Version v4.17.2

Release Date: 03 Mar, 2020

New features:

Quarantine cleanup task no longer blocks Core service starting procedure
Empty file submission is no longer be blocked at REST API level
- Retain same behavior on Core 4.16.3 or older, to support back some corner use-cases from MD Kiosk and ICAP
Custom engine initialization enhancement
- Increased timeout to 10 minutes to support engine deployment on under-specs hardware (formerly 1 minute)
Processing history report enhancement
- Added "username" column to the processing history export from MD Core
Validation mechanism on file scan and batch init REST API changed
- When using via REST API, no longer validate session cookie, only API key header is validated when exists (same behavior on Core 4.16.3 or older)
Configurable Proactive DLP timeout is supported
- Support to adjust timeout for Proactive DLP handling (formerly fixed on 3 minutes)
Respecting whitelist and blacklist configurations
- Respect skipped scan settings (Whitelist / Blacklist) to keep backward compatibility, and also save Core resource for processing files as well.
Response for POST /login no longer returns cookie back to client
- When using via REST API, by default the response for POST /login no longer returns cookie back to client (same behavior on Core 4.16.3 or older, to avoid breaking F5 LTM scenario with cookie header is auto added)
Removing failed dummy scan results on Core processing history UI due to upload failure
- When file upload is failed for some reasons (e.g. network corrupted) between clients and MD Core, dummy record results are still available and displayed on Core processing history UI, but actually MD Core never processed those files, and client never got results from MD Core on those files. Those dummy records will be removed since this version to avoid misleading.

Fixed:

Deadlock could possibly happen when engine update task is timed out
- When encountered, all files happens in "Failed" result with "Not available" result for file type analysis after timeout hit (~ 70 seconds), and only Node service relaunched can bring the scanning be operational back.
Node service could be crashed when archive engine crashed
- When archive engine crashed for some reasons, Node service could be crashed as well (but not happened all the time)
Core and Node service could be crashed when under high load
- Core and Node service could be crashed when under high load
Archive file extraction when timed out, or failed to extract, the original archive itself could not be scanned by AV engines
- When archive extraction hits timeout or failed to extract, the original archive itself could not be scanned by AV engines
Core could return 404 not found HTTP(S) response to client for sanitized file download API request
- When processing the same file many times on Core, it could return 404 not found HTTP(S) response to client (e.g. MD Email) due to file sync issue between Core and Node
Memory leak issue on Core process
- The process ometascan could be leaked on memory with auto update mode enabled and Proactive DLP engine is enabled
Anonymous user can't submit file scan to MD Core web scan UI
- When not logged in, anonymous user can't submit file scan to MD Core web scan UI (error: Invalid session ID given)
Core service can't restart due to configurations corrupted while running Proactive DLP engine
- Core service can't restart due to configurations corrupted while running Proactive DLP engine
Document files inside sanitized password protected archive file could not be sanitized
- When document file is also treated as an archive file, there was a bug on archive compression level calculation to prevent document files not being sanitized inside original archive file
Timeout on hash calculation task resulted as Blocked regardless of "override scan results classified as allowed" setting
- When this task timed out, regardless what users set on "override scan results classified as allowed" setting, the final verdict were "Blocked"
Webhook continuous fixes and updates
- Duplicated callbacks returned to client
- Support retry mode for sending callback to client (when client is temporarily unresponsive etc.)
- Enhance validation callbackurl header against IP version 6 and domain format
Minor UI fixes
- Added margin to bottom edge of scan result UI
- Name of rights under user management did not match to Inventory

Version v4.17.1

Release Date: 06 Jan, 2020

New features:

Archive extraction details
- Available on both scan result UI and
Advanced engine configurations enhancement
- UI interactive and schema based for advanced engine settings
Proactive DLP engine integration enhancement
MetaDefender Cloud integration enhancement
- MetaDefender Cloud API version 4 upgraded
Engine integration enhancement to avoid product crash
User validation update for file and batch processing
- File scan and batch init endpoint API is now validated on API key input when that key information is available.
More ready for adding password back to sanitized archive and document files
Minor UI update

Fixed:

