot display the Wi-Fi and Bluetooth MAC addresses of Android 7.0 devices.
When a synchronization issue occurs in one of the Active Directory domains, synchronization with other domains also stops. Synchronization resumes once the issue is resolved.
After uninstalling the Common Active Directory Synchronization Tool, the file containing the Active Directory settings still exists on the endpoint.
The Unsupported Operating Systems group appears in the Security Agent Tree only when Security Agents that meet the following conditions are found:
Windows Security Agent version 6.3.1283 or later
Run unsupported operating systems
After upgrading the Worry-Free Business Security Services web console to version 6.7, users must reload these Security Agents to appear in the Unsupported Operating Systems group.
The Common Active Directory Synchronization Tool does not support IPv6.
Azure Active Directory (Azure AD) integration does not provide domain or user information the same way as Active Directory Server integration. Windows Security Agents synchronized through Azure AD cannot display the domain name in the Domain column in Manual Groups.
When the following conditions apply, the proxy server information needs to be added to the firewall exception list in the Worry-Free Business Security Services web console.
Endpoints are installed on Windows 8, Windows Server 2012, or later and use a proxy server.
The firewall security level is set to High in the advanced mode in the Worry-Free Business Security Services web console.
Endpoints may lose network connection temporarily during installation.
Users cannot deploy the Security Agent program when Internet Explorer 10 or later is running in Metro mode on Windows 8 or later.
The email installation link does not work properly when users try to re-activate the Security Agent using Microsoft Edge. However, Microsoft intends to resolve this issue in a later release.
After users install the Security Agent and then open Firefox, sometimes the Firefox extension installation process does not start. Users need to manually enable the extension in Add-ons Manager.
Issue: The Security Agent cannot upgrade to version 6.7 if Microsoft Visual C++ 2019 Runtime cannot install successfully on the endpoint. Operating systems that do not meet the prerequisites for the Universal C Runtime (CRT) update might take a long time to complete Microsoft Visual C++ 2019 Runtime installation. For more information on the update, see https://learn.microsoft.com/en-us/cpp/windows/latest-supported-vc-redist?view=msvc-170.
Workaround: Install the latest Windows Update or the Universal CRT update (2999226) on the endpoint so that Microsoft Visual C++ 2019 Runtime can install successfully during the regular Security Agent upgrade process.
If the Security Agent is enabled and a malware program resides in the Security Agent folder before Real-time Scan starts, the Security Agent cannot restrict that malware from updating the registry.
On Windows 10 endpoints, Worry-Free Business Security Services alerts may be hidden behind the Microsoft Edge browser window. Users must check for any unauthorized event or threat alerts that may appear.
If the Security Agent is installed on a Windows endpoint running Enhanced Mitigation Experience Toolkit (EMET), there might be some performance and conflict issues. Trend Micro recommends not installing the Security Agent and Microsoft EMET on the same endpoint.
Issue: If users have installed Windows Update KB3076895 (MS15-084), the Msxml6.dll 6.20.5008.0 file included in the update might cause issues in the TmListen.exe service and policy setting deployments.
Workaround: Install Windows Update KB3092627 or later to update the Msxml6.dll file.
When multiple logon sessions exist on an endpoint, some agent process files might crash after an agent upgrade. Users might need to manually start the Security Agent.
Security Agents running Windows Server 2016 (or later) cannot report security statuses to Windows Security Center because Windows Server 2016 (or later) does not provide the Windows Security Center service. If Windows Defender is enabled on Windows Server 2016 (or later) with the Security Agent installed, performance issues may occur. Trend Micro recommends disabling Windows Defender before installing the Security Agent.
The following NT Event Log is generated when a Security Agent computer shuts down or restarts.
Event ID: 7043
Message: The Trend Micro Security Agent Listener service did not shut down properly after receiving a preshutdown control.
During Security Agent installation or firewall driver uninstallation, the endpoint may temporarily lose its network connection. Some applications, such as Secure Shell (SSH), Terminal Services Client, or Remote Desktop could be affected by the disconnection. If the network connection is lost, restart the application after installing the Security Agent or after disabling the firewall.
The Security Agent firewall may conflict with other firewall applications. Trend Micro recommends uninstalling or disabling other firewall applications.
On VMware clients, the Security Agent firewall may block all incoming packets.
To address this issue, add the following value to the VMware client registry:
When running Internet Explorer 9 or later with Internet Explorer Enhanced Security Configuration, the Web Reputation plug-in module (TmIEPlugInBHO Class) cannot be automatically applied. Risky URLs using SSL cannot be blocked.
Web Reputation Services and URL Filtering are not supported when Internet Explorer 10 or later is running in Metro mode on Windows 8 or later.
Issue: If Chrome is open while the Security Agent updates Web Reputation Services and URL Filtering components, the Security Agent will not be able to block HTTPS websites.
Workaround: Restart Chrome to resolve the issue.
If proxy settings are configured on Windows 10, HTTPS Web Threat Protection cannot work on Microsoft Edge.
Dashboard Add-in is not compatible with Internet Explorer Enhanced Security Configuration. Ensure this option is disabled before opening the Dashboard.
Endpoints installed on Windows Vista or later and have User Account Control (UAC) enabled cannot run automatic installation.
Multiple log entries appear when a user tries to access or copy files to a USB device. Device Control detects each instance as a single policy violation but includes multiple entries in the logs to differentiate the OS versions.
