Trend Micro WFBS – Excessive Policy Violation Detected Notification

Post to Twitter Post to Facebook Post to StumbleUpon

 Users of Trend Micro Worry Free Business Security Standard and Advanced (SP1 and SP2) ran into a bit of a surprise over the last 24 hours or so. If you are getting messages of 
"Unauthorized changes blocked" for the TMBSRV.exe process (Unauthorized changes blocked! Client/Server Security Agent has blocked the following programs to protect your computer. To unblock the programs, contact your administrator), then you need to run the hotfix provided this afternoon (9/21/2010) from Trend Micro:

Details are at
To address the problem, please apply Critical Patch Build 3221. You can download it from the following links.
Critical Patch Build 3221 for Worry-Free Business Security Standard/Advanced 6.0 SP1 or SP2
A workaround that appears to be working according to Kevin Royalty is:

Disabling Behavior Monitoring in the Trend console, then updating the client machines either by update now or let them auto update. Turn Behavior Monitoring back on after they have updated.