Core could become unavailable to clients when under high load
- Data communication channel between Core and Node service could be broken when under high load
Processing giant files (> 50 GB) could be stuck at hash calculation
- Hash calculation with pre-set timeout value (10 minutes) could be exceeded when processing giant files (> 50 GB) and then stuck at 5% forever
Scan could be failed with "not available" result for File type analysis when under certain circumstances
Memory leak issue on Core process
Temporary files not cleaned up when archive extraction timed out
Webhook continuous fixes and updates
- Redundant warning log messages populated even when not using webhook mode
- Core could be crashed itself when trying to close a not-found bath with callback
- Callback sent to client with wrong status when Core is restarted
Visibility level smaller than full details might break batch result display
Minor UI fixes
- The field "File Password" on the file processing UI not cleared up after empty file selected

Version v4.17.0.1

Release Date: 27 Nov, 2019

Fixed:

Deadlock issue on batch handling
- Under certain circumstances, a deadlock issue could encounter locking database from being queried (timeout on REST requests)

Version v4.17.0

Release Date: 14 Nov, 2019

New features:

Callback URL (Webhooks) for file and batch scanning (to avoid polling result from client)
- Support for individual file and batch scanning to eliminate polling mechanism i.e. MetaDefender Core will notify client based on designated / configurable callback URL whenever an individual scan finished or a batch can be closed.
Security enhancements
- Harden MetaDefender Core management console against security vulnerabilities found on pen-test's result
Log correlation from parent archive file to child files
Comprehensive failure reason on archive extraction (available on JSON response)
Sanitization output name on password protected document fully respects value set on UI
- No longer appended with fixed value "decrypted_document" in output name
UTF8-encoding password for file scan request via REST
- File scan REST API now supports "archivepwd" header with encoding password
Total number of files inside archive (all recursive levels), available on scan result UI
Archive scanning enhancements
- Better integration logic with archive engine
- Support empty folder inside archive engine
- Not try to extract archive file if extracted size exceeded is anticipated
Database query optimization
Processing input refinement
- Empty file scan request no longer is accepted at API level
MetaDefender Core's nginx log location no longer requires double backslashes
UI enhancements
- Password field supported for password-protected archives or documents on the UI (web scan)

Fixed:

Relaunching Proactive DLP engine process after timeout could crash Node service
Nginx custom configuration file and certificates is unexpectedly erased when upgrading MetaDefender Core
Overall failure on scan could encounter when system goes wrong while analyzing file type
- When something wrong occurred while analyzing file type, the scan process could be immediately stopped and ended up as overall failed.
Override scan result setting did not apply properly to empty batch
Changes on workflow template could interfere Core service
- Excluding engines in workflow template could make Core service failed to start
Return incorrect REST response code when closing batch with invalid API key
Fail to create local user directory under certain settings
- Creating "Local" user directory type could be failed when "Enhance password policy" setting is unchecked
Nginx access log location customized on registry is not retained when upgrading MetaDefender Core
- When upgrading MetaDefender Core, nginx log location (nginx_logfile) could be unexpectedly reverted back to default value, not retained to what users configured.
Minor UI fixes
- Some display and hyperlink minor issues related to table and navigation
- Hitting cancel batch button on UI causing error

Version v4.16.3

Release Date: 16 Oct, 2019

New features:

Support new header (metadata) for file submission API
Enhance MetaDefender Core service starting procedure
Enhance engine update procedure
Remove restriction on Core version retrieval REST API

Fixed:

MetaDefender Core service on Linux could not be started when running on FIPS mode
MetaDefender Core service could be unexpectedly restarted when engines repeatedly crashed
Uninstalling MetaDefender Core did not terminate its processes properly (nginx)
Password protected document could not be decrypted properly for data sanitization
Uninstalling MetaDefender Core did not clean up its leftover data folder

Version v4.16.2

Release Date: 10 Sep, 2019

New features:

Restrict APIs based on user roles (configurable)
Support displaying and filtering username on processing history UI
Enhance logging with Yara matched rules appended
Upgraded nginx web server component to latest version 1.16.0
Add new scan result - Unsupported file type
Refined JSON output when users want to quarantine items which are already in quarantined folder
Updated UI (minors)

Fixed:

In-progress files could be deleted mistakenly, causing failures when scanning
Engines repeatedly disable and re-enable
File processing could be stuck until archive timeout value reached
Non UTF-8 characters were not displayed correctly when exporting process history via UI
Dependency installation issue on Ubuntu 18 & Debian 9

Version v4.16.1

Release Date: 12 Aug, 2019

New features:

Supported to pin & unpin engines and their database on the UI to prevent auto update being applied
Gently handled timeout on Archive and Deep CDR engines
New logging mode for archive processing troubleshooting
Enhanced logic for non-archive file processing
Limited number of characters on some applicable text fields on the UI
Enhanced security with unquote service exploit

Fixed:

Node crash issue when under high load
Issue with resource manager with in-use temp files
Memory leaking issue on archive engine process
Memory leaking issue on Node process
Batch handling issue causing failure on batch
Stuck scan issue at 5% when parallelcount_7z_extract is set with definitive number
Detection issue on Proactive DLP engine with regrex rule applied
UI issue where Yara result is not displayed
UI visibility issue on Internet Explorer (IE) web browser
Some other minor UI issues
Wrong timezone set on exported CSV scan report

Version v4.16.0

Release Date: 08 July, 2019

New features:

Proactive DLP engine (ver 2.0) integration
Password policy enforcement
Support archive partial sanitization for Vault and Email integration
New REST API for local update server source
Better handle archive sanitization timeout
Support configurable settings for archive extraction and compression parallel count
Enhance syslog message format
Retouch UI
Better logging with timeout on engines
Enhance logic to apply engine definition files

Fixed:

Wrong outcome when archive engine process unexpectedly stopped
Wrong UI result on sanitization timeout
Memory leak issue on engine package uploading

Version v4.15.2

Release Date: 19 June, 2019

Fixed:

Stability issue
- Potential deadlock issue on batch scan handling prevents querying batch information
Usability issue
- Enhanced error log messages when the engine process is terminated due to engine timeout
- Exposed log messages on warning level when there is an archive extraction failure

Version v4.15.1

Release Date: 06 June, 2019

New features:

Partial sanitization use-case for archive file types
Clarified error messages for terminated engine processes
New REST API for cleaning up idle batch scans
UI improvement
License EULA update

Fixed:

Stability issue
- Potential memory handling issue that could cause the node service to crash
- Empty and read-only files are no longer extracted
Usability issue
- Not able to remove abandoned temp. files of archive files when they are empty and read-only
Security issue
- AD user credential is not masked properly on the audit log while sending over to AD server for authentication
Scanning batch REST API issues
Engine custom configuration
UI issues
- Dashboard refresh button sometimes did not work as expected
- List of processing records didn't show when changing "number records per page" while not staying at first page
- Not user-friendly error messages when adding duplicate hashes to a backlist
- Typos on the UI

Version v4.15.0

Release Date: 06 May, 2019

New features:

Data Sanitization details displayed on Core management console
User password recovery and reset enforcement
API rate limiting
Support Windows Server 2019 (The support is still on beta)
Suspicious results returned by engines are now configurable to be handled as a different circumstance (infected, ignore)
Improve usability
- Return zero for definition dates on non-AV engines' database
- "Select all" option added to the Data Sanitization page
Improve handling on node
- Improve cleanup mechanism on nodes to avoid deleting files in use
- Improve validation process when starting the node service, support to try creating temp. folder with a configurable timeout

Fixed:

Fixed stabilization issues that possibly caused Node services to crash
Scan batch API closing issues
- No longer returns total time of -1 in response
- Should not randomly fail due to " 400 - One or more scan is still in progress" even when all linked scans already finished
Upgrading Core when installed in a non-default installation path prevented users from choosing another folder path by mistake
UI issues
- The "Process File" button no longer disappears in case of sanitization failed
- Max recursive level under archive handling tab must equal 1 or greater
- non-Unicode file name displayed on web scan UI encoded properly
Sanitizing empty archive file no longer returns failed

Version v4.14.3

Release Date: 01 Apr, 2019

New features:

Support built-in integration with OPSWAT Central
New setting for archive sanitization timeout
Add process time field into CSV exported history report
Effectively wipe out necessary data from support package
Revamp Inventory UI page with "Utilities" group
More relevant REST error message for scan request where file is non-existed / inaccessible
Syslog message for scan-finish event more comprehensive
Consolidated scan info for archive scan result fetching
Add libcurl4 as alternative dependency to libcurl3 for better support on Ubuntu 18.04
Outputs and indicators for Threat Intelligence feature on Quarantine UI page more relevant and informative

Fixed:

