5. Release Notes

Release Date: April 8, 2021

Console Version: 3.6.1

Agent Release Version:

  • Windows persistent agent: 7.6.446.0

  • Windows On-demand agent: 7.3.606.0

  • Debian-based Linux persistent agent: 15.4.23.0

  • Readhat-based Linux persistent agent: 15.6.21.0

Release Updates

MetaAccess Cloud

Bugs fixed:

  • Fixed an issue that multiple devices may share the same device ID in some cases

OPSWAT Client

Windows Persistent Client (7.6.446.0)

1.Enhancement

  • Update blacklist for device identifier.

2. Built-in SDP version: 1.1.7.3867

3. Built-in SDK signature version: 4.3.1748.0

Windows On-demand Client (7.3.606.0)

1.Enhancement

  • Update blacklist for device identifier.

2. Built-in SDK signature version: 4.3.1748.0

Redhat-based Linux persistent Client (15.6.24.0)

  1. Enhancement

    • Update blacklist for device identifier.

  2. Built-in SDK signature version: 4.3.1498.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line

Debian-based Linux persistent Client (15.4.26.0)

  1. Enhancement

    • Update blacklist for device identifier.

  2. Built-in SDK signature version: 4.3.1498.0

Release Date: March 16, 2021

Console Version: 3.6.0

Agent Release Version:

  • Windows persistent agent: 7.6.441.0

  • Windows On-demand agent: 7.3.598.0

  • macOS persistent agent: 10.4.317.0

  • macOS on-demand agent: 10.5.250.0

  • Debian-based Linux persistent agent: 15.4.23.0

  • Readhat-based Linux persistent agent: 15.6.21.0

Release Updates

MetaAccess Cloud

1. Policies:

  • Added a new scan option, Boot Sectors, to Device Scan in a policy.

images/download/attachments/7612387/image2021-3-11_17-32-6.png

2. Secure Access:

  • Added a new setting, Visible to Users, for a SDP protected app to make the app visible or invisible to end-users

  • Allow admins to assign users/group when the admin edits an app

  • Enhance user experience when a user adds/edits a protected app

images/download/attachments/7612387/image2021-3-11_20-50-36.png

3. Endpoint Vulnerability

  • Admins can whitelist CVEs for specific devices

images/download/attachments/7612387/image2021-3-11_16-41-53.png

  • Admins can view CVEs associated to a Linux device

images/download/attachments/7612387/image2021-3-12_15-7-18.png

4. Settings:

  • Add a new setting " Allow agents to automatically update the agent SDK to the latest version" at an Account level (Settings > Global >Device Agents > Agent) and a Group level (a group > Settings > Agent) to allow admins to control SDK upgrade on devices

images/download/attachments/7612387/image2021-3-11_16-51-0.png

5. OAuth API

  • Enhance user experience for OAuth Portal

6. Other enhancements:

  • Added details on what missing patches a user should patch on their device to be complied with a policy

images/download/attachments/7612387/image2021-3-11_10-22-21.png

  • Policy Check API will return a device status as Non-compliant if it finds at least one Non-compliant device that associates with a queried MAC address

  • The system will record a log event when an admin fails to log in through OPSWAT SSO based on customers' request.

  • Allow admins to perform an on-demand compliance check on devices that run the OPSWAT On-demand Client.

  • Datetime on event logs is shown up to seconds

7. Bugs fixed:

  • The email notification when a device report malwares was not in a correct format

  • The system didn't update last login time for an admin user correctly when the admin switches to a managed account

  • The system didn't send out an email notification when an admin updates a group's settings.

OPSWAT Client

Windows Persistent Client (7.6.441.0)

1. The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account

2. Support users to scan files/folder with MetaDefender from command line

3. Support malware scan with MetaDefender on boot sectors

5. Bugs fixed:

  • The client could not upgrade itself sometimes.

  • The Cross-domain API didn't work well when a user have not rebooted a device for a long time.

  • SDP service was auto-restarted once a day.

6. Built-in SDP version: 1.1.7.3867

7. Built-in SDK signature version: 4.3.1748.0

Known issues:

- Windows 7 and Windows Server 2008 devices must install KB2533623 and KB3033929 in order to upgrade to the latest version

- If a user exits the agent tray icon, the agent can’t popup approved actions when a user inserts a portable media

- A user needs to enable Show Notifications on the agent tray icon to see notifications about portable media

- The agent has not supported portable media feature if user 2 logs into a device while user 1 is still logged in

- OPSWAT Client does not support iTunes drive. If a user inserts an iOS device on an endpoint which has iTunes installed, the user will still have access to the phone via iTunes

- OPSWAT Client can't detect mobile devices, the user needs to unplug and plug in the mobile device again

Windows On-demand Client (7.3.598.0)

  1. Add new CLI arguments

    • /compliance_check <value>: specifies which compliance check (health check, scan malware with MetaDefender, patch management) the client should do when a user runs the client with the runonce option.

    • /notrayicon: tells the client to hide the OPSWAT Client tray icon

  2. Support on-demand compliance check triggered from MetaAccess/OPSWAT Central Management console.

  3. Support malware scan with MetaDefender on boot sectors

  4. Bugs fixed:

    • The client failed to start if a product name in the runwhile option has spaces

    • The Cross-domain API didn't work well when a user have not rebooted a device for a long time.

  5. Built-in SDK signature version: 4.3.1748.0

macOS Persistent Client (10.4.317.0)

  1. The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account

  2. Built-in SDP version: 1.1.1.29

  3. Built-in SDK signature version: 4.3.1532.0

macOS On-demand Client (10.5.250.0)

  1. Add new CLI arguments

    • /compliance_check <value>: specifies which compliance check (health check, scan malware with MetaDefender, patch management) the client should do when a user runs the client with the runonce option.

    • /notrayicon: tells the client to hide the OPSWAT Client tray icon

    • /skip_request_files_permission <0|1>: tells the client to skip requesting permission from users

  2. Support on-demand compliance check triggered from MetaAccess/OPSWAT Central Management console.

  3. Built-in SDK signature version: 4.3.1532.0

Redhat-based Linux persistent Client (15.6.21.0)

  1. The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account

  2. Bugs fixed:

    • The client didn't stop custom check when the script is timeout

  3. Built-in SDK signature version: 4.3.1304.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line

Debian-based Linux persistent Client (15.4.23.0)

  1. The agent auto-upgrades SDK based on the SDK auto-upgrade setting on an account

  2. Bugs fixed:

    • The client didn't stop custom check when the script is timeout

  3. Built-in SDK signature version: 4.3.1304.0

Known issues:

  • To upgrade to this version from version 15.x.y.1/14.x.y.0, a user needs to uninstall old Linux agent version and reinstall this version

  • The agent doesn't have UI/tray icon, the agent only supports command line