New Trend Vision One Endpoint Security agent console configurable with Endpoint Security Policies

Server & Workload Protection Web Reputation Service supports integration with the Trend Micro Toolbar for Enterprise browser extension. Integration with the browser extension is planned to be configurable using Endpoint Security Policies by the end of May 2025.

Dynamic Intelligence Mode added to Server & Workload Protection allows the agent to automatically adjust monitoring levels based on analyzing detected threats, user behavior, and system context.

The Trend Vision One Endpoint Security agent can now be installed through connected Deep Security Agents.

Server & Workload Protection now supports HTTP2 for inbound traffic scanning

Web Service Communicator now merged with Service communication manager (VOM)

Add new telemetry processes for Service communication manager (VOM)

Enhanced data collection for Vulnerability Assessment

Standard Endpoint Protection: Updates feature descriptions in Endpoint Sensor policy settings screen to improve user experience

Standard Endpoint Protection: Adds application version information in Application Control detection logs for methods matched in the Application Reputation List

Standard Endpoint Protection: Enhances self-protection capability for Standard Endpoint Protection Windows Security Agent program folder

Standard Endpoint Protection: Enhances Predictive Machine Learning module for suspicious Anti-malware Scan Intervace (AMSI) even detections

Standard Endpoint Protection: Enhances "blue screen of death" (BSOD) loop prevention monitoring mechanism

Standard Endpoint Protection: Updates Behavior Monitoring Core Service module to version 2.98.2101

Standard Endpoint Protection: Updates Behavior Monitoring Core Drive module to version 2.98.2100

Standard Endpoint Protection: Enhancements to program update process to prevent excessive network bandwidth usage

Fixed an issue where user was unable to remove Trend Micro Cloud Endpoint Telemetry Service

Fixed MQTT huge log size issue

Standard Endpoint Protection: Fixed an issue where adding SHA-256 suspicious objects in Trend Vision One might prevent Trend Micro Apex One as a Service from upgrading to Standard Endpoint Protection.

Standard Endpoint Protection: Fixed an issue where emails were not sent to policy owner for policy owner updates

Standard Endpoint Protection: Fixed an issue where the updated Trend Micro Apex One group name might now appear in Standard Endpoint Protection Product Status view

Standard Endpoint Protection: Fixed an issue that might prevent Standard Endpoint Protection from deploying components to integrated Trend Micro products

Standard Endpoint Protection: Fixed an issue where Application Control criteria processing might cause high CPU usage and impact endpoint performance

Standard Endpoint Protection: Fixed an issue where Data Loss Prevention might not function properly for 7-Zip compressed files

Standard Endpoint Protection: Fixed an issue where after updating the agent, the endpoint might display the Security Agent console unexpectedly

Standard Endpoint Protection: Fixed an issue where updating the Suspicious Object lists might cause the Apex One NT Listener service (TmListen.exe) to consume a large amount of CPU resources and impact endpoint performance

Standard Endpoint Protection: Fixed an issue where virus and malware file path processing might cause the system to display spaces in the detection file path as ASCII codes for the associated detection logs on the Log Query screen

Standard Endpoint Protection: Fixed an issue where the Trend Micro Apex One web console might prevent users from viewing the predefined port lists in Firewall Policy Rules

Standard Endpoint Protection: Fixed an issue where a "blue screen of death" (BSOD) error might occur on endpoints when the Trend Micro Unauthorized Change Prevention Service is enabled and users attempt to save Microsoft Office files through network drives

Server & Workload Protection: Fixed an issue that could cause the service process to crash under specific timing conditions

Server & Workload Protection: Fixed a performance issue impacting the PureStorage solution environment

Server & Workload Protection: Fixed an issue where PowerPoint might cause a crash when the endpoint wakes up from Hibernate mode

Server & Workload Protection: Fixed an issue to avoid a corrupted registry causing a "blue screen of death" (BSOD) issue

The update package includes several bug fixes for included component and module updates

The update package includes several security enhancements for included component and module updates

Agent installer package now supports local updates for Endpoint Sensor

Enhancements made to Vulnerability Assessment data collection and performance

Attack Surface Discovery now includes the following configurations when collecting information: joined domain, screen lock, installed and activated Endpoint detection & response

Standard Endpoint Protection Application Control feature supports SHA-256 suspicious object type from Suspicious Object Management

Server & Workload Protection improves SAP scan performance on Window platforms by implementing a caching mechanism and reducing unnecessary operations to achieve faster scan completion times

Server & Workload Protection includes new dsa_scan argument scanLargeFile to support scanning files larger than 2GB, allowing efficient management of large files

Server & Workload Protection adds device control syslog for sending events to syslog server directly by request

Fixed an issue with the VDI idle mode not detecting system proxy changes

Fixed an issue with VDI refresh device ID not reloading the service communication manager (VOM)

Server & Workload Protection - fixed AMSP service stop or crash issue

Server & Workload Protection - fixed issue where the network driver might crash when stopping if the Windows base filtering engine service is not running

Server & Workload Protection - fixed issue where CSV files larger than 4KB might be incorrectly classified by SAP Scanner

Server & Workload Protection - fixed performance issues in TLS 1.3 caused by unsupported protocols

Standard Endpoint Protection now supports Windows Server 2025

Server & Workload Protection now supports Windows Server 2025

Enhanced data collection for Vulnerability Assessment

Server & Workload Protection now queues packets to process packets in sequence, improving performance

Server & Workload Protection includes updates to improve spyware prevention features

Server & Workload Protection firewall events now include the username information when possible. This feature is in pre-release preview and is not available in all regions.

Fixed an issue with Standard Endpoint Protection where GUID synchronization fails to trigger

Fixed an issue with Server & Workload Protection where enabling Advanced TLS Traffic Inspection sometimes caused agent connectivity issues

The update package includes several bug fixes for included component and module updates

The update package includes updates to third-partly libraries for Server & Workload Protection

The update package includes several security enhancements for included component and module updates