Monthly Release Notes - April 2024
Alert Logic
Alert Logic MDR and Fortra XDR
April 30, 2024
Alert Logic has made enhancements to vulnerability snapshot reporting in the Alert Logic console to use the vulnerability instance key identifier for more consistent counts in vulnerability dashboards and breakdown reports. For more information, refer to our software update.
April 2, 2024
Alert Logic PCI ASV certification status expires in April 2024. Today, all Alert Logic Managed Detection and Response (MDR) customers were migrated to use the self-service PCI ASV capabilities available in Fortra VM, including external network scanning, web application scanning, PCI disputes, and PCI compliance reports. For more information, refer to our software update.
Boldon James
Classifier Administration Server
Version 3.20
April 30, 2024
Enhancements
-
Confirmed support for Windows Server 2022.
Fixes
-
If installed in a subdomain of an Active Directory forest, the Classifier Administration Server can now determine which Active Directory group a member belongs to. Permissions are now inherited by any of the members from the root domain.
Classifier Reporting Services
Version 2.3.0
April 30, 2024
Enhancements
-
Confirmed support for Windows Server 2022.
Fixes
-
A small number of reports did not show the second selector for a customer's configuration.
Email and Office Classifier
Version 3.20
April 30, 2024
Enhancements
-
Added support for TLS 1.3 when downloading web configurations.
Fixes
-
Performance improvements in Email Classifier when sending messages to Distribution Lists.
-
Fixed issue in Office Classifier when changing label or saving Word document if selection is in a Comment.
-
Fixed issue of wrong workbook being closed when multiple Excel files are open.
-
Classification dialog no longer appears twice when accepting a meeting request.
-
Classification summary bar now appears when multiple workbooks are open in Excel.
-
Email FLOT and/or LLOT markings now appear when sending emails. This issue was reported in the 3.19.1 release.
-
Classification labels are now applied to meeting cancellation messages.
-
When labeling an email attachment in Email Classifier, the label will now be applied to all non-labeled attachments on the email message.
File Classifier
Version 3.17.2
April 30, 2024
Enhancements
-
Added support for TLS 1.3 when downloading web configurations.
Power Classifier for Files
Version 3.15
April 30, 2024
Enhancements
- Power Classifier for Files Windows now supports masking of selectors in the label UI based on dynamic clearance. This gives parity with other Classifier products such as File Classifier and Office Classifier.
Fixes
-
Fixed certificate error when running Power Classifier for Files commands in PowerShell.
Core Security
Event Manager
Version 6.9.0
April 30, 2024
New Features
-
A new option has been made available for closing automatically generated controlled events while editing a Security Control. This option can be used to notify about specific events without the need to investigate further.
-
Any error in monitors collecting events is now reported in the self monitoring section of the product. The error informs about the affected Devices and/or Applications.
-
Any error in the daily data maintenance process will now be reported as an issue in the self monitoring section of the product.
-
A new option that uses the SQL Server Audit recollection mode for security events has been made available for SQL Server 2019 or newer versions.
Enhancements
-
A new column, "Object Name" has been added to the list of "Associated Events" shown on the controlled event details page.
-
Windows Server 2022 has been added as a valid Asset Type for an audited asset.
-
Add, Change, and Remove subsystem routing entry is now audited for IBM i systems.
-
ODBC drivers for Athena SQL Database are now supported on a "Custom Database Reader" DataSource in Event Manager.
-
Event Manager now stores the IFS object path in column 'Object Name' for "SIEM Agent for IBM i" events of type "Object Deletion". This requires the Event Description Text for "TDO All delete operations on the system" to be modified, replacing &DOOLIB&/&DOONAM& with &DOPNM&.
Fixes
-
On installation, the test button to validate the database connection did not work properly for SQL Server 2012R2. This has been fixed.
-
Events from Powertech Exit Point Manager (previously known as Network Security) on IBM i, sent with CEF format output, and using an old version of SIEM Agent (3.10), were not displaying the correct IP address. This issue has been fixed.
-
Grant/Revoke Permissions on Authorization List events for IBM i systems were incorrectly classified as general Grant/Revoke Permissions events. This issue has been fixed.
-
Events from Powertech Exit Point Manager, running on IBM i OS version 7.1, were not displaying the Operator field. This issue has been fixed.
-
False tampering alerts could be generated for the Archive Database (if the database had old events generated from an old installation of Event Manager not supporting Tampering proof checks). This issue has been fixed.
-
The report, "System i - User Profiles - Created, Changed and Deleted" did not return "Deleted" events if you selected 'Delete' for parameter 'Include Actions'. This has been fixed.
-
Product self audit events (generated when any asset was created, modified, deleted,...) were reporting INVALID_SESSION_DATA for Operator Name/Domain and User Name/Domain fields if logged in a User that did not have an "Administrator" security role. This issue has been fixed.
-
Licenses generated for an specific system (MAC address) could not be correctly validated. This issue has been fixed.
-
Security Controls, with Regulations selected, did not work because no assets were included in the "Events selection" rules. This issue has been fixed.
-
If a Custom Database reader DataSource was reading record fields with CRLF line breaks, the subaction regex expression filter and complete message parsing regex may not work. Therefore, these events were not audited. This issue has been fixed.
-
Excluding values in more than one column within the Event Manager or Forensic Analysis timeline did not work. as only one of the column exclusions were taken into account. This issue has been fixed.
-
A false tampered event alert, generated when an event was actually read from a log file (typically using a Custom Log Reader on Event Manager), had an invalid character for the collation of Event Manager events within SQL Server database. This issue has been fixed.
-
A false tampered event alert was generated when an annotation text for a controlled event in Event Manager contained a single quote. This includes the annotations created when closing a controlled event. This issue has been fixed.
