Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
12867
Views
0
Helpful
44
Comments

CSC Module updates failing - The error code is 62

Magnus Mortensen
Cisco Employee
Cisco Employee

‎02-17-2014 11:10 AM - edited ‎03-08-2019 06:54 PM

As of February 15th, 2014, Trend Micro changed the signing certificate used to digitally sign the pattern updates used by the Trend Micro Content Security and Control Module (CSC-SSM). This causes the CSC module to fail to 'verify' the downloaded patterns and results in updates failing. Administrator would be presented with an email notification along the line of:

 

AntiVirusPattern : Pattern Update: The download file was unsuccessful for ActiveUpdate was unable to verify security information. The local trusted info database is corrupted. Please contact Trend Micro technical support.. The error code is 62.

 

This issue is addressed by CSC Module patch 1145 (or later) for version 6.6.1125.0 of the CSC Module code.

 

You can obtain Patch 1146 from Trend Micro's Safe Sync server at the following URL:

https://dc1.safesync.com/LMcmmxjs/csc_66_en_hfb1146.zip?a=LkkaMTwupGE

The zip file contains two files, the MD5 sums of the files are listed here for reference:

 

MD5 (Readme.txt) = 5c6127c0abffa4634fc2908b775eec30

MD5 (csc_66_en_hfb1146.pkg) = bfc98940f19eb7e6d2177615d553fb74

The above patches have been superseded by patch versions x.1169. More information here: https://supportforums.cisco.com/document/13102616/csc-module-updates-failing-after-late-july-2016-error-code-28

The included readme.txt file contains the release notes for this Hotfix.

 

Application of the Hotfix patch is done through the CSC Module GUI in the 'Product Upgrade' section of 'Administration':

 

Screen Shot 2014-02-17 at 2.07.06 PM.png

If you continue to have pattern update failures, please contact Cisco TAC.

Labels:
0 Helpful
Comments
Chadi Matar
Level 1
Level 1
‎07-23-2014 12:20 PM

Hi Magnus,

I think I resolved the issue, I read on another CISCO thread that the issue could be coming from esmtp. I disabled it as follows:

policy-map global_policy

class inspection_default

   no inspect esmtp

 

I'm using Software  8.2(2)

And suddenly, all blocked mails to Gmail, hotmail, yahoo, and previously blocked mails to different domains just went out very quickly and received delivered notifications :)

BR,

Chadi

 

mike
Community Member
‎11-05-2014 06:17 PM

Magnus

I am having a slightly different issue with the updates but the latest date visible of 14th Feb 2014 seems to line up with your initial post.  My issue is the Network Timeout version.  I am running latest the 6.6 code and I have applied the 1146 hotfix but the Network Timeout remains.  I am not inspecting the update traffic.  I gather from another post that there is a hotfix later than 1146 available which may address this issue.  

https://supportforums.cisco.com/discussion/12294056/what-latest-hotfix-asa-csc-ssm-20-66-code

This post suggests 1155 has been released.  Are you able to post a link to it please?

Chadi Matar
Level 1
Level 1
‎12-16-2014 10:05 AM

Hello Magnus,

I am having a small issue with my CSC SSM after installing the series of patches up to 1146, from time to time the device becomes unresponsive, the ping to IP is successful but the services seem to be down, http etc...and I have to re-initialize the module. Updates are running fine though.

 

I am doubting about flash free space remaining after last upgrade, which is now at 96 % 8 MB left free, to be the cause of the issue making the OS unresponsive.

 

Can I just delete the old patches still existing in this directory, till 1145?

-bash-3.00# pwd
/mnt/rw/opt/trend/isvw/patch/backup

-bash-3.00# du -sh *
3.4M    6.6.1125.0.1140
5.3M    6.6.1125.0.1144
5.9M    6.6.1125.0.1145
7.0M    6.6.1125.0.1146

 

/dev/hda2               217.8M    198.6M      8.0M  96% /mnt/rw

Is it safe to delete them and what is the proper method pls?