Node becomes unstable under high load processing
Closing batch with ongoing scans could result in failed verdict on batch
Inconsistent behavior with password protected document
Temporary files are not cleaned up when cancelling an ongoing scan
Inconsistent returned error message between batch and file scanning via REST
DLP verdict returns incorrect value for some cases
Logs in support package did not handle non-Unicode characters

Version v4.14.2

Release Date: 28 Feb, 2019

New features:

New result page, n ew look and more informative badge

Fixed:

Engine configurations could not be saved
Make error message more relative for case where file exceeded the size limit
Pinning engines and their databases independently

Version v4.14.1

Release Date: 31 Jan, 2019

Fixed:

Missing "pinned" option from "/stat/packages" JSON response
Inconsistent "progress_percentage" and "result" values
Hash validation (blacklist/whitelist)
Upload performance

Version v4.14.0

Release date: 19 Dec, 2018

New features:

Send quarantined files to MetaDefender Cloud for scanning
Automation support:
- Support ignition file to automate the welcome wizard
- Configuration API functions have been documented

Enhanced password policy can be enabled for local users
Files with Failed to sanitize result can be set to be blocked

Version v4.13.2

Release date: 21 Nov, 2018

New features:

Tiles on Dashboard are linked to the corresponding pages
More options to filter Processing History (Post Actions and CDR)

Fixed issues:

In case of an engine hangs, the communication channel is blocked between the Node and the Core, so more engines can time out
Clean-up mechanism removes files still in use
Various engine handling issues

Version v4.13.1

Release date: 31 Oct, 2018

Fixed issues:

Yara and DLP tasks are not stopped on cancelling a processing
Batch processings cannot be cancelled via web management console
"Can't process shared resource file" error message did not contain the file name

Version v4.13.0

Release date: 16 Oct, 2018

Important:

Yara engine integration

New features:

Processing history entries can be colorized
Files can be marked as suspicious if less than a given number of engine mark it as infected
Processings can be cancelled via web management console
Default rules are added for MetaDefender Email Security
Bulk operations in quarantine

Fixed issues:

Extracted files are left behind
On Debian based systems, on upgrades, engines are deleted and disabled engines are re-enabled

Version v4.12.2

Release date: 3 Oct, 2018

Fixed issues:

In case of archive processing, sometimes clean-up mechanism removes some extracted files before processing is finished

Version v4.12.1

Release date: 26 Sept, 2018

New features:

Files can be whitelisted/blacklisted by their checksums
More specific log entries for CDR

Fixed issues:

Details of scan result for nested archives (for the file itself not for the content) is not propagated to the top level
The value, set in "MAX TOTAL SIZE OF EXTRACTED FILES" is handled incorrectly
Older configs cannot be imported into v4.12.0

Version v4.12.0

Release date: 15 Sept, 2018

Important:

Data Loss Prevention functionality

New features:

Possibility to set the number of engines that required to start file processings (per workflow)
Possibility to exclude engines from processings (per workflow)
Improved user interface performance
Possibility to blacklist/whitelist files by file types besides file type groups
Re-designed workflow tab list appearance
Possibility to set timeout for sessions regardless of user activity

Fixed issues:

On Node details page, every issue appears multiple times
Despite not detecting any vulnerabilities, the vulnerability tab appears
On hash lookup page, empty hash can be searched
Sanitized output file name validation can cause user interface stalled

Version v4.11.3

Release date: 30 Aug, 2018

Fixed issues:

Whitelist page under Inventory menu does not exist (only UI issue)

Version v4.11.2

Release date: 29 Aug, 2018

New features:

The access_log Nginx directive now can be overridden
The parallel count parameter now can be set per engine
Minor changes on user interface for better user experience

Fixed issues:

A critical CSV injection vulnerability in the CSV export functionality (issue reported by Wojciech Reguła, SecuRing)
Archives can be sanitized even in case of partial processing (e.g. exceeded archive size, exceeded archive file number)
In some cases, blocked results can be overwritten by an allowed result with higher priority
Inconsistent operation of MetaDefender Cloud integration
Typos on the user interface
Abandoned files left behind after processings

Version v4.11.1

Release date: 8 Aug, 2018

Fixed issues:

Unexpected Core and Node service restart in some corner cases
Using remote syslog server slows down the product in case of missing PTR record in DNS
Empty files are skipped in archives
Incomplete archive extraction issue happened on heavily overloaded systems

Version v4.11.0

Release date: 11 July, 2018

New Features:

