Monthly Release Notes - December 2024
Cobalt Strike
Version: 4.10.1
December 10, 2024
Fixes
- Fixed issues when the client is connected to multiple team servers and generating payloads.
-
Fixed issue with WinHTTP beacon truncating the user agent field when using a user defined proxy server.
-
Fixed issue with x86 beacons crashing when using the indirect syscall method.
Digital Guardian
Agent for Windows
Version: 9.0.0
December, 2024
New Features
-
Certified support for manifest.xml configurations compliant with v5 operating system standards.
-
The new Outlook Add-in now includes support for shared mailboxes by enabling the <SupportsSharedFolders> configuration tag in the v5 manifest.xml.
-
The legacy implementation of the Process Flags File (PFF) on current Windows OS versions stored process names in a 16-character array; so the process name was limited to 14 or 15 characters plus the terminating null character. If a process name was longer than 15 characters, it was automatically truncated to 15 characters. There are two significant limitations to this scheme:
-
Many process executables have names longer than 14 or 15 characters
-
Cannot specify a path with the process name
To remove these limitations, full path process flags add the following process flag entry capabilities if you use Agent for Windows 9.or later:
-
Allows full path process name process flags (<drive>:\<directories>\<processname>.<extension>) up to 260 characters—259 characters plus the terminating null character.
-
Allows processname.extension to be up to 259 characters if you do not include the full path to the process in the flag entry.
-
Allows process names with hard-coded local paths, which have the format:
<drive>:\<directories>\<processname>.<extension> where <drive> is a single drive letter, <directories> is a hardcoded directory path, and <processname>.<extension> may not contain wildcards.
-
-
Allows multiple process flag entries with the same <processname>.<extension>, but different <drive>:\<directories>\ paths in the process flags file.
-
Provides backward compatibility with existing PFFs, specifically wildcards in process names and 14- and 15-character truncated process names.
For more details, refer to “Process Flags” section in Digital Guardian Management Console User Guide.
-
Digital Guardian Agent by Fortra has updated its MIP SDK from version 1.13.182 to 1.14.128.
Enhancements
-
MicroFocus is now OpenText, and the EDK (or Eduction) and Keyview ACI Engines have been upgraded from version 12.12 to 23.4.1.
Fixes
-
If the uninstall password contains an ampersand character ("&"), the uninstallation process fails. However, this issue has now been resolved, and the fix correctly handles XML-specific special characters such as <, >, ', ", and &, making the uninstallation successful.
-
The agent uninstallation using DGAgentInstaller.exe previously failed with a usage error due to the execution of an invalid msiexec command based on the parameters documented in the DGMC User's Guide. This issue has now been resolved.
-
An issue was identified where a large 300k data dictionary file took a long time to compile with DGAgent. This issue has been resolved, and the file now compiles in just a matter of seconds.
-
The DG Agent installation was unsuccessful via command line if the certificate path or certificate GUID path contained spaces. However, this issue is now resolved, and the DG Agent can be installed successfully.
Agent for Linux
Version: 9.1.0
December, 2024
New Features
-
Certification for Additional Kernels
This table lists the additional certified Linux kernels for Red Hat Enterprise Linux (RHEL) and Ubuntu in this release. Refer to Agent for Linux User's Guide for details about the packages required to support the new kernel versions for the Agent. Refer to Agent_for_Linux_v7.4.x_and_later_RHEL_Certified_Environments and Agent_for_Linux_v7.4.x_and_later_Ubuntu_Certified_Environments for complete lists of supported RHEL and Ubuntu kernels.
|
Distribution |
Version |
Architecture |
Kernel |
|---|---|---|---|
| RHEL | 9.5 | 64-Bit | kernel-5.14.0-503.14.1.el9_5 |
| RHEL | 9.4 | 64-Bit | kernel-5.14.0-427.44.1.el9_4 |
| RHEL | 9.4 | 64-Bit | kernel-5.14.0-427.42.1.el9_4 |
| RHEL | 9.4 | 64-Bit | kernel-5.14.0-427.40.1.el9_4 |
| RHEL | 9.2 | 64-Bit | kernel-5.14.0-284.92.1.el9_2 |
| RHEL | 9.2 | 64-Bit | kernel-5.14.0-284.90.1.el9_2 |
| RHEL | 9.2 | 64-Bit | kernel-5.14.0-284.88.1.el9_2 |
| RHEL | 8.10 | 64-Bit | kernel-4.18.0-553.27.1.el8_10 |
| RHEL | 8.8 | 64-Bit | kernel-4.18.0-477.75.1.el8_8 |
| Ubuntu | 22.04 | 64-Bit | linux-image-6.8.0-49-generic |
| Ubuntu | 22.04 | 64-Bit | linux-image-6.8.0-48-generic |
| Ubuntu | 22.04 | 64-Bit | linux-image-6.8.0-47-generic |
| Ubuntu | 22.04 | 64-Bit | linux-image-5.15.0-125-generic |
| Ubuntu | 22.04 | 64-Bit | linux-image-5.15.0-124-generic |
| Ubuntu | 20.04 | 64-Bit | linux-image-5.15.0-125-generic |
| Ubuntu | 20.04 | 64-Bit | linux-image-5.15.0-124-generic |
| Ubuntu | 20.04 | 64-Bit | linux-image-5.4.0-200-generic |
| Ubuntu | 20.04 | 64-Bit | linux-image-5.4.0-198-generic |
Fixes
-
No issues are resolved in this release.
