Trend Micro WFBS - Excessive Policy Violation Detected Notification
Users of Trend Micro Worry Free Business Security Standard and Advanced (SP1 and SP2) ran into a bit of a surprise over the last 24 hours or so. If you are getting messages of
"Unauthorized changes blocked" for the TMBSRV.exe process (Unauthorized changes blocked! Client/Server Security Agent has blocked the following programs to protect your computer. To unblock the programs, contact your administrator), then you need to run the hotfix provided this afternoon (9/21/2010) from Trend Micro:
Details are at http://esupport.trendmicro.com/4/Behavior-Monitoring-blocks-the-TMBMSRVexe-process.aspx.
To address the problem, please apply Critical Patch Build 3221. You can download it from the following links.
• Critical Patch Build 3221 for Worry-Free Business Security Standard/Advanced 6.0 SP1 or SP2
A workaround that appears to be working according to Kevin Royalty is:
Disabling Behavior Monitoring in the Trend console, then updating the client machines either by update now or let them auto update. Turn Behavior Monitoring back on after they have updated.