This is an update notice for the recent emerging issue in Intelligent Sandbox (IS) and Advanced Threat Defense (ATD) about the expired database certificate, as documented in KB96768 - Multiple issues in Intelligent Sandbox/Advanced Threat Defense due to internal certificate expiration.
Trellix unpublished the upgrade packages, migration packages, and installation images, which included the expired certificate, from the Download portal. Trellix is working on repackaging them with the updated certificate. Trellix has also published the repackaged 5.2.x files that contain the updated certificate, and will upload other packages as well.
IMPORTANT:
- When upgrading or migrating your ATD/IS, ensure to use the repackaged upgrade/migration files that include the updated database certificate.
- Before upgrading or migrating your system, ensure to apply the certificate patch to your running system.
NOTE: Owing to the change in the signing mechanism in the repackaged version 5.0, DXL Client in the repackaged version 5.0 does not function. Customers are advised to upgrade immediately from repackaged version 5.0 to repackaged version 5.2.
Upgrade Path
Customers using versions 5.0 and 4.14 can directly upgrade to version 5.2. Customers using version 4.12 must first upgrade to version 5.0 and then to version 5.2. Customers using version 4.10 must first upgrade to version 4.14 and then to version 5.2.
Here is a simplified notation of the valid upgrade paths:
- 5.0 → 5.2
- 4.14 → 5.2
- 4.12 → 5.0 → 5.2
- 4.10 → 4.14 → 5.2
Trellix recommends subscribing to KB96768 - Multiple issues in Intelligent Sandbox/Advanced Threat Defense due to internal certificate expiration so that you will be notified as new information becomes available.