Exceptions (by mime-type) from whitelist/blacklist
New engine page called Technologies
Support for user-friendly engine configuration (depends on the engine version)
Welcome wizard

Fixed issues:

Slow clean-up mechanism
Abandoned files after uninstall in Windows
Temporary files are left behind after processings
Wrong sanitized output file name in some cases
Default workflows can be overridden on config import
Core crashes

Version v4.10.2

Release Date: 27 June, 2018

Fixed issues:

Uninstall not properly cleans the system
The "whitelisted" and "blacklisted" results are overriden by "infected" result
Node crashes
Inconsistent results in case of archive processing: In case of processing an archive more times, the result may be different by cases (infected/exceeded archive file number/exceeded archive size)

Version v4.10.1

Release Date: 23 May, 2018

New features:

Data Sanitization engine time-out and retry count is now configurable
REST API: process info contains the name of the last scanned file when scanning archive file types
REST API: Configurations that may change the final scan result since the time of processing will be included in the process info response (i.e., outdated definitions)
Hash based result lookups can be filtered by rule name

Fixed issues:

Sanitized DB integrity issue
On the dashboard, category names of doughnut charts were truncated
In case of archive processing, the "Not scanned" result to a file is not propagated to a higher level (overall verdict)

Version v4.10.0

Release Date: 2 May, 2018

Important:

Added support for the LDAP directory type
Syslog messages can now be sent to multiple log aggregators
MetaDefender installers no longer use eicar test files

New features:

AD and LDAP directories can now be configured with multiple servers
Sanitization failures are marked with a badge in the scan session summary
Admin’s will be notified if a third party solution is blocking MetaDefender from working as expected
Users can now be granted API keys manually
Paginated archive results
HTTPS can now be enabled from web management console

Fixed issues:

Improved license status info
In some cases, sanitized files had faulty names
Suspicious scan results were not always at the top of the list in archive file types
Inappropriate handling of user rights in the Whitelist page
AD group members did not have user profiles
Misleading license information

Version 4.9.1

Release Date: 28 February, 2018

New features:

New-looking user interface
Workflows based on the default one (not edited by workflow editor) will be kept and upgraded on version upgrade in the future
It is allowed blacklisted/whitelisted files to be processed

Fixed issues:

Security zone: IP address validation
Cancelled batches are displayed as in-progress
Removing certificates from the inventory caused policies to disappear
Memory leak in Node
Access via Active Directory is not logged
Sluggish pages under Policy menu

Version 4.9.0

Release Date: 13 December, 2017

New features:

IPv6 support
Global whitelist by hash
Whitelist by file type group
Display more security related information on dashboard
Changed default port for external nodes to 8007
New default security rule for Metadefender Secure File Transfer (SFT)
Performance tuning of processing history
Improved resource handling on Node
On Linux, multiple nginx worker processes for better scaling

Fixed issues:

Upgrades overwrite existing configuration (IP, port, etc.)
Resource folder clean up after data sanitization
Update timing settings affect manual updates
Poorly handled invalid update files
Poorly handled UTF-8 characters in output file name for sanitized files
/hash API can give "in progress" result

Version 4.8.2

Fixed issues:

Fixed a memory leak caused by failed update download
Fixed a possible crash issue at Scan history manual cleanup in case of high load
Fixed a memory leak in case of recurrring failed database deployment on Node

Version 4.8.1

Release Date: 5 October, 2017

New features:

Improved engine/database update distribution to nodes
Improved archive extraction limit handling
Improved engine monitoring
More precise time duration measurement for requests
API for canceling scans (file/batch scans)
Option to disable archive extraction of office documents
For batch scans, certificate validity interval can be set
Improved scan result badge

Fixed issues:

Fixed issue of scans stuck in "in progress" state
Fixed possible product crash during archive scanning
Fixed update bug where incorrect packages left behind
Fixed failed quarantine handling
Fixed handling unavailable engine during scans
Scan result JSON now contains file name in UTF-8 format
Limited number of parallel Post Action and External Scanner scripts
Archive handling parameters now have upper bound
Improved archive handling
Archive related failure handling

Version 4.8.0

New features:

Quarantine for blocked files
Scanning files in batch (REST API)
Certificate and key handling for scan batch signing
Configurable sanitized file name
Post action commands gets the result JSON with final verdict included
Increased scan history export interval
Improved archive bomb handling
Added eng_id to scan_results.scan_details (REST API)
Showing in-progress files in "extracted files" list of archives
Added "scan_all_result_a" into "extracted_files" (REST API)

Fixed issues:

Fixed case insensitive username comparison in Active Directory integration
Process workflow revamped (post actions run every time)
Fixed non-updated policy user interface after added new user roles
Fixed handling of database upgrade errors in linux package installers
Fixed error handling when scan target was sent in the body and via filepath (/file REST API)
Fixed disconnected ghost node issue displayed on user interface

Version 4.7.2

Issues fixed:

Fixed bug that could cause policies to not contain any elements and forbid user to create new items
Fixed bug where Core could download older version of engines where newer one was already downloaded

Version 4.7.1

Issues fixed:

Fixed upgrade of scan configuration
Fixed ghost nodes appeared on Inventory→ Nodes page

Version 4.7.0

New features:

Active Directory integration
Custom post actions
Redesigned user interface
External (customer developed) scanner integrations
Policies export/import
Archive sanitization
Individual log message level override
Aggregated archive scan result in Scan History
Self-lockout protection, admins can not delete themselves
gzip and base64 encoding now supported on /file REST API
Able to navigate through archive hierarchy
Timezone changed to local in log messages
Metadefender Cloud integration hostname changed to api.metadefender.com

Issues fixed:

Fixed scanning of .lnk files on Windows
Fixed blacklisting of Unicode filenames
Automatically downloads packages again if the previous download failed
Fixed order of extracted files on scan details view
Fixed rare temporary file leak during archive scan

Version 4.6.3

Issues fixed:

Improved scan result fetching performance for big archives

Version 4.6.2

Issues fixed:

Improved archive extraction performance
Fixed a race condition in /file/<data id> REST API that could provide access error in some cases
Fixed advanced engine config reload for Data sanitization engine
Fixed login issue which happened when many login request was initiated concurrently
Fixed calculation of extracted file count

Version 4.6.1

New features:

List of path for local filescan can be blacklist / whitelist with specific error message on REST

Issues fixed:

Invalid external Node listenting IP/port config stops product startup
Connection to remote syslog is reactivated on network error
If user has no right to use a rule, following rules in order will still be checked
sending HEAD request where GET should have been sent will not lead to product crash
Ensure resource file deletion on Microsoft Windows when a scan engine locks file further than expected
Scan history CSV export uses comma as separator
Fixed potential Node service crash when stopping during scanning
More specific error message when uploaded file size limit exceeded
Fixed a rare race condition in update downloader component
Fixed login issue when Core v3 like URL is used by the admin (/management)

Version 4.6.0

New features:

Multiple user roles introduced with different access rights
Scan Agent has been renamed to Scan Node
Role (user group) based rule availability configuration
Role based scan result visibility with different level of details exposed
Ability to export part of scan history into STIX/Cybox format
Ability to export part of scan history into CSV format
Filter on rule and source added into Scan history
Configurable lockout feature against brute force login attack
Official support introduced for Ubuntu 16.04
Detection threshold (suppress threat detection if less then X engines detected a threat)
Custom engine configuration via user interface
Free text search functionality in user guide
Suspend engine testing/deployment to Node when 3rd party security software blocks access to malware files
Successful login / unsuccessful login / lockout events are logged
Option to send engine issue count info during update
[REST API] /file/{data_id} response for scan results now contain process info block for extracted files
Initiating local scan is faster as no wait for hashing is required

Issues fixed:

[REST API] /file/{data_id} blocked reason change to mirror V3 API
Fixed handling of archive extraction depth
More flexible and stable internal database upgrade when upgrading product
Custom engine update timeout increased to one hour to deal with slow engine updates
Archive engine fixes (non-ASCII filenames in archive)
Engine handling fixes, improved handling of engine deinitialization
More precise engine cleanup when removing engines
Fixed bug where random connections were rejected every 2 min
Fixed bug regarding updates handling (conflicting names)
Filesize is now correctly displayed on scan result user interface
Support package generator now includes auditlog db

Version 4.5.1

Issues fixed:

Fixed possible crash of Agent when there is database which is handled by engine
Fixed possible crash of Core that could occur when updating a package

Version 4.5.0

New features:

Data Sanitization of files to protect against unknown threats
Filetype mismatch detection
Improved user interface responsiveness for small screens
Real filetype based blacklist option in rules/workflows
Improved licensing for offline deployments
Added product specific proxy settings in the Linux version
Advanced configuration for allowed/blocked file scan result types

Issues fixed:

Fixed local scan option user interface for new rules
Fixed Scan History auto cleanup collision with manual cleanup
Potential issue fixed for update file upload
/apiversion interface is added to easily determine REST API compatibility level

Version 4.4.1

New features:

Added several features/improvement for better Metadefender Kiosk integration
Full audit log about any configuration changes via Web user interface or REST API
Able to disable applying update in user configurable time periods
Core can act as an update source for OESIS product line
Detect if the analyzed binary is a part of any vulnerability detection
Improved scan engine status monitoring and auto recovery
Custom directory can be set for storing temporary files
Able to set up apikey for every user for easier REST API integration
Improved hardware detection in license component

Issues fixed:

Fixed message content format in Windows Event log
Fixed system wide proxy usage on Windows
Improved browser cache handling in case of product upgrades
Fixed a path specification issue in local file scanning feature on Windows
Fixed engine counting on Agent details page (do not count utility type engines)
Fixed lost agent connection handling
Fixed handling of unsupported Transfer-Encoding on REST API
Patched internal nginx web server to fix CVE-2016-4450
Fixed archive timeout handling and user interface
Fixed scan results in case of archive related findings
Improved logging of proxy usage
Improved handling of slow file uploads
Detailed logging in case of SSL connection issues
Improved auto-recovery of engines running under Emulated Windows

Version 4.3.0

New features:

Introduced official support for Microsoft Windows 7 or newer and Microsoft Windows Server 2008 R2 or newer
Added offline update picker feature to make it easy to apply offline updates without user interaction or scripting
Able to scan local files stored on server without transferring the content via REST API
Added hardware related info into generated support package
Created a framework in Linux version to be able to run Windows scan engines on Linux server
Option added to log to a remote syslog server
Inventory / Scan Agents page extended with more detailed agent information
Parameter workflow renamed to rule in some REST APIs
Improved system issue notification on Web Management Console
Added detection of 3rd party anti-malware products that break operation of Metadefender Core
Improved scan performance of various engine integrations

Issues fixed:

Improved documentation of multiple REST APIs
Fixed failed scans during some engine or database update
Removed unmeaningful database age display of non-anti-malware engines

Version 4.2.0

New features:

product name has changed to Metadefender Core
able to use scan results from metadefender.com
workflow options can be configured from Web Management Console
workflow options can be overridden from rule editor window
support for system wide HTTPS proxy
it is possible to configure maximum file size of scanned files
filtering security rule by user agent is now possible
eliminate limitations on the size of scanned files
improved scan related log messages
deployment can now be deactivated on the License page
automatic deployment reactivation of online installations if license becomes invalid
Metascan v3 URLs (/management and /metascan_rest) are now redirected to the proper v4 URLs
check disk space before/during scan requests

Issues fixed:

fixed encrypted communication error with activation server on Ubuntu 12.04
fixed temporary folder cleanup
fixed support data collector scripts
do not download database without the corresponding engine package
number of engines and maximum file size is now reflect the current status

Version 4.1.0

New features:

https support for REST API and for Web Management Console
update history to track every database/engine change
new option to globally disable or enable specific scan engine
reworked result page for archive files
user guide is available within the product
no scan downtime while updating engine/database (if engine supports)

Issues fixed:

more descriptive communication error messages instead of error codes in logs
proper handling of update download issues
fixed handling of scan engine crashes
fixed manual update package upload
fixed unwanted warning message after successful activation

Version 4.0.1

New features:

new script to help log collection for support
inform the user if browser is not HTML5 compatible
show a spinner if loading a page takes too much time
support lower screen resolution for web interface
support for non-ascii character filenames in archives

Issues fixed:

fix stability issue in update downloader
optimize database queries
do not check for updates at product startup if auto update is off
fixed a page auto refresh issue with Internet Explorer

Version 4.0.0

New features:

Able to to monitor Metascan v4 for Linux instances
Able to to monitor Metascan v3 for Windows instances
Collect Files scanned and Infections found stats from managed instances
Deploy scan engine database updates to Metascan v3 for Windows instances
Deploy scan engine and scan engine database updates to Metascan v4 for Linux instances