4. Release Notes

Minimum OS versions for OPSWAT Client are Windows 7, Windows Server 2008, and macOS Mavericks (10.9). Prior OS versions are not supported

Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version

Upcoming Release: June 02, 2020

Console Version: 2.8.0

Agent Release Version:

  • Windows persistent agent: 7.6.300.0

  • Windows On-demand agent: 7.3.486.0

  • macOS persistent agent: 10.4.283.0

  • macOS on-demand agent: 10.5.212.0

  • Debian-based Linux persistent agent: 15.4.13.0

  • Readhat-based Linux persistent agent: 15.6.10.0

Release Updates

MetaAccess Cloud

1. Updated Threat Detection with MetaDefender Cloud based-on MetaAccess Tier. If an account is a Free account, MetaDefender Cloud is not available for multi-scanning feature and policies which configured scan source for Threat Detection as MetaDefender Cloud will be considered as an invalid policy. However, you can use your own MetaDefender Core server for this feature.

  • Fix the policies before making any changes to the policies. Otherwise, you couldn't save your changes. Check out our KB to know how to to fix invalid policies.

  • OPSWAT Client will NOT scan a device as its policy and the system will not process any threat reports from the device if the policy is invalid.

  • You will get an error when you send an on-demand threat scan from the console to devices which assigned to an invalid policy

images/download/attachments/6073729/image2020-5-29_13-16-20.png

  • Administrators will see an error banner notification that indicates what policies are invalid.

images/download/attachments/6073729/banner_notifications.png

  • The Policies page also marks invalid policies with a red dot

images/download/attachments/6073729/image2020-5-29_13-12-33.png

2. Added more options to a rebranding package to allow administrators to customize the below information on remediation pages

  • customcheck_output_message: when this element is set, an output message from a custom script will be exposed to end-users on the remediation page when a device failed the script. Otherwise ("customcheck_output_message":""), the output message will not be shown to the end-users.

  • device_info: administrators can show any device information by setting a value for an element in the device_info object or leaving it blank to hide it.

  • font_family: customize a font family for text on the remediation page.

3. Minor enhancements

  • added "Device Group" into email notifications for device events

4. Bug fixes:

  • A device didn't fetch a new custom script if it is assigned to a new device group

  • Device Inventory report format was broken if a device's system information has special characters

  • Vulnerabilities assessment was wrong for Cisco Jabber product on macOS.

OPSWAT Client

Windows Persistent Client (7.6.300.0)

1. Added support encrypted media for the Removable media protection feature.

- Tested point: USB is encrypted by Microsoft BitLocker To Go using a password. A user will be asked for a password to unlock the USB when he/she performs an action with the USB for the first time.

2. Minor enhancements

- The agent will resume a threat scan if the agent was restarted for some reason while the threat scan has not done yet.

3. Bug Fixed:

- OPSWAT Client got stuck if MetaDefender Core or MetaDefender Vault is expired

- The client reported wrong lock screen timeout on Windows 10

4. Updated built-in SDK signature: 4.3.1280.0

Known issues:

- Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version

- If a user exits the agent tray icon, the agent can’t popup approved actions when a user inserts a portable media

- A user needs to enable Show Notifications on the agent tray icon to see notifications about portable media

- The agent has not supported portable media feature if user 2 logs into a device while user 1 is still logged in

- OPSWAT Client does not support iTunes drive. If a user inserts an iOS device on an endpoint which has iTunes installed, the user will still have access to the phone via iTunes

- OPSWAT Client can't detect mobile devices, the user needs to unplug and plug in the mobile device again

Windows On-demand Agent (7.3.486.0)

1. Added a new argument, runwhile, to CLI to allow the client to run while specified criteria still meet.

2. Minor enhancements:

- Always notify users if the client runs an outdated version based on the configuration on an account even the user turns off notifications on the client's tray icon

3. Bugs fixed:

- The client reported wrong lock screen timeout on Windows 10

4. Updated built-in SDK signature: 4.3.1280.0

macOS Persistent Agent (10.4.283.0)

1. Updated built-in SDK signature: 4.3.1210.0

macOS on-demand Agent (10.5.212.0)

1. Added a new argument, runwhile, to CLI to allow the client to run while specified criteria still meet.

2. Minor enhancements:

- Always notify users if the client runs an outdated version based on the configuration on an account even the user turns off notifications on the client's tray icon

3. Updated built-in SDK signature: 4.3.1210.0

Redhat-based Linux persistent Agent (15.6.10.0)

  1. The client can now upgrade product definition SDK separately

  2. Bugs fixed

    • The agent could not enroll in an account on a cloned Suse 12 machine.