-
Event Manager event grids (within both Forensic Analysis and Event Manager) did not answer due to the "HelpSystems - Events Control Service" service hanging. This issue has been fixed.
-
Events collected for standard DataSource "SIEM Agent for IBM i" did not report correct values for source and destination machines. This issue has been fixed.
-
The issue with the "Events Control Service" being blocked after consuming a lot of memory has been fixed.
-
SQL server events for the following subactions: "Grant/Revoke Permission to statement" and "Grant/Revoke Permission to schema" were not reporting the complete message to the affected user. This issue has been fixed.
-
There were minor differences between the regex filter validator results in LogReader DataSources and the actual events returned. This issue has been fixed.
-
If SmartConsole read more messages than it was able to process, an "out of memory" error was generated and the processing crashed. This issue has been fixed.
-
For SQL Server 2000 assets, the Object Creation/Object Restore and Object Backup/Object Backup Action/SubActions were available in error. This issue has been fixed.
Digital Guardian
Agent for Linux
Version: 7.7.0
APR 15, 2024
New Features
-
Certification for Additional Kernels
This table lists the additional certified Linux kernels for Red Hat Enterprise Linux (RHEL) and Ubuntu in this release. Refer to the Agent for Linux User's Guide for details about the packages required to support the new kernel versions for the Agent. Refer to Agent_for_Linux_v7.4.x_and_later_RHEL_Certified_Environments and Agent_for_Linux_v7.4.x_and_later_Ubuntu_Certified_Environments on the Fortra Support Portal for the complete lists of supported RHEL and Ubuntu kernels.
Distribution |
Version |
Architecture |
Kernel |
---|---|---|---|
RHEL | 9.3 |
64-Bit |
kernel-5.14.0-362.24.1.el9_3 |
RHEL | 9.2 |
64-Bit |
kernel-5.14.0-284.59.1.el9_2 |
RHEL | 9.2 |
64-Bit |
kernel-5.14.0-284.57.1.el9_2 |
RHEL | 9.2 |
64-Bit |
kernel-5.14.0-284.55.1.el9_2 |
RHEL | 9.0 |
64-Bit |
kernel-5.14.0-70.93.2.el9_0 |
RHEL | 8.9 |
64-Bit |
kernel-4.18.0-513.24.1.el8_9 |
RHEL | 8.8 |
64-Bit |
kernel-4.18.0-477.51.1.el8_8 |
RHEL | 8.6 |
64-Bit |
kernel-4.18.0-372.98.1.el8_6 |
RHEL | 8.6 |
64-Bit |
kernel-4.18.0-372.96.1.el8_6 |
RHEL | 8.6 |
64-Bit |
kernel-4.18.0-372.95.1.el8_6 |
RHEL | 7.0 |
64-Bit |
kernel-3.10.0-1160.114.2.el7 |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-6.5.0-26-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-6.5.0-25-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-6.5.0-21-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-6.5.0-18-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-6.5.0-17-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-6.5.0-15-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-5.15.0-101-generic |
Ubuntu |
22.04 LTS |
64-Bit |
linux-image-5.15.0-100-generic |
Ubuntu |
20.04 LTS |
64-Bit |
linux-image-5.15.0-101-generic |
Ubuntu |
20.04 LTS |
64-Bit |
linux-image-5.15.0-100-generic |
Ubuntu |
20.04 LTS |
64-Bit | linux-image-5.4.0-174-generic |
Ubuntu |
20.04 LTS |
64-Bit | linux-image-5.4.0-173-generic |
Agent for Windows
Version: 8.0.0
April, 2024
New Features
-
MIP SDK has been upgraded from v1.12 to v1.13.182. MIP SDK 1.13 introduces support for consuming files and emails protected with AES256-CBC generated by Word, Excel, PowerPoint, Outlook, Exchange Online, SharePoint Online, and MIP SDK-enabled applications that have opted into CBC publishing. It is imperative to update your application to MIP SDK 1.13 if it uses the File SDK to consume any of the above-mentioned formats. Microsoft 365 Apps, Exchange Online, and SharePoint Online will all start using AES256-CBC encryption by default in the second half of 2023. For more information, refer to Microsoft Information Protection SDK Documentation.
UseCBCForOfficeFileEncryption "UseCBCForOfficeFileEncryption" determines if the AES256-CBC algorithm is used to encrypt when Office files are protected by MIP. This is enabled by default in 8.0.0. Admins can disable this option by pushing custom configuration XML from DGMC if that is not the desired behavior: <mipUseCBCForOfficeFileEncryption>0</mipUseCBCForOfficeFileEncryption>
-
In version 8.0.0, the new feature DGFS implements a new file system filtering option using the Microsoft mini-filtering driver as recommended by Microsoft. When DGFS is enabled, the DG DGMinFlt file system mini-filter will be used instead of the legacy file system filters. Although the MSFT legacy driver continues to be the default, DG now provides a configuration option allowing users to switch between the MSFT legacy driver and the MSFT mini-filter driver. For more information, please contact Fortra Support.
NOTE: Despite these changes, all functionalities of the DG Windows Agent remain unchanged. -
Digital Guardian release version 8.0.0 and later introduces a range of new capabilities. The enhancements and updates implemented in DG Scanner are as follows:
-
Enhancements in Directory Control: In 8.0.0 and later, full support for mixed cases in path entries is provided. This facilitates more comprehensive file path descriptions. The new version allows the utilization of wildcard characters in the Exclude section, offering enhanced flexibility in specifying files to be excluded from scanning. Moreover, these versions offer support for Windows environment variables in both the scan Include and Exclude sections of the Directory Control file. This expanded capability enhances the versatility of defining inclusion and exclusion criteria. Additionally, it is recommended to exclusively use full paths, eliminating the need for short format paths. This promotes a more consistent and reliable configuration.