Document Management (RJS)
Webdocs for IBM i
Version: 4.03
December 10, 2024
Enhancements
- Updated user interface to more closely match other Fortra products. Increased accessibility with text scaling and screen reader capabilities.
- Added ability to customize the logging to use any HTTP header specified for the user's IP Address to aid in load balancer and firewall scenarios.
- Updated documentation with new screen shots.
Fixes
- Modified logout procedure to log user out of all sessions across all devices for better security practices.
Globalscape
EFT
v8.2.1.33
Dec 4, 2024
Fixes
Event Rules
-
Fixed an issue where under certain conditions in EFT 8.2.0/8.2.1 event rules with PowerShell-embedded scripts could cause a memory leak
SFTP
-
Fixed an issue where SSH connections from WinSCP versions 6.2.1 - 6.3.5 failed to connect to EFT 8.2.1 due to OpenSSH 9.5 and WinSCP's integration of Putty 0.81
-
Fixed an issue where OpenSSH PowerShell client version 8.9 or higher using an SSH key would fail to connect to EFT 8.2.1
-
Fixed an issue where high loads of SSH protocol transfers in EFT 8.2.1 could cause EFT to crash
-
Fixed an issue where EFT (all versions) did not correctly report the SSH offering as SHA-2 when using a SHA-2 SSH site key
RAM
-
Upgrading from EFT v8.2.0 or v8.2.1 with RAM configured will require manual upgrades on Remote Agents; this does not affect upgrades from EFT 8.1.x
Powertech
Encryption for IBM i
Version 4.03
December 3, 2024
New Features
-
The Master Encryption Key commands (LODMSTKEY, SETMSTKEY, DSPMSTKEY, CLRMSTKEY) now offer better support for the scenario of testing the Master Encryption Key passphrases. They support a new *TEST setting, which gives the ability to safely test loading and setting passphrases. When the *TEST key is displayed, then you can use the comparison value to if the *TEST key matches the MEK on a different system, without setting the MEK.
Enhancements
-
Warning messages will now be issued when symmetric keys are created or changed and the logging option is enabled for the data encryption and/or data decryption. The warning messages point out the potentially strong overhead that the use of those options can create.
-
The installer now runs additional pre-checks if Powertech Encryption is being updated from a version prior to 4.0.
-
Improved support for External Key Managers
-
Added diagnostic messages for scenarios where the connection between Powertech Encryption and an External Key Manager fails. This helps to better identify if there are network latency or setup issues when TLS/SSL is used. Information in these messages includes the GSKIT error return code, identifying the source of the failed connection.
-
Added new functionality to allow the user to configure timeout values for the connection between Powertech Encryption and the External Key Manager. This gives users the ability to extend the timeout. The new command; ‘Change EKM Timeout Value’ (CHGTIMEOUT), has been added for this purpose.
-
-
Powertech Encryption Backup and Restore Encryption commands now support a "Private authorities" option corresponding to the option on the IBM i backup and restore commands; ENCSAVLIB, DECRSTLIB, ENCSAVOBJ, DECRSTOBJ, ENCSTMF, DECSTMF.
-
License expiration messages now follow the configured system date format.
-
The live Partition Mobility feature has a new command (ADDLPMEXT) to automate the setup of exit point programs.
-
Improved security for the use of CRRP015 and a new audit category value of 79 has been added.
Fixes
-
Fixed an issue where programs were not resolving to the CRYPTO library correctly.
-
The WRKFILFLDS command has been modified to refresh masking values when adding multiple field encryption entries to a file.
-
The store procedure P_GetFldIdx has improved efficiency when retrieving the field id if multiple keys are used on a field.
-
When the Translate Field Encryption Keys (TRNFLDKEYF) command was used after the key for a field encryption entry had been changed, a wrong key was applied. This has been fixed.
-
The CRYPTO main menu function key (F9) for the previous command retrieval has been corrected.
-
The handling of removing exit point programs for the Powertech Encryption uninstaller has been improved.
-
The field procedure second level text for the SQL return error for numeric values has been improved to include full text for the Powertech Encryption error message.
Titus
DCS Policy Manager (On-premises)
Version 5.0
December 3, 2024
New Features
-
DCS Policy Manager allows administrators to create configurations in the DCS Console portal so users can identify and label sensitive information in a DCS client product. DCS for Windows is supported in this release. Other products in the Suite will be configurable in future releases.