    • The agent did not report device type in compliance reports

  3. Built-in SDK signature: 4.3.1055.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line

Debian-based Linux persistent Agent (15.4.13.0)

  1. The client can now upgrade product definition SDK separately

  2. Bugs fixed

    • The agent could not report services and packages on Ubuntu 19.10

    • The agent did not report device type in compliance reports

    • The agent is reported error by Debian policies checkers

  3. Built-in SDK signature: 4.3.1055.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line

Release Date: April 28, 2020

Console Version: 2.7.1

Agent Release Version:

  • Windows persistent agent: 7.6.281.0

  • Windows On-demand agent: 7.3.478.0

  • macOS persistent agent: 10.4.279.0

  • macOS on-demand agent: 10.5.209.0

  • Debian-based Linux persistent agent: 15.4.12.0

  • Readhat-based Linux persistent agent: 15.6.9.0

Release Updates

MetaAccess Cloud

1. Administrators can now export a policy to a json file.

images/download/attachments/6073729/export_policy.png

2. Administrators can enable/disable showing a notification when a user installs a new applications on Android phone at Settings > Global Settings > Device Agents > Notifications to users. By default, this setting is enabled. This is only applicable for Android agent version 2.55.33 or newer.

images/download/attachments/6073729/image2020-4-23_22-1-32.png

3. Minor changes

  • Add one more event to trigger a webhook call: Device changes status to Exempted. This event trigger is disabled by default.

  • Support administrators perform an on-demand compliance check for Linux devices. This action is only applicable for Linux agent version 15.4.11.0/15.6.9.0 or newer.

4. Bug fixes:

  • Device name was not updated accordingly when a device reports a new hostname even no admins manually update the device name.

  • A free account couldn't enable cross-domain API setting.

OPSWAT Client

Windows Persistent Client (7.6.281.0)

1. Enhanced the client to not load its driver if a policy, that the device is assigned to, doesn't enable removable media protection settings.

2. Enhanced user experience with one recheck devices if a device reports any issue.

- This option is not available if the device has no issue.

- When a user performs this action, the client only re-checks issues on the device.

images/download/attachments/6073729/image2020-4-24_14-47-35.png

3. Bug Fixed:

- OPSWAT Client couldn't upgrade due to its service couldn't stop completely.

4. Updated built-in SDK signature: 4.3.1265.0

Known issues:

- Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version

- If a user exits the agent tray icon, the agent can’t popup approved actions when a user inserts a portable media

- A user needs to enable Show Notifications on the agent tray icon to see notifications about portable media

- The agent has not supported portable media feature if user 2 logs into a device while user 1 is still logged in

- OPSWAT Client does not support iTunes drive. If a user inserts an iOS device on an endpoint which has iTunes installed, the user will still have access to the phone via iTunes

- OPSWAT Client can't detect mobile devices, the user needs to unplug and plug in the mobile device again

Windows On-demand Agent (7.3.478.0)

1. Enhanced user experience with one recheck devices if a device reports any issue.

- This option is not available if the device has no issue.

- When a user performs this action, the client only re-checks issues on the device.

2. Updated built-in SDK signature: 4.3.1265.0

macOS Persistent Agent (10.4.279.0)

1. Enhanced user experience with one recheck devices if a device reports any issue.

- This option is not available if the device has no issue.

- When a user performs this action, the client only re-checks issues on the device.

2. Updated built-in SDK signature: 4.3.1151.0

macOS on-demand Agent (10.5.209.0)

1. Enhanced user experience with one recheck devices if a device reports any issue.

- This option is not available if the device has no issue.

- When a user performs this action, the client only re-checks issues on the device.

2. Updated built-in SDK signature: 4.3.1151.0

Redhat-based Linux persistent Agent (15.6.9.0)

  1. Bugs fixed

    • The agent reported the same device ID for devices that cloned from a same golden image

  2. Built-in SDK signature: OESIS 4.3.1017.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line

Debian-based Linux persistent Agent (15.4.12.0)

  1. Enhanced the client to align with Debian policy

  2. Bugs fixed

    • The agent reported the same device ID for devices that cloned from a same golden image

  3. Built-in SDK signature: OESIS 4.3.1017.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line