-
Improved DGScanner Integration with Sentry.io: Integrated DGScanner seamlessly with Sentry.io for automated crash dump reporting. For more information, refer section DG Agent Crash Dump Reporting Automation of the DigitalGuardian_8_6_1_Management_Console_Users_Guide.
-
MIP Label Reading and Reporting Enhancement: Enhanced DGScanner functionality to read and report MIP labels in inventory report with precision, providing comprehensive insights into the scanned data.
-
Automatic Service Restart and Schedule Resumption: Implement an automatic restart feature for DGScanner in the event of unexpected termination. It Ensures the scanner seamlessly resumes its operations according to the predefined schedule.
-
Improved DG Scanner Progress Report: The improved DGScanner Progress Report now features a streamlined scanning Start/Stop message in dg.log, enhancing tracking and analysis. It also provides information on the Current Scan Status (Current Info and Current Errors) and most recent scan results (last info and last error) for a concise overview of any scanning issues.
-
Scan on Uninstall: Upon uninstallation, this feature ensures the removal of DGStreams from all classified files, enhancing the uninstallation process by clearing any residual traces of files classified by Agent and Scanner.
-
Streamlined Log Management with New Log File: We've optimized log management in DGScanner, directing logs to a dedicated file named dgscan.log for improved traceability and efficient analysis.
-
Ignore List Management via DGDiag File Access: Enabling the management of the ignore list through DGDiag. This feature enhances the configurability and control over DGScanner's scanning parameters.
-
Scanner Reset Enhancement: In this release, the reset command is initiated through the DGMC, that will reset the scanning process and initiate a new scan based on the predefined configuration.
-
Support for Microsoft Office 365 Outlook New UI: Agent for Windows now supports capturing Send Mail operations within the new user interface of New Microsoft Office 365 Outlook. To enable this functionality, it is necessary to deploy the Digital Guardian addin for Outlook. In this deployment model, administrators must initiate the deployment of the Digital Guardian Outlook add-in through the Microsoft 365 Admin Center. For details on prerequisite steps, deployment methods for the Outlook add-in and User-Removable Addin, as well as limitations of the New Outlook UI add-in and observations on Smart Alert Notifications within the Digital Guardian Outlook Add-in, see the DigitalGuardian_Agent_for_Windows_8.0.0_Release_Notes.
-
Fixes
-
The Lua script modification addresses the problem of slow file uploads for larger files (greater than 200MB) to Google Drive. The Lua script adjustment resolves the issue.
-
A previous change to DG Agent failed to validate parameters properly and led to a crash of Internet Explorer Compatibility Mode. Parameter validation is added to prevent this problem, and the issue is now resolved. Refer to Resolved Issues section in DigitalGuardian_Agent_for_Windows_8.0.0_Release_Notes.
-
The user encountered difficulties uploading files in the client AWS application when the file size exceeded 24MB. Without the AWS fix, any file upload wouldn't trigger an NTU event, as NTUs weren't being reported for AWS S3. This problem has been resolved.
-
When a customer adds a file path to exclude from the DirCtrl.dat files ACI sections and the number of paths exceeds an internal limit, those extra paths used to be ignored and will not be included in any directory control processing. The DGAgent was altered so, it no longer has that limit anymore. This issue is resolved.
-
DG Agent for Windows release version 8.0.0 has now introduced a new custom configuration wipMaxHttp2StreamsPerConnection. Previously, users faced challenges with navigating sites hosted on NGINX that utilized a single HTTP/2 connection to handle a large number of requests. Since NGINX has implemented a non-standard limit of 1000 requests that can ever be served using single http2 connection, a similar limit has been implemented to have a smooth browsing experience for end-users, ensuring seamless navigation across these sites.
-
RME devices occasionally failed to be recognized as RME devices upon insertion or at boot time and failed to encrypt or decrypt files. This issue has been resolved.
-
A customer encountered problems where DGAgent Send Mail events lacked the 'To' recipient field. To address this issue, the DGAgent was modified to accommodate an undocumented Microsoft Outlook Old UI email distribution setting that was discovered.
-
DG Agent's Network Transfer Upload event is not able to detect Google drive website's response header 'XGuploader- UploadID'. This issue has been resolve.
-
Network Transfer Upload rules were not firing due to a bug in file identification hash values during uploads. This issue has been addressed and resolved.
-
The issue AG-49712 was reopened because the previously implemented solution was incompatible with Office 365. This issue has been resolved now. Refer to Resolved Issues section in DigitalGuardian_Agent_for_Windows_8.0.0_Release_Notes.
-
A customer performed a drag-and-drop operation to transfer several files into a CD/DVD folder, and subsequently, these files were burnt to the disc. The customer was expecting to be able to view CD/DVD burning events for each file (one event per file) in their local forensic analysis. However, they encountered an issue where an inconsistent number of burn events was displayed. The DgAgent has been modified to ensure that all the expected burn events are now accurately reported.
-
The installation process of the custom MSI Installer, which included an embedded configuration, encountered a problem due to elevated User Account Control (UAC) levels. This issue has been resolved.
-
Resolved crashes of applications that were being monitored by Digital Guardian Agent and Citrix Application Protection.
-
When using Microsoft Teams, users have the option to choose "Copy Link" for a file located within the file tab of their chat sessions. If a user has configured their Outlook settings such that pasting a link results in Outlook attaching a copy of the file, rather than just the link, the following behavior occurs: After copying the link, if the user proceeds to create a new email in Outlook, paste the link, and then send that email, the SendMail event displayed on the DGMC Servers Local Forensic screen will not only report details about the copied file but also include an entry describing the original link. This issue has been resolved.
