Monthly Release Notes - March 2025

Jump to:

Agari Alert Logic Automate Beyond Security
Boldon James Bytware CCSS Clearswift
Cobalt Strike Core Security Digital Defense Digital Guardian
Document Management FileCatalyst Fortra Fortra Application Hub
Fortra VM Globalscape GoAnywhere Halcyon
IBM Partnership Insite InterMapper JAMS
Outflank Security Tooling Powertech Robot Safestone
Sequel Showcase Tango/04 TeamQuest  
Terranova Security Titus Vera

 

Alert Logic

Managed Web Application Firewall (WAF)

Version 5.2.2.1-2728

March 27, 2025

New Features

  • CSP and Page Integrity violation reporting improvements allowing better incident management

  • Add support for layer 7 source IP control/blocking for anonymizing VPN services

Bug Fixes

  • Properly normalize page integrity data to prevent script mismatches and nonce issues

  • Normalize newline characters in inline scripts to prevent checksum mismatches when response HTML is modified

  • Relax overly specific HTML response injection rule to correctly match external script references

  • Allow relative external scripts without CORS headers to be authorized

  • Preserve raw src attributes with special characters to avoid double encoding issues

Version 5.2.2.0-2703

March 13, 2025

New Features

  • API protection enhancements: classes, regex, static, and integration with streaming inspection engine for unlimited request body inspection

  • Page Integrity script tokenization support, CSP reports, and numerous other workflow improvements to CSP/Page Integrity modules

  • ECDSA support in ACME certificates

  • Core engine CPU affinity support improving performance on multi CPU machines

Enhancements

  • Audit log format has changed from event=$RPC_EVENT, user=$user, id=$ID, source=$SOURCE_IP to user=$user, id=$ID, source=$SOURCE_IP, event=$RPC_EVENT

  • Handle OPTIONS/CORS preflight requests when dealing with CSP reports from browsers

Bug Fixes

  • Various streaming inspection fixes and improvements

  • Properly terminate core worker processes that are held up by long-lived connections (like websockets tunnels) when core is restarted

  • Automatically expire stale ICM cluster nodes

 

Back to Top

 

Cobalt Strike

Version: 4.11

March 17, 2025

New Features

  • Added "http-post" malleable C2 group options to control the size of parts of the POST response to bypass Data Exfiltration Prevention solutions and process responses faster:

    • Use the "client_max_post_post_size" option to reduce the maximum posting size.

    • Decreasing this this will cause HTTP posted data (with the POST verb) to be chucked into multiple smaller requests.

    • Use the "client_max_post_get_size" option to control the size of chucked data (data sent per request) when beacon is posting with a GET verb into an HTTP Header.

    • Increasing this size can speed up downloads and create less HTTP posting GET verb requests that are larger.

    • Use the "client_max_post_get_packet" option to control the amount of file download data that a Beacon can process during one cycle (check-in) when using HTTP Posts with the GET verb.

    • Increasing this size can speed up downloads, but will create more HTTP post requests per cycle.

  • Added support for multiple hosts to beacon_config command.

  • Added DNS Over HTTPS (DOH) support to DNS Beacons:

    • Configuration is available in the "dns-beacon" malleable C2 section.

    • The default option to enable the feature is set with the "comm_mode" malleable C2 option.

    • Other DOH configuration options are available in the "dns-over-https" malleable C2 group.

    • You can choose to override the default DOH enabled option when generating payloads from the UI or Aggressor scripts.

  • Added ability to run multiple BOFs asynchronously without blocking Beacon.

    • This ability is being released by way of the Arsenal Kit Postex Kit.

  • Added support for additional Nt* API to Function/Syscall Resolution in the prepend loader, Beacon, and Aresenal Kit.

  • Added new default process injection method in Beacon.

  • Added support to handle fake PEB entries and EAT Protections with "stage.eaf_bypass" option.

  • Added Client console option for wrapping long text lines on word breaks.

  • Added options for copying data easier from Credentials list.

  • Added options to organize the output of the help command into groups to make things easier to find.

    • See "help help" in the Beacon and SSH consoles.

    • Added "beacon_command_group" and "ssh_command_group" aggressor commands to define custom command help groups.

