Version v4.13.2

Release date: 21 Nov, 2018

New features:

• Tiles on Dashboard are linked to the corresponding pages

• More options to filter Processing History (Post Actions and CDR)

Fixed issues:

• In case of an engine hangs, the communication channel is blocked between the Node and the Core, so more engines can time out

• Clean-up mechanism removes files still in use

• Various engine handling issues

Version v4.13.1

Release date: 31 Oct, 2018

Fixed issues:

• Yara and DLP tasks are not stopped on cancelling a processing

• Batch processings cannot be cancelled via web management console

• "Can't process shared resource file" error message did not contain the file name

Version v4.13.0

Release date: 16 Oct, 2018

Important:

• Yara engine integration

New features:

• Processing history entries can be colorized

• Files can be marked as suspicious if less than a given number of engine mark it as infected

• Processings can be cancelled via web management console

• Default rules are added for MetaDefender Email Security

• Bulk operations in quarantine

Fixed issues:

• Extracted files are left behind

• On Debian based systems, on upgrades, engines are deleted and disabled engines are re-enabled

Version v4.12.2

Release date: 3 Oct, 2018

Fixed issues:

• In case of archive processing, sometimes clean-up mechanism removes some extracted files before processing is finished

Version v4.12.1

Release date: 26 Sept, 2018

New features:

• Files can be whitelisted/blacklisted by their checksums

• More specific log entries for CDR

Fixed issues:

• Details of scan result for nested archives (for the file itself not for the content) is not propagated to the top level

• The value, set in "MAX TOTAL SIZE OF EXTRACTED FILES" is handled incorrectly

• Older configs cannot be imported into v4.12.0

Version v4.12.0

Release date: 15 Sept, 2018

Important:

• Data Loss Prevention functionality

New features:

• Possibility to set the number of engines that required to start file processings (per workflow)

• Possibility to exclude engines from processings (per workflow)

• Improved user interface performance

• Possibility to blacklist/whitelist files by file types besides file type groups

• Re-designed workflow tab list appearance

• Possibility to set timeout for sessions regardless of user activity

Fixed issues:

• On Node details page, every issue appears multiple times

• Despite not detecting any vulnerabilities, the vulnerability tab appears

• On hash lookup page, empty hash can be searched

• Sanitized output file name validation can cause user interface stalled

Version v4.11.3

Release date: 30 Aug, 2018

Fixed issues:

• Whitelist page under Inventory menu does not exist (only UI issue)

Version v4.11.2

Release date: 29 Aug, 2018

New features:

• The access_log Nginx directive now can be overridden

• The parallel count parameter now can be set per engine

• Minor changes on user interface for better user experience

Fixed issues:

• A critical CSV injection vulnerability in the CSV export functionality (issue reported by Wojciech Reguła, SecuRing)

• Archives can be sanitized even in case of partial processing (e.g. exceeded archive size, exceeded archive file number)

• In some cases, blocked results can be overwritten by an allowed result with higher priority

• Inconsistent operation of MetaDefender Cloud integration

• Typos on the user interface

• Abandoned files left behind after processings

Version v4.11.1

Release date: 8 Aug, 2018

Fixed issues:

• Unexpected Core and Node service restart in some corner cases

• Using remote syslog server slows down the product in case of missing PTR record in DNS

• Empty files are skipped in archives

• Incomplete archive extraction issue happened on heavily overloaded systems

Version v4.11.0

Release date: 11 July, 2018

New Features:

• Exceptions (by mime-type) from whitelist/blacklist

• New engine page called Technologies

• Support for user-friendly engine configuration (depends on the engine version)

• Welcome wizard

Fixed issues:

• Slow clean-up mechanism

• Abandoned files after uninstall in Windows

• Temporary files are left behind after processings

• Wrong sanitized output file name in some cases

• Default workflows can be overridden on config import

• Core crashes

Version v4.10.2

Release Date: 27 June, 2018

Fixed issues:

• Uninstall not properly cleans the system

• The "whitelisted" and "blacklisted" results are overriden by "infected" result

• Node crashes

• Inconsistent results in case of archive processing: In case of processing an archive more times, the result may be different by cases (infected/exceeded archive file number/exceeded archive size)

Version v4.10.1

Release Date: 23 May, 2018

New features:

• Data Sanitization engine time-out and retry count is now configurable

• REST API: process info contains the name of the last scanned file when scanning archive file types

• REST API: Configurations that may change the final scan result since the time of processing will be included in the process info response (i.e., outdated definitions)

• Hash based result lookups can be filtered by rule name

Fixed issues:

• Sanitized DB integrity issue

• On the dashboard, category names of doughnut charts were truncated

• In case of archive processing, the "Not scanned" result to a file is not propagated to a higher level (overall verdict)

Version v4.10.0

Release Date: 2 May, 2018

Important:

• Added support for the LDAP directory type

• Syslog messages can now be sent to multiple log aggregators

• MetaDefender installers no longer use eicar test files

New features:

• AD and LDAP directories can now be configured with multiple servers

• Sanitization failures are marked with a badge in the scan session summary

• Admin’s will be notified if a third party solution is blocking MetaDefender from working as expected

• Users can now be granted API keys manually

• Paginated archive results

• HTTPS can now be enabled from web management console

Fixed issues:

• Improved license status info

• In some cases, sanitized files had faulty names

• Suspicious scan results were not always at the top of the list in archive file types

• Inappropriate handling of user rights in the Whitelist page

• AD group members did not have user profiles

• Misleading license information

Version 4.9.1

Release Date: 28 February, 2018

New features:

• New-looking user interface

• Workflows based on the default one (not edited by workflow editor) will be kept and upgraded on version upgrade in the future

• It is allowed blacklisted/whitelisted files to be processed

Fixed issues:

• Security zone: IP address validation

• Cancelled batches are displayed as in-progress

• Removing certificates from the inventory caused policies to disappear

• Memory leak in Node

• Access via Active Directory is not logged

• Sluggish pages under Policy menu

Version 4.9.0

Release Date: 13 December, 2017

New features:

• IPv6 support

• Global whitelist by hash

• Whitelist by file type group

• Display more security related information on dashboard

• Changed default port for external nodes to 8007

• New default security rule for Metadefender Secure File Transfer (SFT)

• Performance tuning of processing history

• Improved resource handling on Node

• On Linux, multiple nginx worker processes for better scaling

Fixed issues:

• Upgrades overwrite existing configuration (IP, port, etc.)

• Resource folder clean up after data sanitization

• Update timing settings affect manual updates

• Poorly handled invalid update files

• Poorly handled UTF-8 characters in output file name for sanitized files

• /hash API can give "in progress" result

Version 4.8.2

Fixed issues:

• Fixed a memory leak caused by failed update download

• Fixed a possible crash issue at Scan history manual cleanup in case of high load

• Fixed a memory leak in case of recurrring failed database deployment on Node

Version 4.8.1

Release Date: 5 October, 2017

New features:

• Improved engine/database update distribution to nodes

• Improved archive extraction limit handling

• Improved engine monitoring

• More precise time duration measurement for requests

• API for canceling scans (file/batch scans)

• Option to disable archive extraction of office documents

• For batch scans, certificate validity interval can be set

• Improved scan result badge

Fixed issues:

• Fixed issue of scans stuck in "in progress" state

• Fixed possible product crash during archive scanning

• Fixed update bug where incorrect packages left behind

• Fixed failed quarantine handling

• Fixed handling unavailable engine during scans

• Scan result JSON now contains file name in UTF-8 format

• Limited number of parallel Post Action and External Scanner scripts

• Archive handling parameters now have upper bound

• Improved archive handling

• Archive related failure handling

Version 4.8.0

New features:

• Quarantine for blocked files

• Scanning files in batch (REST API)

• Certificate and key handling for scan batch signing

• Configurable sanitized file name

• Post action commands gets the result JSON with final verdict included

• Increased scan history export interval

• Improved archive bomb handling

• Added eng_id to scan_results.scan_details (REST API)

• Showing in-progress files in "extracted files" list of archives

• Added "scan_all_result_a" into "extracted_files" (REST API)

Fixed issues:

• Fixed case insensitive username comparison in Active Directory integration

• Process workflow revamped (post actions run every time)

• Fixed non-updated policy user interface after added new user roles

• Fixed handling of database upgrade errors in linux package installers

• Fixed error handling when scan target was sent in the body and via filepath (/file REST API)

• Fixed disconnected ghost node issue displayed on user interface

Version 4.7.2

Issues fixed:

• Fixed bug that could cause policies to not contain any elements and forbid user to create new items

• Fixed bug where Core could download older version of engines where newer one was already downloaded

Version 4.7.1

Issues fixed:

• Fixed upgrade of scan configuration

• Fixed ghost nodes appeared on Inventory→ Nodes page

Version 4.7.0

New features:

• Active Directory integration

• Custom post actions

• Redesigned user interface

• External (customer developed) scanner integrations

• Policies export/import

• Archive sanitization

• Individual log message level override

• Aggregated archive scan result in Scan History

• Self-lockout protection, admins can not delete themselves

• gzip and base64 encoding now supported on /file REST API

• Able to navigate through archive hierarchy

• Timezone changed to local in log messages

• Metadefender Cloud integration hostname changed to api.metadefender.com

Issues fixed:

• Fixed scanning of .lnk files on Windows

• Fixed blacklisting of Unicode filenames

• Automatically downloads packages again if the previous download failed

• Fixed order of extracted files on scan details view

• Fixed rare temporary file leak during archive scan

Version 4.6.3

Issues fixed:

• Improved scan result fetching performance for big archives

Version 4.6.2

Issues fixed:

• Improved archive extraction performance

• Fixed a race condition in /file/<data id> REST API that could provide access error in some cases

• Fixed advanced engine config reload for Data sanitization engine

• Fixed login issue which happened when many login request was initiated concurrently

• Fixed calculation of extracted file count

Version 4.6.1

New features:

• List of path for local filescan can be blacklist / whitelist with specific error message on REST

Issues fixed:

• Invalid external Node listenting IP/port config stops product startup

• Connection to remote syslog is reactivated on network error

• If user has no right to use a rule, following rules in order will still be checked

• sending HEAD request where GET should have been sent will not lead to product crash

• Ensure resource file deletion on Microsoft Windows when a scan engine locks file further than expected

• Scan history CSV export uses comma as separator

• Fixed potential Node service crash when stopping during scanning

• More specific error message when uploaded file size limit exceeded

• Fixed a rare race condition in update downloader component

• Fixed login issue when Core v3 like URL is used by the admin (/management)

Version 4.6.0

New features:

• Multiple user roles introduced with different access rights

• Scan Agent has been renamed to Scan Node

• Role (user group) based rule availability configuration

• Role based scan result visibility with different level of details exposed

• Ability to export part of scan history into STIX/Cybox format

• Ability to export part of scan history into CSV format

• Filter on rule and source added into Scan history

• Configurable lockout feature against brute force login attack

• Official support introduced for Ubuntu 16.04

• Detection threshold (suppress threat detection if less then X engines detected a threat)

• Custom engine configuration via user interface

• Free text search functionality in user guide

• Suspend engine testing/deployment to Node when 3rd party security software blocks access to malware files

• Successful login / unsuccessful login / lockout events are logged

• Option to send engine issue count info during update

• [REST API] /file/{data_id} response for scan results now contain process info block for extracted files

• Initiating local scan is faster as no wait for hashing is required

Issues fixed:

• [REST API] /file/{data_id} blocked reason change to mirror V3 API

• Fixed handling of archive extraction depth

• More flexible and stable internal database upgrade when upgrading product

• Custom engine update timeout increased to one hour to deal with slow engine updates

• Archive engine fixes (non-ASCII filenames in archive)

• Engine handling fixes, improved handling of engine deinitialization

• More precise engine cleanup when removing engines

• Fixed bug where random connections were rejected every 2 min

• Fixed bug regarding updates handling (conflicting names)

• Filesize is now correctly displayed on scan result user interface

• Support package generator now includes auditlog db

Version 4.5.1

Issues fixed:

• Fixed possible crash of Agent when there is database which is handled by engine

• Fixed possible crash of Core that could occur when updating a package

Version 4.5.0

New features:

• Data Sanitization of files to protect against unknown threats

• Filetype mismatch detection

• Improved user interface responsiveness for small screens

• Real filetype based blacklist option in rules/workflows

• Improved licensing for offline deployments

• Added product specific proxy settings in the Linux version

• Advanced configuration for allowed/blocked file scan result types

Issues fixed:

• Fixed local scan option user interface for new rules

• Fixed Scan History auto cleanup collision with manual cleanup

• Potential issue fixed for update file upload

• /apiversion interface is added to easily determine REST API compatibility level

Version 4.4.1

New features:

• Added several features/improvement for better Metadefender Kiosk integration

• Full audit log about any configuration changes via Web user interface or REST API

• Able to disable applying update in user configurable time periods

• Core can act as an update source for OESIS product line

• Detect if the analyzed binary is a part of any vulnerability detection

• Improved scan engine status monitoring and auto recovery

• Custom directory can be set for storing temporary files

• Able to set up apikey for every user for easier REST API integration

• Improved hardware detection in license component

Issues fixed:

• Fixed message content format in Windows Event log

• Fixed system wide proxy usage on Windows

• Improved browser cache handling in case of product upgrades

• Fixed a path specification issue in local file scanning feature on Windows

• Fixed engine counting on Agent details page (do not count utility type engines)

• Fixed lost agent connection handling

• Fixed handling of unsupported Transfer-Encoding on REST API

• Patched internal nginx web server to fix CVE-2016-4450

• Fixed archive timeout handling and user interface

• Fixed scan results in case of archive related findings

• Improved logging of proxy usage

• Improved handling of slow file uploads

• Detailed logging in case of SSL connection issues

• Improved auto-recovery of engines running under Emulated Windows

Version 4.3.0

New features:

• Introduced official support for Microsoft Windows 7 or newer and Microsoft Windows Server 2008 R2 or newer

• Added offline update picker feature to make it easy to apply offline updates without user interaction or scripting

• Able to scan local files stored on server without transferring the content via REST API

• Added hardware related info into generated support package

• Created a framework in Linux version to be able to run Windows scan engines on Linux server

• Option added to log to a remote syslog server

• Inventory / Scan Agents page extended with more detailed agent information

• Parameter workflow renamed to rule in some REST APIs

• Improved system issue notification on Web Management Console

• Added detection of 3rd party anti-malware products that break operation of Metadefender Core

• Improved scan performance of various engine integrations

Issues fixed:

• Improved documentation of multiple REST APIs

• Fixed failed scans during some engine or database update

• Removed unmeaningful database age display of non-anti-malware engines

Version 4.2.0

New features:

• product name has changed to Metadefender Core

• able to use scan results from metadefender.com

• workflow options can be configured from Web Management Console

• workflow options can be overridden from rule editor window

• support for system wide HTTPS proxy

• it is possible to configure maximum file size of scanned files

• filtering security rule by user agent is now possible

• eliminate limitations on the size of scanned files

• improved scan related log messages

• deployment can now be deactivated on the License page

• automatic deployment reactivation of online installations if license becomes invalid

• Metascan v3 URLs (/management and /metascan_rest) are now redirected to the proper v4 URLs

• check disk space before/during scan requests

Issues fixed:

• fixed encrypted communication error with activation server on Ubuntu 12.04

• fixed temporary folder cleanup

• fixed support data collector scripts

• do not download database without the corresponding engine package

• number of engines and maximum file size is now reflect the current status

Version 4.1.0

New features:

• https support for REST API and for Web Management Console

• update history to track every database/engine change

• new option to globally disable or enable specific scan engine

• reworked result page for archive files

• user guide is available within the product

• no scan downtime while updating engine/database (if engine supports)

Issues fixed:

• more descriptive communication error messages instead of error codes in logs

• proper handling of update download issues

• fixed handling of scan engine crashes

• fixed manual update package upload

• fixed unwanted warning message after successful activation

Version 4.0.1

New features:

• new script to help log collection for support

• inform the user if browser is not HTML5 compatible

• show a spinner if loading a page takes too much time

• support lower screen resolution for web interface

• support for non-ascii character filenames in archives

Issues fixed:

• fix stability issue in update downloader

• optimize database queries

• do not check for updates at product startup if auto update is off

• fixed a page auto refresh issue with Internet Explorer

Version 4.0.0

New features:

• Able to to monitor Metascan v4 for Linux instances

• Able to to monitor Metascan v3 for Windows instances

• Collect Files scanned and Infections found stats from managed instances

• Deploy scan engine database updates to Metascan v3 for Windows instances

• Deploy scan engine and scan engine database updates to Metascan v4 for Linux instances