-
DgScanner was accessing files listed within the "Exclude" section of the Scan in the dirctrl.dat resource file. This issue has been resolved, and the files specified in the "Exclude" section are now skipped from scanning.
-
When using the scanner monitor for scanner service installation, the tool now correctly points to the installed dgscan executable located within the dgagent installation directory.
Document Management (RJS)
SignHere
Version: 1.7.3
April 11, 2024
New Features
- Added startup routine to clear temp files created by SignHere
- Added ability for users to search webdocs from the Webdocs tab.
- Added ability for users to download a webdocs document from the Webdocs tab and open in the viewer for signature capture.
Enhancements
-
Fixed issue where right click context menu would not appear when pasting a copied annotation.
-
Fixed issue where note text could be lost if copy annotation is used before user clicks off of the annotation.
-
Fixed issue where copy/paste of an annotation may not remember the correct position if user moves it and clicks a different page.
FileCatalyst
FileCatalyst Direct
Version 3.8.10 - Build 138
April 4, 2024
Fixes
-
All - Various security fixes
-
Central - Issue with obtaining all reports from Central-connected nodes
-
HotFolder - Files would be re-transferred if the cache was enabled, and the transfer was triggered within 10 seconds
-
HotFolder - "Generate on next execution" functionality, for the transfer cache, was not working through HTML admin
-
HotFolder - Generating the transfer cache would not work with single client tasks
-
HotFolder - HTML Admin prevented changes to Dynamic Files task settings, once they were enabled
-
LoadBalancer - Long transfers would be assigned a different IP, if interrupted
-
Server - Bandwidth reports would display doubled data values when the "all" user filter was specified
-
TransferAgent - TransferAgent would incorrectly import old configuration files
-
Central, HotFolder, Server - UTF-8 characters would not properly render in node HTML admins, through Central
Fortra
Fortra platform
April 22, 2024
Enhancements
-
!"#$%&'()*+,-./:;<=>?@[\]^_`{|}~ characters are now permitted in display names, tenant names, and external tenant names.
-
An endpoint will allow an application with
platform.users:update
permission (e.g. Platform Manager) to set thetenantId
of existing user to the current tenant, if the user currently exists with no tenant. -
Existing users can be added and edited using Platform Manager and if they are not associated with a tenant, their tenant is changed to the current tenant.
-
When a user logs in, the first application shown is the last application used.
-
Multiple capabilities can be added when provisioning endpoint manager.
-
Updated design and style of the Environment Switcher
-
Improved style of platform generated emails.
-
Added dynamic fields with set defaults to Solution Management when provisioning an EFC solution.
-
Improved the field names of some permissions within roles.
Fixes
-
User registrations are now not accepted until all fields are filled it.
-
Fixed issue with redirecting if app does not appear in app switcher
-
Password is now validated during user registration.
-
Clicking the Fortra logo from any page within Account Management will now redirect to the Authentication page.
-
Multiple tenants cannot be created with the same name and ID.
-
A user with a product instance association and no tenant can now see their product app in the app switcher.
-
When a user impersonates a tenant, the current app stays the same, unless the new tenant is not entitled to it. If the new tenant is not entitled to it, the current app changes to the default app.
-
Tenant impersonation state now persists when closing and reopening the tab/window.
April 8, 2024
Fortra provides a unified cloud interface to easily manage and benefit from the broad set of capabilities across Fortra's cloud products. Fortra's single sign on and integrated user interface creates a stronger, simpler cybersecurity experience that will increase your security maturity while decreasing operational burden.
Endpoint Manager
April 22, 2024
Enhancements
-
Added an endpoint count to groups to show the number of endpoints that are in the group. This endpoint count has been added to the groups data table and group details drawer.
-
Introduced changes to stop log collection requests from intermittently reporting machine status as disconnected.
-
Improved accuracy of endpoint connection status.
Fixes
-
Fixed issue where DG-Diag would run during log collection and hang. Additionally, logic was added to enforce a 30 minute timeout on any log collection commands.
-
Fixed an issue that prevented modules from being assigned to the default All Endpoints group.
-
Fixed an issue where the endpoints data table would reset to displaying page 1 of the table.
-
Updated instances of "configured module" to display as "module".
April 8, 2024
Endpoint Manager is an application within Fortra's platform that allows for the management of multiple endpoint agents on laptops, desktops, and servers. All systems that have the Fortra Agent installed can be managed through the Endpoint Manager. This application provides the ability to easily install additional modules from Fortra's existing suite of capabilities across all endpoints without the time and resources of individual installs.
