Disabling Behavior Monitoring in the Trend console, then updating the client machines via "Update now" seems to resolve the issue until Trend can get an actual fix out!

This is worked under WFBS SP2, but I would think it would apply to other versions.....

Nothing there says Standard or Advanced either...all it says is:

Product: Client Server Suite / Worry-Free Business Security

Version: Full

Operating System: Windows

Platform: SMB

Language: English

Licenses: XX

Activation Code: XXXXXXXXXX

Licensce Expiration Date: XXXXXXXX

---

Toonz wrote:

Log into Trend WF - and under Live Status, go to the License Section at the bottom and click Product License.  There you will see your Product Version , License key, etc.

---

Update - After applying SP3 things took a little while (4-5 Hours) and the alerts have stopped. Yay!

SP3 does appear to fix after a little settling down.

Hello, can this be done through the console? (Update Now)

This is

---

vbenkert wrote:

Disabling Behavior Monitoring in the Trend console, then updating the client machines via "Update now" seems to resolve the issue until Trend can get an actual fix out!

This is worked under WFBS SP2, but I would think it would apply to other versions.....

---

Upgrading to SP 3 didn't resolve this issue so I called TM tech support. After being on hold for more than an hour this is the solution that tech support gave me to resolve the issue temporarily. The tech said a fix should be ready within 24 hours.

Not that I'm aware of, unfortunately.  I think it's a matter of disabling behavior monitoring from the console and then either waiting for the clients to update via their configured regularly scheduled client update time period OR manually updating via the client agent.

If anyone else has experience with immediately pushing the update via the console, please correct me if I'm wrong.

Thanks for the feedback vbenkert!

Here is the email i got back from support about this issue.

We would like to apologize for the inconveniences that you are encountering, we already have our development team investigating on this issue.

So far, the only versions that are affected are WFBS 6.0 Service Packs 1 and 2. To address the issue we have 2 options:

OPTION 1:    Download and install the Critical Patch.

ftp://ftp-download.trendmicro.com/customer/BMPatch/

Username:  ftpuser

Password:   ftp-trend

To install the patch:

1. Copy the Critical Patch executable file to a temporary folder on the Worry-Free Business Security Server, for example, "C:\temp".

2. Double-click the file. All Critical Patch modules are automatically copied to the correct destination.

    After the time stamp on the server files have changed, the server automatically notifies the Client/Server Security Agents to download the updated files.

 OPTION 2:   Apply WFBS 6.0 SP3. 

 Please refer to the KB article below:

http://esupport.trendmicro.com/4/Behavior-Monitoring-blocks-the-TMBMSRVexe-process.aspx  

 Download links:

 WFBS 6.0 Advanced SP3

http://www.trendmicro.com/ftp/products/wfbs/WFBS6.0_Adv_EN_SP3_StandAlone_B4153.exe

WFBS 6.0 Standard SP3

http://www.trendmicro.com/ftp/products/wfbs/WFBS6.0_Standard_EN_SP3_StandAlone_B4153.exe

Again, we offer you our humblest apologies to you and your staff. Please feel free to ask for further clarifications on this matter.  We would gladly continue to assist you.

We are looking forward to your reply at the soonest and hope that we may continue to rely on your valued patronage.

Do not delete or change the subject heading of this e-mail notification so Technical Support can monitor your case effectively. The email subject serves as the ID reference for your case.

Hi sbisbirmingham,

Good Day!

We apologize for the inconvenience. We are currently experiencing issues wherein we are getting a lot of Policy Violations Notification on both Users and Administrators' emails and is being reported by the Worry-Free Business Security product.

Description:  Unauthorized changes blocked" appears when the TMBMSRV.exe process tries to access Client/Server Security Agent (CSA) files and registries

The issue affects customers who are using WFBS 6.0 with Service Pack 1 or Service Pack 2. 

Please confirm the following:

-Have you rebooted the Server after applying the upgrade?

-If yes, can you check what is the Build # after the reboot both on the Server and client?

If the same issue persists after rebooting the Server, please send me private message with the following details:

-Name

-Company

-Contact #

In this way we can log a Service Request for you to gather the logs for further investigation on SP3.

Again, my sincere apologies on the inconveniences and hope to hear from you soon!

Thank you very much!

Kind Regards,

BeverlyC