BR,

Chadi

 

tac.spain
Level 1
Level 1
‎01-15-2015 09:01 AM

Magnus,

  Unable to find the patch anywhere...can you maybe repost please?

Regards,

 

Eugenio

Henrik Skot
Community Member
‎01-15-2015 11:13 PM

Goodbye CSC modules :-) !!!

tac.spain
Level 1
Level 1
‎01-15-2015 11:53 PM

Why Goodbye?

 

  There are under support until Sept. 2018. But I can´t find the patch anywhere, neither Cisco or TrendMicro web sites. Will have to open a case for this and I doub´t they will help...

 

http://www.cisco.com/c/en/us/products/collateral/security/asa-5500-series-next-generation-firewalls/eol_C51-727284.html

 

Henrik Skot
Community Member
‎01-16-2015 12:01 AM

We never had a decent performance after this 1146 Patch, so we moved on :-) so its only a goodbye from us, and a good luck to you :-)

knamikhazehaqq
Level 1
Level 1
‎08-21-2016 10:58 PM

Hi

We  have issue with  updating CSC InterScan virus scan engine, pattern, adn etc

I have made many times reimagin but it does'nt help

Our version 6.6.1125 with patch applied 1157

nothing changed with firewall configuration everything worked fine month ago, the license for update also ok it has expiration date until 2017

Can U help pls

I'm receiving the error code 28

Chadi Matar
Level 1
Level 1
‎08-22-2016 05:25 AM

Hi knamikhazehaqq,

We are actually experiencing the same issue as well with same error code 28:

AntiVirusEngine : Pattern Update: The download file was unsuccessful for ActiveUpdate was unable to connect to the network. Please verify that the network connection is functional, and then try again.. The error code is 28.

Same message for all the remaining patterns.

I know it is not a network connection issue from our side as I tried different internet connections.

Our license is till the end of 2016 and unfortunately the updates stopped working on 25-07-2016:

Virus Pattern File 12.673.00 07/25/2016

Anti-spam rules 22472 07/25/2016

I think it might be related to the flash size on the CSC module, since I am on 256 MB.

I noticed on this link that Trend Micro has large size on the definition pattern files, the same are used in the CSC module, I am not sure though if it is relevant to our issue, since the existing pattern files on our module are much smaller in size:

http://downloadcenter.trendmicro.com/index.php?clk=left_nav&clkval=pattern_file&regs=NABU

Latest virus pattern is actually at: 12.721.50

Can you confirm please you are using 256 MB flash size as well? (from root access, fdisk -l)

BR,

Chadi

knamikhazehaqq
Level 1
Level 1
‎08-22-2016 06:28 AM

Hi

Yes we also have 256MB on /dev/hda

Magnus Mortensen
Cisco Employee
Cisco Employee
‎08-22-2016 06:33 AM

The current issue has nothing to do with file space limitations. There was a change on the TrendMicro update servers that requires an upgrade on all CSC modules to support that change.

Please check https://supportforums.cisco.com/document/13102616/csc-module-updates-failing-after-late-july-2016-error-code-28 for more info on what is breaking the updates at this time.

Magnus Mortensen
Cisco Employee
Cisco Employee
‎08-22-2016 06:34 AM
The current issue is due to a security change on the updates servers hosted by TrendMicro. Please refer to https://supportforums.cisco.com/document/13102616/csc-module-updates-failing-after-late-july-2016-error-code-28 for more information.
Chadi Matar
Level 1
Level 1
‎08-23-2016 01:41 AM

Patch installed, updates seem working fine now.

Thanks Magnus.

knamikhazehaqq
Level 1
Level 1
‎10-11-2016 11:31 PM

Hi

Is there any new changes at server side of TrendMicro?

We receiving error code 16 and cannot update AntiVirusPattern

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents