4. Release Notes

Minimum OS versions for MetaAccess Agents are Windows 7, Windows Server 2008, and macOS Mavericks (10.9). Prior OS versions are not supported

Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version

Release Date: January 07, 2020

Console Version: 2.5.0

Agent Release Version:

  • Windows persistent agent: 7.6.260.0

  • Windows On-demand agent: 7.3.457.0

  • macOS persistent agent: 10.4.264.0

  • macOS on-demand agent: 10.5.195.0

  • Debian-based Linux persistent agent: 15.4.8.0

  • Readhat-based Linux persistent agent: 15.6.5.0

Release Updates

MetaAccess Cloud

1. MetaAccess enhanced policy configuration to allow administrators to configure more granular policies for each operating system and focus on security requirements at an organization. With this enhancement, admin can hide categories that they don't want to monitor.

images/download/attachments/1946904/image2019-12-27_13-54-49.png

The below tables show a mapping from the current policy to a new policy structure after the release.

Windows and macOS

Categories

Policy Before the release

Policy After the release

Note

Windows

macOS

Vulnerabilities And Exposures

Patch Management

User Authentication

Antiphishing

Backup

Firewall

Hard Drive

Unwanted Applications

security requirements will be duplicated for Windows and macOS

 

Anti-Malware

Disabled/Enabled: No anti-maleware application is installed

  • Require a specific anti-malware product

images/download/attachments/1946904/image2019-12-27_16-19-28.png

Disabled/Enabled: No anti-maleware application is installed

  • Require a specific anti-malware product

images/download/attachments/1946904/image2019-12-27_16-19-9.png

Disabled/Enabled: No anti-maleware application is installed

  • Require a specific anti-malware product

images/download/attachments/1946904/image2019-12-27_16-18-43.png

 

Encryption

Disabled/Enabled: No encryption application is installed

  • Require a specific encryption product

images/download/attachments/1946904/image2019-12-27_16-21-50.png

Disabled/Enabled: No encryption application is installed

  • Require a specific encryption product

images/download/attachments/1946904/image2019-12-27_16-23-9.png

Disabled/Enabled: No encryption application is installed

  • Require a specific encryption product

images/download/attachments/1946904/image2019-12-27_16-23-42.png

 

Operating System

Disabled/Enabled: Device is not running an approved operating system version:

  • Allow at least/any Windows release version x.

  • Allow at least/any macOS version y

images/download/attachments/1946904/image2019-12-27_15-56-48.png

Disabled/ Enabled: Device is not running an approved operating system version:

  • Allow at least/anyWindows release version x.

images/download/attachments/1946904/image2019-12-26_14-41-29.png

Disabled/ Enabled: Device is not running an approved operating system version :

  • Allow at least/any macOS version y

images/download/attachments/1946904/image2019-12-26_14-41-46.png

Requirement: "Device has not been rebooted in over X day(s)" will be duplicated.

Disabled/Enabled: Device is not running an approved operating system version:

  • Allow at least/any Windows release version x.

images/download/attachments/1946904/image2019-12-27_16-0-17.png

Disabled/ Enabled: Device is not running an approved operating system version:

  • Allow at least/anyWindows release version x.

images/download/attachments/1946904/image2019-12-26_14-40-36.png

Disabled : Device is not running an approved operating system version :

  • Allow at least macOS version 10.9

images/download/attachments/1946904/image2019-12-26_14-37-22.png

Disabled/Enabled: Device is not running an approved operating system version:

  • Allow at least/any macOS version y

images/download/attachments/1946904/image2019-12-27_16-0-46.png

Disabled : Device is not running an approved operating system version:

  • Allow at least Windows release version 6.1.

images/download/attachments/1946904/image2019-12-26_14-37-42.png

Disabled/ Enabled: Device is not running an approved operating system version :

  • Allow at least/any macOS version y

images/download/attachments/1946904/image2019-12-26_14-38-10.png

Custom Check

Enabled: Script returns false
- disabled: PowerShell script for Windows devices
- enabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_14-48-15.png

Disabled: Script returns false
- disabled: PowerShell script for Windows devices

images/download/attachments/1946904/image2019-12-26_15-17-56.png

Enabled: Script returns false
- enabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_15-20-38.png

Scripts will be copied over each OS.

Enabled: Script returns false
- enabled: PowerShell script for Windows devices
- disabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_14-49-11.png

Enabled: Script returns false
- enabled: PowerShell script for Windows devices

images/download/attachments/1946904/image2019-12-26_15-18-18.png

Disabled: Script returns false
- disabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_15-21-32.png

 

Enabled: Script returns false
- enabled: PowerShell script for Windows devices
- enabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_14-49-32.png

Enabled: Script returns false
- enabled: PowerShell script for Windows devices

images/download/attachments/1946904/image2019-12-26_15-18-43.png

Enabled: Script returns false
- enabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_15-21-11.png

 

Disabled: Script returns false
- enabled/disabled: PowerShell script for Windows devices
- enabled/disabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_15-10-57.png

Disabled: Script returns false
- enabled/ disabled: PowerShell script for Windows devices

images/download/attachments/1946904/image2019-12-26_15-19-39.png

Disabled: Script returns false
- enabled/disabled: Shell script for macOS devices

images/download/attachments/1946904/image2019-12-26_15-21-38.png

 

Android and iOS

Categories

Policy Before the release

Policy After the release

Note

Android

iOS

Security & Health

security requirements will be duplicated for Android and iOS

 

Suspicious IP Connections

Enabled/Disabled: On-demand scan for suspicious IP connections

images/download/attachments/1946904/image2019-12-26_15-27-9.png

Enabled/Disabled: On-demand scan for suspicious IP connections

images/download/attachments/1946904/image2019-12-26_15-27-24.png

None

 

Linux

Security requirements will be copied over for Linux

2. MetaAccess supports administrators to whitelist vulnerabilities which are associated with specific applications. This whitelist will be applied to all policies on an account.

images/download/attachments/1946904/image2019-12-26_15-32-26.png

3. Minor changes:

  • added "Enrolled At" information into a device report when an administrator exports devices from the MetaAccess console

OPSWAT Client

Windows Persistent Client (7.6.260.0)

1. Bugs Fixed:

- OPSWAT Gears Helper service was crashed during the auto-update check process

- Stop malware scanning if the agent fails to authenticate with MetaDefender server for some reason, such as MetaDefender Cloud API key is invalid.

- Report last scan time as empty instead of 01/01/1970 if the agent fails to detect the last scan time of a local anti-malware product.

- The agent is crashed when copying files from a removable media to a defined path if the defined path is set as "/" on a policy.

2. Updated built-in SDK signature: 4.3.1053.0

Known issues:

- Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version

- If a user exits the agent tray icon, the agent can’t popup approved actions when a user inserts a portable media

- A user needs to enable Show Notifications on the agent tray icon to see notifications about portable media

- The agent has not supported portable media feature if user 2 logs into a device while user 1 is still logged in

- OPSWAT Client does not support iTunes drive. If a user inserts an iOS device on an endpoint which has iTunes installed, the user will still have access to the phone via iTunes

- OPSWAT Client can't detect mobile devices, the user needs to unplug and plug in the mobile device again

Windows On-demand Agent (7.3.449.0)

1. Bugs fixed

- Stop malware scanning if the agent fails to authenticate with MetaDefender server for some reason, such as MetaDefender Cloud API key is invalid.

- Report last scan time as empty instead of 01/01/1970 if the agent fails to detect the last scan time of a local anti-malware product.

- Only show the remediation page once instead of twice if runone mode is specified and it requires the agent shows the remediation page

2. Updated built-in SDK signature: 4.3.1053.0

macOS Persistent Agent (10.4.264.0)

1. Bugs fixed:

- The agent only performs one malware scan instead of twice when a user clicks Scan Threats from the tray icon

2. Minor enhancement

- Do not show UI when UI setting is enabled

3. Updated built-in SDK signature: 4.3.959.0

macOS on-demand Agent (10.5.195.0)

1. Bugs fixed:

- The agent only performs one malware scan instead of twice when a user clicks Scan Threats from the tray icon

2. Updated built-in SDK signature: 4.3.959.0

Redhat-based Linux persistent Agent (15.6.5.0)

  1. Built-in SDK signature: 4.3.859.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line

Debian-based Linux persistent Agent (15.4.8.0)

  1. Built-in SDK signature: OESIS 4.3.859.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line