Globalscape
EFT
v8.2.0.45
Apr 1, 2024
New Features
-
Advanced Workflow Module (AWM)
-
Updated Automate Workflow Module (AWM) to v2024
Context Variables
-
Added %EVENT.ACTION_FAILURE_REASON% to return event rule failure reason
-
Added %FS.VIRTUAL_DIR_NAME% to return the virtual folder name alias
Connection Profiles
-
Added native support for Google Cloud
-
Added support for Google Drive
EFT Administration
-
Added support for EFT site propagate
-
Added support for EFT site artifacts propagate
-
Added support for Web Admin Client (WAC)
-
Added support for Server Name Indication (SNI)
-
Added support for Microsoft 365 OAuth 2.0 email
-
Added support for Gmail OAuth 2.0 email
-
Added support for Email templates
-
Added support for OpenID
Event Rules
-
Added support for OpenSSL action
-
Added support for User Create action
OpenSSL
-
Updated OpenSSL library to 3.1.4 (Note: FIPS will continue to use 1.0.2u)
-
Updated OpenSAML to 3.2.1
Remote Agent (RAM)
-
Added support for proxy
REST API
-
Added support for restrict access to REST API to a few traditional admin roles
-
Added support to provide updated error codes for Admin password change errors
-
Added support to get metrics for all sites in a single reques
-
Added support for filtering by group to users endpoint
-
Added support for changing admin password on log in
-
Added support for sorting to the users endpoint
-
Added support for filtering to the users endpoint
-
Added support to generate support bundle
-
Added support to generate ARM reports
-
Added support for user actions
-
Added support for event rule counters
EFT SyncTool
-
Added support for EFT 8.1
Enhancements
Advanced Properties (AP)
-
Added new AP to disable mkcol requests, DisableMKCOLRequest, tunnelNonHttpVerbs
-
Added new AP to remove username and domain in shared workspace link, UseIdInWorkspaceLink
-
Added new AP to remove links from workspace comment, RemoveLinksFromWorkspaceInvitations
-
Added new AP to increase SFTP buffer size, SFTPWinFileReadWriteBufferSizeKB
-
Added a new AP to Force Zero Preview for ICAP specific servers, ForceZeroPreview
-
Removed the MaxNumberConnectionsPerSite, AP as this is no longer used
Advanced Workflows
-
EFT upgrades will export all Automate workflows into a zip file for backup
-
Added ability to suppress Automate workflow popups
-
Added support for Dataset
-
Added support for JSON objects
-
Added support for TLS 1.2 in Azure Action
-
Removed support for SharePoint 2007 and 2010
-
Added SharePoint App Only and Azure AD Only authentication types
-
Added support for TLS 1.2 and TLS 1.3 in FTPS connections
-
Various User Interface enhancements
-
Various SharePoint Action enhancements
-
Various Variable Action enhancements
-
Various OCR Action enhancements
-
Various FTP Action enhancements
-
Various File System Action enhancements
-
Various Terminal Action enhancements
-
Various Image Action enhancements
-
Various Compression Action enhancements
-
Various HTTP Action enhancements
-
Various Exchange Action enhancements
-
Various PDF Action enhancements
-
Various Email Action enhancements
-
Various Dialog Action enhancements
-
Added support for TLS 1.2 in Web Service Action
-
Updated Automate Task Builder layout
ARM
-
Added a new "Result" field in the Actions table
-
Removed SAT related tables from ARM database
EFT Administration
-
Upgraded all .Net components to .Net 4.8
-
Updated Database related help link
-
Added a new Automate Service Account section
-
Increased Default Minimum Password Length for EFT adminstrator accounts
-
Updated branding graphics
-
Updated links to module licensing site
-
Added better sorting capabilities for SSH user key management
-
Updated verbiage and links to reflect Fortra
-
Added new link to Fortra Connector Hub
Event Rules
-
Added option to compress files older than X to the Compress Action
High Availability (HA)
-
Updates to HA Active-Active upgrades by providing a new prompt to determine last node being upgraded
Licensing
-
Updated Advanced Workflow Module (AWM) trial period to 15 days
OpenPGP
-
Restored legacy support to export all pgp keys into a single set of public and private keys
Remote Agent (RAM)
-
Added SFTP logger configuration in the Remote Agent logging
REST API
-
Improved REST responses for the authentication endpoint
WTC
-
Updated Angular to v16
-
Updated branding graphics
-
Removed code for deprecated clients
-
Added support for redirect to hom epage and login when URL is invalid
Fixes
ARM
-
Fixed an issue where AuthenticationsExpired table was missing from the Purge Script
-
Fixed an issue where Admin Actions would not log created Event Rules
-
Fixed an issue where Activity - Session Lifecycle report had incorrect timestamp format
-
Fixed an issue where AS2 Detail reports would not generate when using an Oracle database
-
Fixed an issue where EFT administrators could not stop ARM report generation from the GUI
Advanced Workflow Module (AWM)
-
Fixed an issue where the help file would fail to launch from the Task Builder
Authentication
-
Fixed an issue where a blank RelayState values would cause authentication failures
-
Fixed an issue where MFA would bypass Active Directory (AD) expired passwords
-
Fixed an issue where reset passwords were not propagating to other nodes in an HA cluster
-
Fixed an issue where disabled users would not trigger User Login Failed Event Rule for SFTP and HTTP protocols
-
Fixed an issue where Enforcing Strong passwords would not properly honor words from the dictionary.txt
EFT Administration
-
Patched CVE-2023-2989
-
Patched CVE-2023-2990
-
Fixed an issue that under specific configurations could cause EFT to crash on certificate expiration notification
-
Fixed an issue where the EFT server could crash when OCSP stapling is enabled
-
Fixed an issue where Uploads per Session for HTTP/HTTPs connections would not work as expected
-
Fixed an issue where Password Expiration notices were sent on stopped EFT sites
-
Fixed an issue where under certain conditions the GUI could crash while attempting to login
-
Fixed an issue where the GUI would revert to previous interaction area
-
Fixed an issue where the scroll bar would not appear when adding several conditions to the same line
-
Fixed an issue where the certain AD user profile details were not being added into EFT's user profile
-
Fixed an issue where Max Transfer speed setting was not being honored
-
Fixed an issue where LDAP Auth Manager test would limit users to 10k users
-
Fixed an issue where EFT could hang under certain conditions during DMZ Gatewaysocket initialization
-
Fixed an expired Help link under the File send UI
-