    • Added help group ID parameter to "beacon_command_register" and "ssh_command_register" aggressor commands for linking commands to help groups.

  • Added Console Buffer Size - Preferences option to allow more console data before truncation occurs.

  • Added Beacon console metadata command line variables.

    • See the "variables" command to show the list of variables that be used on the command line.

  • Added an option to disable auto scrolling in console windows.

  • Added killdate event logging.

    • Added client UI warning banner to display killdate information starting 30 days prior.

    • Added 'killdate' aggressor function to retrieve the killdate.

  • Added UPN type syntax support for make_token command.

Enhancements

  • Updated BeaconGetSyscallInformation API (breaking change with previous versions).

  • Overhauled default sleep mask so Beacon and Sleepmask are both automatically masked with proprietary evasion code.

    • This applies to HTTP, HTTPS and DNS Beacons

  • Updated the Cobalt Strike client to support the new bread_pipe aggressor function, which can be used to task beacon to read from the specified pipe name.

  • Updated the bread_pipe aggressor function to support reading from the pipe that supports read_postex_kit_blob_from_pipe format.

  • Made prepend reflective loader the default loader used by Beacon.

    • Added "stage.rdll_loader" malleable c2 option to use prepend (default) or stomp loader.

  • Use indirect system calls in prepend reflective loader by default.

    • Added "stage.rdll_use_syscalls" malleable c2 option to disable system calls.

  • Changed "stage.obfuscate" behaviour to decouple copying the PE Header into the final Beacon memory.

    • The "stage.copy_pe_header" option will perform that.

    • Added "stage.transform-obfuscate" which allows the user to use transformations to obfuscate the Beacon dll payload for the prepend loader.

  • The prepend reflective loader will resolve system calls and pass to them Beacon by way of Beacon user data (BUD).

  • Changed some default options in .stage malleable C2:

    • sleep_mask :true

    • transform-obfuscate: { xor 32 }

    • cleanup : true

  • Changed selected Beacon console tab to switch as beacon table selected beacon changes.

  • Changed Client consoles to position at the bottom when opening.

  • Updated CS Client to respond better to double click action in various places.

  • Updated CS Client to respond better to right click action on tabs for prompting to rename tabs.

  • Changed Mac Client Console key mapping to use standard Mac "meta Command+..." for Select All, Copy, Cut, and Paste.

Fixes

  • Fixed aggressor script error importing .jar files.

  • Fixed Tactics, Techniques, and Procedures (TTP) report and IOC report errors.

  • Fixed Preferences dialog incorrectly identifying team server SSL fingerprints as SHA-1 when they are SHA-256.

Back to Top

 

Digital Guardian

Agent for macOS

Version: 9.0.0

March, 2025

New Features

  • Starting with release 9.0.0, the Digital Guardian Agent for macOS introduces support for the Transparent Proxy Network Extension as an alternative to the Web Inspection Proxy (WIP) configured as an Explicit Proxy. Unlike the Explicit Proxy, which relies on configuring HTTP/HTTPS proxy settings in the operating system, the Transparent Proxy operates as an implicit proxy. This eliminates the need for manual OSlevel configurations, simplifying deployment. The Transparent Proxy intercepts traffic exclusively from supported browsers and legacy Outlook, ensuring minimal interference with other network activities while maintaining robust data loss prevention capabilities.

  • In this release, the application used for the Network Operations System Extension has been enhanced to manage both the Network Operations and DGWebProxy System Extensions. To accommodate this change, the MDM profile used for auto-enabling Network Operations has been updated. Refer to the “Installing and Upgrading DG Agent Using Jamf” section in the User Guide for more details.

    IMPORTANT: If you are already using the Network Operations feature, apply the updated Network Operations MDM profile to the Agents before upgrading the Agents to the Mac 9.0.0 release.
Fixes

  • The customer reported an issue where the PAC files were not refreshing after a network change. This issue is now resolved in DG Agent for Mac 9.0, which introduces a new config parameter wipExplicitProxyPACRefreshSec. To enable timely PAC file refresh, update the custom configuration resource file and set this configuration parameter to a lower value, such as 30 seconds.