Device Control supports all 32-bit operating systems and only the following 64-bit platforms: Windows Vista SP1 x64 and later.
New folders can still be created on restricted USB storage devices when the permission is set to List device content only.
When using HTML tags that might be exploited by Cross-Site Scripting (XSS) attacks to search in the Certified Safe Software List, the search function ignores the tags to prevent script injections.
When multiple logon sessions exist on an endpoint, the Application Control feature will increase CPU usage for a while.
BitLocker cannot encrypt endpoints that run multiple operating systems when users install Windows 7 first and then install Windows 10. In this scenario, the default system partition size on both operating systems will be 100 MB, but BitLocker requires at least 350 MB of system partition size on Windows 10.
When uninstalling the Security Agent with Data Loss Prevention enabled, users must restart the endpoints to completely remove the Data Loss Prevention components. Currently there is no reminder of the requirement.
If users try to reinstall the Security Agent without restarting the endpoints, the Data Loss Prevention components cannot be installed until users restart the endpoints. After reinstalling the Data Loss Prevention components, users must restart the endpoints again.
The Device List Tool only supports the following languages:
Data Loss Prevention cannot detect violations triggered from Google Backup and Sync 3.42.9858.3671 or later.
If a Command line criteria contains spaces in an assessment, the endpoint that triggered the command cannot be matched.
The root cause analysis view cannot display in Internet Explorer when Compatibility View is enabled.
Although fileless malware detection includes Windows Management Instrumentation (WMI), IOC does not support WMI. Running a threat investigation from WMI logs does not return matched objects.
Sample Submission cannot exclude document files that already exist in the Scan Exclusion Lists for Manual Scan.
The Security Agent does not support root accounts.
Issue: After upgrading from macOS Sierra (10.12) to macOS High Sierra (10.13), users must click the Allow button in System Preferences > Security & Privacy > General within 30 minutes. Otherwise, the button will disappear.
Workaround: Restart the endpoint so that the Allow button can reappear.
Mac Device Control detailed logs cannot display device information (vendor, model, and serial ID).
Issue: The Full Disk Access feature introduced in macOS Mojave (10.14) may cause compatibility issues. Full Disk Access requires the Security Agent to be given full permission to access a user's data on the endpoint.
Workaround: Manually allow the Security Agent to access data on the endpoint.
For more information, see https://success.trendmicro.com/solution/1122542-preventing-compatibility-issues-in-macos-mojave-10-14-with-worry-free-business-security-services
Worry-Free Business Security Services cannot be installed on rooted Android devices.
On an Android device, if the user goes to Settings > Apps > Worry-Free Security > Storage and taps CLEAR CACHE, the Security Agent might not be able to connect to the server to receive updates. The user would need to re-enroll the device.
If other installed apps interfere with the device's network connection, the Security Agent might not be able to connect to the server to receive updates.
When using the "Remote Locate" feature to find a mobile device, the language code (for example: en, jp, fr) that displays in the browser for the embedded Google Maps may not be the same as the language used by the web console.
Worry-Free Business Security Services uses Firebase Cloud Messaging (FCM) for Android mobile device management commands. Commands sent to Android devices can take some time to be received, or the commands may be unsuccessful.
If multiple device administrators manage a single Android device, some commands may not be successful (for example: reset password). Worry-Free Business Security Services uses the Android Device Administrator for mobile device management commands. When more than one Device Administrator exists for the same Android device, the stricter policy on the device has priority. For example, if two apps both require users to follow a password policy, only the stricter policy is applied.
For Android devices that contain multiple user profiles, the Security Agent can only be installed in the owner's profile. An error occurs when users try to install the Security Agent in other user profiles.
The Reset Password command can only apply once to Android 7 or later devices that have not set up a password.
Worry-Free Business Security Services uses the Apple Push Notification service (APNs) for iOS mobile device management commands. Commands sent to iOS devices can take some time to be received, or the commands may be unsuccessful.
If the Private Browsing feature in Safari is enabled (https://support.apple.com/en-ph/HT203036), iOS devices may not successfully complete device enrollment.
Users cannot install the Security Profile when the iOS device uses a proxy server to connect to the Internet.
Installing the Security Profile on iPadOS devices requires that the Request Mobile Website setting is enabled in Safari on the iPadOS devices.
A license to the Trend Micro software usually includes the right to product updates, pattern file updates, and basic technical support for one (1) year from the date of purchase only. After the first year, Maintenance must be renewed on an annual basis at Trend Micro's then-current Maintenance fees.
Contact Trend Micro via fax, phone, and email, or visit our website to download evaluation copies of Trend Micro products.http://www.trendmicro.com/us/about-us/contact/index.html
NOTE: This information is subject to change without notice.
Smart, simple, security that fits
As a global leader in IT security, Trend Micro develops innovative security solutions that make the world safe for businesses and consumers to exchange digital information
Copyright 2022, Trend Micro Incorporated. All rights reserved.
Trend Micro, Worry-Free Business Security Services, and the t-ball logo are trademarks of Trend Micro Incorporated and are registered in some jurisdictions. All other marks are the trademarks or registered trademarks of their respective companies.
View information about your license agreement with Trend Micro at:http://www.trendmicro.com/us/about-us/legal-policies/license-agreements
License Attributions can be viewed from the Worry-Free Business Security Services web console.