<<<<USE COURIER REGULAR 10 FONT IF YOU WOULD LIKE TO PRINT THIS DOCUMENT>>>>


  Trend Micro, Inc.                                    February 12, 2007

  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
               Trend Micro OfficeScan Corporate Edition 7.3
               Security Patch - Build 1241 SetupINI modules
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

     
     Contents
     ===================================================================
     1.  Overview of This Security Patch Release
	 1.1 Files Included in This Release
     2.  What's New
     3.  Documentation Set
     4.  System Requirements
     5.  Installation
     6.  Post-Installation Configuration
     7.  Known Issues
     8.  Release History
     9.  Contact Information
     10. About Trend Micro
     11. License Agreement
     ===================================================================


1. Overview of This Security Patch Release
========================================================================
   This security patch addresses the buffer overflow vulnerability issues
   in the Trend Micro OfficeScan server web deployment modules. 
   
   OfficeScan clients can be installed from the OfficeScan Management
   Console page. When OfficeScan client is installed using web 
   deployment, the local machines cache the ActiveX Control. 
   
   This cached ActiveX control was vulnerable and would cause buffer 
   overflow if browsing a malicious web page. This may cause Internet 
   Explorer to crash. In addition, someone may exploit this vulnerability 
   to execute arbitrary code.

   This vulnerability will not affect OfficeScan clients not installed
   using web deployment. 

   Symptoms:

   Internet Explorer crashes while browsing a malicious web page.

   
   1.1 Files Included in This Release 
   =====================================================================
   Module Filename                 Build No.    
   SetupINI.cab
   tmlisten.exe                    7.3.0.1241
   

2. What's New
========================================================================
   Security patch 1241 resolves the following issues: 
      
   1. It is possible to cause buffer overflow of OfficeScan clients 
      and also the crashing of Internet Explorer by browsing a malicious 
      page.
      This vulnerability might be exploited to execute arbitrary code.
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
      After applying security patch 1241, the potential security issues 
      are addressed by replacing old modules with the updated modules 
      and removing the cached ActiveX control.
      

3. Documentation Set
========================================================================

   o Readme.txt -- basic installation, known issues 
    
   Electronic versions of the printed manuals are available at:
     http://www.trendmicro.com/download


4. System Requirements
========================================================================
   There is no special requirements for installing this security patch.


5. Installation
========================================================================

   5.1 Installation Notes
   ===================================================================== 
   1. Copy the security patch executable file to a temporary folder 
      in the Trend Micro OfficeScan server.

   2. Double-click the file. The modules are automatically copied to 
      the correct destination.

   5.2 Rollback Procedure
   =====================================================================
   This security patch installation package rolls back OfficeScan Server
   automatically if it encounters any problems during installation.

   If you encounter any problems after installation, you can roll back 
   the OfficeScan Server to its original configuration. 
   
   To manually roll back to the original configuration:
   1. Locate the backup folder that the security patch package created in the 
      directory \Pccsrv\Backup\SecurityPatch_B1241.

   2. Copy the backup modules to original folders.

  Note: Register online with Trend Micro within 30 days of installation
  to continue downloading new pattern files and product updates from the 
  Trend Micro Web site. Register during installation, or online at:

  http://olr.trendmicro.com/

 
6. Post-Installation Configuration
========================================================================
   No post-installation steps are required.

  Note: Trend Micro recommends that you update your scan engine and  
  virus pattern files immediately after installing the product.


7. Known Issues
========================================================================

   There are no known issues for this security patch release.


8. Release History //boilerplate text, do not change
========================================================================
   See the following website for a more information about updates
   to this product:
   http://www.trendmicro.com/download


9. Contact Information  
========================================================================
   A license to the Trend Micro software usually includes the right to 
   product updates, pattern file updates, and basic technical support 
   for one (1) year from the date of purchase only.  After the first 
   year, Maintenance must be renewed on an annual basis at Trend Micro's 
   then-current Maintenance fees.

   You can contact Trend Micro via fax, phone, and email, or visit us 
   at:
 
   http://www.trendmicro.com
 
   Evaluation copies of Trend Micro products can be downloaded from our 
   Web site. 

   Global Mailing Address/Telephone numbers
   ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   For global contact information in the Asia/Pacific region, Australia
   and New Zealand, Europe, Latin America, and Canada, refer to:
   
   http://www.trendmicro.com/en/about/overview.htm

   The Trend Micro "About Us" screen displays. Click the appropriate 
   link in the "Contact Us" section of the screen.

   Note: This information is subject to change without notice.
         

10. About Trend Micro  
========================================================================
   Trend Micro, Inc. provides virus protection, anti-spam, and 
   content-filtering security products and services.  Trend Micro allows 
   companies worldwide to stop viruses and other malicious code from a 
   central point before they can reach the desktop.  

   Copyright 2007, Trend Micro Incorporated. All rights reserved.
   Trend Micro, the t-ball logo, OfficeScan Corporate Edition
   are trademarks of Trend Micro Incorporated and are registered in some 
   jurisdictions. All other marks are the trademarks or registered 
   trademarks of their respective companies.


11. License Agreement  
========================================================================
   Information about your license agreement with Trend Micro can be 
   viewed at: 

   http://www.trendmicro.com/en/purchase/license/

   Third-party licensing agreements can be viewed:
     - By selecting the "About" option in the application user 
       interface
     - By referring to the "Legal" page of the Getting Started Guide or
       Administrator's Guide