5. Release Notes
Release Date: April 8, 2021
Console Version: 3.6.1
Agent Release Version:
-
Windows persistent agent: 7.6.446.0
-
Windows On-demand agent: 7.3.606.0
-
Debian-based Linux persistent agent: 15.4.23.0
-
Readhat-based Linux persistent agent: 15.6.21.0
Release Updates
MetaAccess Cloud
Bugs fixed:
-
Fixed an issue that multiple devices may share the same device ID in some cases
OPSWAT Client
Windows Persistent Client (7.6.446.0)
1.Enhancement
-
Update blacklist for device identifier.
2. Built-in SDP version: 1.1.7.3867
3. Built-in SDK signature version: 4.3.1748.0
Windows On-demand Client (7.3.606.0)
1.Enhancement
-
Update blacklist for device identifier.
2. Built-in SDK signature version: 4.3.1748.0
Redhat-based Linux persistent Client (15.6.24.0)
-
Enhancement
-
Update blacklist for device identifier.
-
-
Built-in SDK signature version: 4.3.1498.0
Known issues:
-
To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version
-
The agent doesn't have UI/tray icon, the agent only supports command line
Debian-based Linux persistent Client (15.4.26.0)
-
Enhancement
-
Update blacklist for device identifier.
-
-
Built-in SDK signature version: 4.3.1498.0
Release Date: March 16, 2021
Console Version: 3.6.0
Agent Release Version:
-
Windows persistent agent: 7.6.441.0
-
Windows On-demand agent: 7.3.598.0
-
macOS persistent agent: 10.4.317.0
-
macOS on-demand agent: 10.5.250.0
-
Debian-based Linux persistent agent: 15.4.23.0
-
Readhat-based Linux persistent agent: 15.6.21.0
Release Updates
MetaAccess Cloud
1. Policies:
-
Added a new scan option, Boot Sectors, to Device Scan in a policy.
2. Secure Access:
-
Added a new setting, Visible to Users, for a SDP protected app to make the app visible or invisible to end-users
-
Allow admins to assign users/group when the admin edits an app
-
Enhance user experience when a user adds/edits a protected app
3. Endpoint Vulnerability
-
Admins can whitelist CVEs for specific devices
-
Admins can view CVEs associated to a Linux device
4. Settings:
-
Add a new setting " Allow agents to automatically update the agent SDK to the latest version" at an Account level (Settings > Global >Device Agents > Agent) and a Group level (a group > Settings > Agent) to allow admins to control SDK upgrade on devices
5. OAuth API
-
Enhance user experience for OAuth Portal
6. Other enhancements:
-
Added details on what missing patches a user should patch on their device to be complied with a policy
-
Policy Check API will return a device status as Non-compliant if it finds at least one Non-compliant device that associates with a queried MAC address
-
The system will record a log event when an admin fails to log in through OPSWAT SSO based on customers' request.
-
Allow admins to perform an on-demand compliance check on devices that run the OPSWAT On-demand Client.
-
Datetime on event logs is shown up to seconds
7. Bugs fixed:
-
The email notification when a device report malwares was not in a correct format
-
The system didn't update last login time for an admin user correctly when the admin switches to a managed account
-
The system didn't send out an email notification when an admin updates a group's settings.
OPSWAT Client
Windows Persistent Client (7.6.441.0)
1. The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account
2. Support users to scan files/folder with MetaDefender from command line
3. Support malware scan with MetaDefender on boot sectors
5. Bugs fixed:
-
The client could not upgrade itself sometimes.
-
The Cross-domain API didn't work well when a user have not rebooted a device for a long time.
-
SDP service was auto-restarted once a day.
6. Built-in SDP version: 1.1.7.3867
7. Built-in SDK signature version: 4.3.1748.0
Known issues:
- Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version
- If a user exits the agent tray icon, the agent can’t popup approved actions when a user inserts a portable media
- A user needs to enable Show Notifications on the agent tray icon to see notifications about portable media
- The agent has not supported portable media feature if user 2 logs into a device while user 1 is still logged in
- OPSWAT Client does not support iTunes drive. If a user inserts an iOS device on an endpoint which has iTunes installed, the user will still have access to the phone via iTunes
- OPSWAT Client can't detect mobile devices, the user needs to unplug and plug in the mobile device again
Windows On-demand Client (7.3.598.0)
-
Add new CLI arguments
-
/compliance_check <value>: specifies which compliance check (health check, scan malware with MetaDefender, patch management) the client should do when a user runs the client with the runonce option.
-
/notrayicon: tells the client to hide the OPSWAT Client tray icon
-
-
Support on-demand compliance check triggered from MetaAccess/OPSWAT Central Management console.
-
Support malware scan with MetaDefender on boot sectors
-
Bugs fixed:
-
The client failed to start if a product name in the runwhile option has spaces
-
The Cross-domain API didn't work well when a user have not rebooted a device for a long time.
-
-
Built-in SDK signature version: 4.3.1748.0
macOS Persistent Client (10.4.317.0)
-
The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account
-
Built-in SDP version: 1.1.1.29
-
Built-in SDK signature version: 4.3.1532.0
macOS On-demand Client (10.5.250.0)
-
Add new CLI arguments
-
/compliance_check <value>: specifies which compliance check (health check, scan malware with MetaDefender, patch management) the client should do when a user runs the client with the runonce option.
-
/notrayicon: tells the client to hide the OPSWAT Client tray icon
-
/skip_request_files_permission <0|1>: tells the client to skip requesting permission from users
-
-
Support on-demand compliance check triggered from MetaAccess/OPSWAT Central Management console.
-
Built-in SDK signature version: 4.3.1532.0
Redhat-based Linux persistent Client (15.6.21.0)
-
The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account
-
Bugs fixed:
-
The client didn't stop custom check when the script is timeout
-
-
Built-in SDK signature version: 4.3.1304.0
Known issues:
-
To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version
-
The agent doesn't have UI/tray icon, the agent only supports command line
Debian-based Linux persistent Client (15.4.23.0)
-
The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account
-
Bugs fixed:
-
The client didn't stop custom check when the script is timeout
-
-
Built-in SDK signature version: 4.3.1304.0
Known issues:
-
To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version
-
The agent doesn't have UI/tray icon, the agent only supports command line