Topics on this page

Java release history

Version Release Date Changes
4.4.5 September 23rd, 2021

New Features:

  • The agent is now multi-region aware and can automatically detect which region to connect to.
  • You can now set the Advanced Threat Scan Engine (ATSE) aggressiveness level from the policy view.
  • The default ATSE aggressiveness level is changed from High to Medium.

    Changes:

  • Updated the anti-malware and malicious payload engines to resolve reported vulnerabilities with 3rd-party libraries: openssl, expat, and zlib.
  • Synchronized writing file to disk when updating the agent configuration cache.
  • The antivirus engine is re-initialized on first request when engine initialization failed.

    Fixes:

  • Fixed an issue where the anti-malware engine returned an error when scanning after malicious file upload policy rules were changed.
  • Fixed method notifyHandlerException not found in class io.netty.channel.AbstractChannelHandlerContext for Netty versions 4.1.49 and above.
  • Fixed the agent not generating logs when failing to initialize at start up.
  • 4.3.5 February 17th, 2021

    Changes:

  • Upgraded advanced thread scan engine to version 12.500-1004
  • Wait until the engines rules blobs are written to cache before declaring the agent ready
  • Added Fail Closed configuration and agent behaviour
  • Fixed AV scan engine initiatilization failure
  • Fixed AV scan failure to read CA certificate
  • 4.3.3 December 14th, 2020

    Changes:

  • Updated crypto algorithm for agent cache
  • Set umask and sync on cache writes
  • Re-initialise antivirus engine on first request when engine initialization failed
  • 4.3.2 November 9, 2020

    Changes:

  • Added support for:
    • Java 14 and 15.
    • Spring Boot 2
    • Spring 5
    • Tomcat 9
  • Validated the Liferay bootstrap with the Java Agent.
  • 4.2.0 June 15, 2020

    Changes:

  • Automatically apply recommended settings when running the agent in AWS Lambda layer or runtime.
  • Introduced the ability for the agent to manage atomic configuration updates from the backend.
  • Wait on responses after agent authentication refresh.
  • Support for Java Spring 5 Framework, when used as a war file, not as part of SpringBoot 2

    Fixes:

  • Fixed crashes caused by using libraries compiled with Musl while the JDK is compiled and linked with glibc and running on Alpine. The agent now detects the libC version of the library regardless of the Linux distribution.
  • Disabled providing the custom transaction ID via the header.
  • Fixed setting the defense logs configuration via environment variables.
  • Fixed the poller hanging after re-authentication.
  • Fixed the agent continuously and quickly re-attempting to authenticate following repeated authentication failures.
  • Fixed agent cleanup and activation of anti-malware pattern files upon updates.
  • Fixed some agent errors not being reported to the backend properly, for remote diagnostics.
  • 4.1.5 March 19, 2020

    Frameworks:

  • Added support for Netty 4
  • Added support for Spring Webflux
  • Added support for MySQL Connector/J 8.0

    Changes:

  • Policies for malicious file upload and malicious payloads are not fetched by the agent when the features are disabled

    Fixes:

  • reduce logs on consecutive errors
  • fixed slow anti-malware scanning with archives
  • fixed delays in downloading algorithms policies on first agent boot
  • fixed encoding issues when reading request body
  • 4.1.1 January 24, 2020 First release of Trend Micro Cloud One Application Security python agent

    New Features:

  • Open Redirect
  • Remote Command Execution
  • Illegal File Access
  • SQL Injection
  • Malicious File Upload
  • Malicious Payload