Fixed a caching issue when using Test for LDAP site configurations
EFT Event Rules
-
Fixed an issue where under certain conditions after an upgrade some EFT event rules could cause EFT to crash
-
Improved exception handling for multi-file transfers for AWS S3 upload/download
-
Fixed an issue where multipart AWS uploads could crash EFT
-
Improved AWS cloud download performance
-
Fixed an issue where the Overwrite function would not work as expected
-
Fixed an issue where multiple nodes in an HA cluster would trigger an event rule on the same file
-
Fixed an issue where Numerate in File actions would not work as expected
-
Fixed an issue where Event Rules would not be able to pass /*.* to Advanced Workflows
-
Fixed an issue where context variable %FS.BASE_FILE_NAME% would not work after a PGP action
-
Fixed an issue where File rename operation would not work after upgrading to EFT 8.1
-
Fixed an issue where Event Rules could not be enabled/disabled after being renamed
-
Fixed an issue where the User Created Event Rule that triggers an Advanced workflow could cause an EFT admin UI disconnect
-
Fixed an issue where Override credentials may not work under certain conditions
-
Fixed an issue where File Upload rule with PowerShell action could trigger more than once
-
Fixed an issue where exclude file in File Delete operation would not work as expected
-
Mitigated Zip Slip vulnerability
-
Fixed an issue where Event Rule Daily Run starts on Tuesday instead of Monday
-
Fixed an issue where the PowerShell action would share embedded defined context variables with other Event Rules
-
Fixed an issue where Failed decompress actions would show as successful in the ARM database
-
Fixed a typo in the Report Action UI
-
Fixed an issue where the Overwrite option was available under the Import CSV from Dataset UI
-
High Availability (HA)
-
Fixed an issue where LastActiveTime synchronization could cause user login requests to hang
-
Fixed an issue where cluster nodes could run out of sync due to a deadlock
Help Documentation
-
Fixed our help documentation with updated footer and header
-
Fixed an issue where launching a PDF file could cause the EFT admin GUI to crash
-
Fixed an issue where script errors were displayed in Advanced Workflow section
-
Fixed an issue where the REST API help could cause UI hangs
Logging
-
Fixed an issue where an incorrect stat remote file error would be displayed in the TED6 log for SFTP connections
-
Fixed an issue where Test button for cloud secrets would not log to the EFT log file
-
Fixed an issue where TOS customizations would not properly reference the path being used in the EFT logger
OpenPGP
-
Fixed an issue where Decrypt and Verify signature would not work as expected
-
Fixed an issue where File Upload event rules with PGP encryption could create a 0kb file after upgrading to EFT 8.1
Outlook Add-in
-
Fixed an issue where the Help Guide in the EFT Outlook Add-in would not load
-
Fixed an issue where Outlook Add-in would error when using a SharePoint Send link
Proxy Protocol
-
Fixed an issue where EFT could crash when using proxy protocol over FTP
Registration
-
Updated the EFT Advanced Workflow Module (AWM) trial period to 15 days
Remote Agent
-
Updated RAM log to remove authorization agent details
-
Fixed an issue where RAM in 8.0.3 could not process rules from EFT 8.1.1
REST API
-
Fixed an issue where "The specified template does not exist" would be returned on the Add users endpoint
-
Fixed an issue where REST API calls for ARM PDF reports would not return any data
Workspaces
-
Fixed an issue where under certain configurations the username and password details were logged in the EFT logger for Workspaces
-
Fixed an issue where under certain configurations File links in Workspace emails did not work
-
Fixed an issue on how the Dropoff portal quota is updated and verified
WTC
-
Fixed an issue where password change did not work as expected
-
Fixed an issue where Firefox mobile would fail on uploads
-
Fixed an issue where Reset Password does not always work in case of invalid username and email
-
Fixed an issue where under certain conditions could not load password complexity details
-
Fixed an issue where the Advanced Property (AP) UplReqDel, was no longer supported in EFT 8.1
GoAnywhere
Goanywhere MFT
Version 7.5.1
April 22, 2024
Enhancements
-
Added support for 128-bit and 256-bit AES GCM ciphers in the SFTP/SCP/SSH client.
Updates
-
Reverted validation that was added in 7.5.0 which restricted the use of the same variable name between project variables and Secure Form components.
-
Updated commons-compress from version 1.21 to 1.26.
Fixes
-
Fixed an issue that prevented the application from shutting down if configured and running with GoAnywhere Gateway.
-
Fixed an issue in the GoAnywhere upgrader where the upgrade could fail when migrating preference records on network or embedded Derby databases.
-
Fixed an issue where Syslog logs were being written out to the global log file.
-
Fixed an issue where the job runtime was not entirely filled when the job queue had jobs tied to limited job queues at the head of the queue, and the limited queue was full, and there were jobs tied to unlimited queues at the tail.
-
Fixed an issue that prevented replies from FTP servers that did not conform to standard reply messages by adding a 'Strict Reply Parsing' option for FTP and FTPS. This fixed issues with a '220' reply error caused by a commons-net upgrade which requires stricter replies.
-
Fixed an issue where files that resided in an Encrypted Folder were not being decrypted when uploaded to the following Cloud Connectors (This only applies to large files): Sharepoint, OneDrive, Azure Data Lake Storage Gen2, Dropbox and Box.
-
Fixed an issue where Database Statistics failed when a database had table names that began with 'DPA_' in multiple schemas.
-
Fixed an issue where the last login date was not updated during SAML Authentication for Admin Users.
GoAnywhere Agents
Version 2.2.1
April 22, 2024
Enhancements
-
Added support for 128-bit and 256-bit AES GCM ciphers in the SFTP/SCP/SSH client.
Updates
-
Updated commons-compress from version 1.21 to 1.26.
Fixes
-
Fixed an issue that prevented replies from FTP servers that did not conform to standard reply messages by adding a 'Strict Reply Parsing' option for FTP and FTPS. This fixed issues with a '220' reply error caused by a commons-net upgrade which requires stricter replies.
-
Fixed an issue with SSH compression which rendered it unusable from the resource and task.
-
Fixed an issue with Agent encryption applicable only to 2.2.0 installs.
Outflank Security Tooling (OST)
Outflank
Version: 11 April 2024
EDR evasion
- Ported evasive features towards ShovelNG (Lateral movement) and addition of new EDR presets
Command & Control
- Major performance enhancement of Socks.
Updates
- New tool release: a Keylogger and capability for remote command execution over WSMan.
- Added a new relaying research.
- Updates to various Misc tools to support new Windows versions, features, bugfixes etc.
Powertech
Powertech Antivirus
Version 6.2 (6.2.0 Powertech Antivirus Unix/Linux Endpoints)
April 4, 2024
New Features
-
Powertech Antivirus now automatically supplies dashboarding capabilities to HelpSystems One upon registration.
-
Extended support for IBM i endpoints:
-
Anti-ransomware functionality can now be configured for IBM i endpoints. *Requires version 8.10 (R8M10) or higher of the Powertech Antivirus for IBM i software to be installed on the IBM i system. This version is planned for release in Q2 2024.
-
IBM i endpoint now provides an on-access scan configuration.
-
On-Demand scans for the IBM i now support the configuration values "Run Priority" and "Log Level".
-
-
Users can now download PDF reports without the need to email them.
-
Support for Linux/Unix endpoints has been enhanced:
-
The On-Demand scan configurations now allow the user to specify file extensions to be excluded by specifying the Exclude parameter as: *.dbf:*.log:*.ctl.
-
The On-Demand scan configuration now allows users to configure the number of threads used to run during a scan. This requires Endpoint version 6.3.0 which is not yet released.
-
Enhancements
-
Java runtime environment has been upgraded to 11.0.20.
-
Postgres has been upgraded to 12.18.
-
Kafka has been upgraded to version 3.5.1.
-
Apache Tomcat has been upgraded to 9.0.85.
-
The server used to provide DAT updates via https and sftp has been upgraded to support TLS 1.2.
-
Powertech Antivirus now creates self-signed certificates that can be trusted by client browsers. Documentation has been added to assist customers who wish to replace the self-signed certificates.
-
Support has been added for discreet control over the command used to initiate SMTP connections over TLS.
-
Powertech Antivirus Server can now send email notifications to servers that require a TLS 1.2 connection.
-
Info level Apache Tomcat logging is now enabled by default. Logs are created in /opt/ptavwebsvc/logs with filenames prefixed with Apache Tomcat.
-
The presentation of the side forms in the user interface has been enhanced to reflect our current corporate standard.
-
Reports have been rebranded to use the Fortra logo.
-
The User Guide now contains instructions on how to configure digital certificates for the browser-based user interface and avoiding the certificate warnings from browsers.
-
The User Guide has been expanded to provide more information about managing IBM i endpoints with Powertech Antivirus Server.
Compliance Monitor for IBM i
Version 4.4
April 1, 2024
Fixes
-
Batch assessment's email process has been updated to ensure it is RFC 55322 compliant.
-
An issue where Batch Assessment's ‘Use automatic assessment data’ was being unchecked, has been resolved.
-
An issue where the Profiles with Default Passwords assessment was empty on IBM i 7.5, and where profiles that did have default passwords were displayed as not having default passwords, has been resolved.
-
Fixed an issue when updating the product received error; MCH0601 Space offset X'00022000' or X'0000000000000000' is outside current limit for object &1.
-
Fixed an issue where some CD Journal Entries were causing assessments to end abnormally.
-
Fixed an issue where the Authority Broker Exclusions filter was failing.
Powertech Multi-Factor Authentication
Version 1.5.4
April 4, 2024
Enhancements
-
Apache Tomcat has been upgraded to 9.0.90 to alleviate security vulnerabilities.
-
The User Guide now explains how to use third-party authenticators such as Microsoft Authenticator or Google Authenticator with Powertech Multi-Factor Authentication.
-
RADIUS configuration documentation has been enhanced.
Powertech Multi-Factor Authentication IBM i Agent
Version R01M10
April 4, 2024
Enhancements
-
The Multi-Factor Authentication menu now includes an option to specify which IBM i user profiles are used as the Insite configuration profiles. These include a "Connection" and "One-time Use" user profile.
BoKS Manager
Version 8.1 (version update)
April 10, 2024
Server s-8.1.0.8
New Features
- New boksconfig setting TLS psk-only
Enhancements
- New boks-server package dependency
Fixes
- Wrong action on TLS client cert map fail
- Fixed a server idle timeout setting that was too low
- Lost quotations added back in check_failover_replica
- Corrected inaccurate error msg when creating host certificate
- For some imported rules, boksrule did not display all the access methods
- Auto-registration fails when using CLIENT_CHOOSE_HOSTGROUPS connecting to Replicas and the list is longer than 128 characters
- Corrected boks_portmux that logged the wrong severity for fail-check in boks_errlog
- When processing queued batch messages for hosts using DHCP (DYNIPCLIENT) without a valid IP address
- Make bokshostcertreqgenp12 retrieve private key from the BoKS DB if it doesn't exist locally
Version 8.1 (version update)
April 10, 2024
Client c-8.1.0.13
Fixes
- Auto-registration failed when using CLIENT_CHOOSE_HOSTGROUPS connecting to Replicas and the list is longer than 128 characters.
Version 8.1 (version update)
April 29,2024
Server s-8.1.0.9
Fixes
- BoKS rule ID changes during migration from 7.2
BoKS Reporting Service
Version 8.1.0.6
April 25, 2024
Fixes
-
Fixed a performance problem when importing dump in version 8.1.
-
The following dependencies were upgraded for security:
-
Upgraded Spring Boot to 2.7.18
-
Upgraded Spring Framework to 5.3.34
-
Upgraded Spring Security to 5.8.12
-
Upgrade H2 database to 2.2.224
-
Upgraded Jetty to 9.4.53
-
Upgraded Guava to 33.1.0
-
Upgraded Bcprov-jdk14 to 1.78.1
Tango/04
Vityl IT & Business Monitoring
Version 6.9.0
April 30, 2024
New Features
-
A new attribute has been added, "Worst Substate as Global Criticalness". Setting this attribute to 'True', results in critical errors from other substates, such as performance, being reported as critical at the asset level.
-
A new element type "Generic Website Check (Response Time Control)" allows you to monitor and save response time metrics for a specific web site.
-
Any error in monitors collecting events is now reported in the self monitoring section of the product. The error informs about the affected Devices and/or Applications.
Enhancements
-
New ALEV functions, GET_LAST_CHANGE_TIME_BV and GET_LAST_CHANGE_TIME_FOLDER, have been made available to use in the SmartConsole module.
-
Boolean attribute "InterfacesByName" has been added to communication devices (Routers, Switches, Firewalls, and Gateway). If this attribute is set to 'True', "Network interfaces" elements are discovered and monitored with SNMP protocol by Name, instead of Description. This attribute is important because, in some special cases, network interfaces may not have a Description.
-
A new Action Set is available in the SmartConsole module for Integration with Automate: "Execute Automate Workflow Python". This can be used as alternative to the Powershellversion, to avoid using Powershell.
-
Internal retries for AIX Physical memory usage monitor have been increased to avoid sporadic monitoring errors caused by an unexpected connection error to a remote AIX system.
-
A new parameter, "Collection Mode" has ben added for elements of type "Windows Event Log". This allows you to change the collection technology for event log events.
Fixes
-
On installation, the test button to validate the database connection did not work properly for SQL Server 2012R2. This has been fixed.
-
Journal Discovery monitors for IBM i did not discover all the journals for systems running OS version 7.4 or 7.5. This issue has been fixed.
-
The ASP monitor for IBM i systems could report error: 'System i Error: For input string: " ]" if the IBM i system was running OS version 7.4 or greater. This issue has been fixed.
-
Alarms of type "No event received in the specified calendar" within SmartConsole, could result in being blocked while editing alarms or actions. Another symptom was the log not being shown when starting SmartConsole as an application. These issues have been fixed.
-
The SmartConsole module could get blocked if an asset defined at Product level had Notifications enabled. This issue has been fixed.
-
Licenses generated for an specific system (MAC address) could not be correctly validated. This issue has been fixed.
-
Insite dashboards did not work (no data was shown) for Vityl IT & Business Monitoring metrics. This error happened in Vityl IT & Business Monitoring versions 6.7 and 6.8 and any version of Insite. This issue has now been fixed.
-
Control "ASP Usage Temporary Storage" for IBM i systems could report incorrect issues for other controls. This issue has been fixed.
-
In some environments, an error "...is not recognized as an internal or external command..." could be generated for some of the self-monitoring controls. This issue has been fixed.
-
Event Manager event grids (within both Forensic Analysis and Event Manager) did not answer due to the "HelpSystems - Events Control Service" service hanging. This issue has been fixed.
-
The ASP monitor for IBM i systems could report error: 'System i Error: For input string: ""' if the IBM i system was running OS version 7.4 or greater. This issue has been fixed.
-
Journal Discovery Monitors for IBM i systems could report errors: "String index out of range: 10". This issue has been fixed.
-
The "Network interface bandwidth percentage" metric could report invalid values (very high values greater than 100%) . This issue has been fixed.
-
If SmartConsole read more messages than it was able to process, an "out of memory" error was generated and the processing crashed. This issue has been fixed.
-
Alarms of type "No event received in the specified calendar", created in SmartConsole, might fail intermittently. This issue has been fixed.
TeamQuest
Postgres SQL
Version 13.14
April 5, 2024
Enhancements
-
Added support for Postgres level 13.14
VCM
Version 2.19
April 2, 2024
Enhancements
-
Added a new property, regex-compare, to the Instance Filter Function. This property specifies whether the value should be compared with regex (true) or with a string equals (false).
-
Updated Apache Tomcat to version 9.0.87
Titus
DCS for M365
Version 2024.04
April 19, 2024
New Features
-
Updated product name from TCS for M365 to DCS for M365.
Policy Manager
Version 2024.04
April 19, 2024
Enhancements
-
Removed support for the following TCS for Google Workspace (cloud) products from Policy Manager: Email (Gmail, Google Calendar) and Documents (Google Docs, Google Sheets, Google Slides). Existing data for TCS for Google Workspace products will be cleaned up on Policy Manager's first use.
-
Importing large TCPG Configuration files takes less time. TCPG files that took several hours to import can now be imported in less than one minute.
-
Removed size limitations for publishing Policy Manager Configurations to the cloud.
-
Added tooltips to display the Name and Display text for Schema Fields and Schema Values. Field type is also shown in for Schema Fields tooltips.
-
Added tooltips to display the full names of Rules, Custom Conditions, and Actions library items.
TCS for Google Workspace (Cloud)
TCS for Google Workspace (Cloud) is no longer being released by Fortra. If you are currently using TCS for Google Workspace (Cloud), please contact Customer Support for more details.
TCS for Google Workspace (On-premises)
TCS for Google Workspace (On-premises) is no longer being released by Fortra. If you are currently using TCS for Google Workspace (On-premises), please contact Customer Support for more details.
Vera
Version 3.23.3
April 2024
New Features
-
Digital Guardian Secure Collaboration (Vera) announces support for Adobe Acrobat and Reader (24.001.20615):
-
Adobe Acrobat and Reader for Windows Client
-
Adobe Acrobat for Mac Client
-
Fixes
-
Important Update to the Vera Server
-
Fixed an issue where the UI becomes slow or unresponsive for some action when there are hundreds of shares configured.
-