    Example Configuration: <wipExplicitProxyPACRefreshSec>30</wipExplicitProxyPACRefreshSec>

  • There was an issue in the Mac Agent where the match operator defaulted to "ALL" instead of "ANY" when used in the Rule Definition. This issue has been fixed.

  • Due to an issue in the Mac Agent, the ADE Paste was not generated when the COMMAND+SHIFT+V shortcut was used in the Chrome browser. This issue has been fixed.

  • The ADE Paste events were not generated consistently on the Microsoft Edge browser. This issue has been fixed.

  • Due to an issue in the Mac Agent, a huge volume of Operational Alerts of type “DGWIP External CA Certificate Signing Issues” were generated when ARC was configured as a Certifying Authority. This issue has been fixed, and the volume of these Operational Alerts will be minimized.

  • An issue in the Mac Agent caused the agent to stop communicating with DGMC when the "DgServer.cer" and "CERTGUID.DAT" files used during the upgrade differed from those used during installation. This issue has been fixed.

  • An issue in the Mac Agent caused trial mode policies to show prompts. This issue has been fixed in this release, users will not see prompts for trial mode policy.

  • An issue in the Mac Agent caused to show a notification "DLP blocked the following operation" when the machine is rebooted. This issue has been fixed in this release, WIP will no longer intercept Microsoft Teams events, even though the sub-process path has Microsoft Edge.

  • An issue was encountered where some mac agent machines were generating File Capture operational alerts due to a misconfigured remote share with a "bad file capture public key". The issue is now resolved.

  • An issue in the Mac Agent caused ADE operations to be intercepted even after the agent was terminated. This issue has been fixed in the this release, and ADE events will no longer be intercepted when the agent is terminated.

Agent for Linux

Version: 10.0.0

March, 2025

New Features

  • Certification for Additional Kernels

    This table lists the additional certified Linux kernels for Red Hat Enterprise Linux (RHEL) and Ubuntu in this release. Refer to the Agent for Linux User's Guide for details about the packages required to support the new kernel versions for the Agent. Refer to Agent_for_Linux_v10.x.x_and_later_RHEL_Certified_Environments and Agent_for_Linux_v10.x.x_and_later_Ubuntu_Certified_Environments for the complete lists of supported RHEL and Ubuntu kernels.

Distribution

Version

Architecture

Kernel
RHEL 9.5 64-Bit kernel-5.14.0-503.26.1.el9_5
RHEL 9.5 64-Bit kernel-5.14.0-503.23.2.el9_5
RHEL 9.5 64-Bit kernel-5.14.0-503.23.1.el9_5
RHEL 9.4 64-Bit kernel-5.14.0-427.55.1.el9_4
RHEL 9.4 64-Bit kernel-5.14.0-427.50.2.el9_4
RHEL 9.2 64-Bit kernel-5.14.0-284.104.1.el9_2
RHEL 9.2 64-Bit kernel-5.14.0-284.103.1.el9_2
RHEL 8.10 64-Bit kernel-4.18.0-553.40.1.el8_10
RHEL 8.10 64-Bit kernel-4.18.0-553.37.1.el8_10
RHEL 8.8 64-Bit kernel-4.18.0-477.89.1.el8_8
Ubuntu 24.04 64-Bit linux-image-6.8.0-52-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-51-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-50-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-49-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-48-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-47-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-45-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-44-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-41-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-40-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-39-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-38-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-36-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-35-generic
Ubuntu 24.04 64-Bit linux-image-6.8.0-31-generic
Ubuntu 22.04 64-Bit linux-image-6.8.0-52-generic
Ubuntu 22.04 64-Bit linux-image-5.15.0-131-generic
Ubuntu 20.04 64-Bit linux-image-5.15.0-131-generic
Ubuntu 20.04 64-Bit linux-image-5.4.0-205-generic
Fixes

  • No issues are resolved in this release.

Agent for Windows

Version: 7.9.3.0030

March, 2025

Fixes

  • Fixed an issue where web browsers were not able to load the web content going through the Zscaler web proxy. This was caused by the DG Agent blocking the failing web connection IP address and port for 5 minutes when using IPv4. This fix will also be available in our Digital Guardian Window Agent release v9.1.0 or higher.

    For more information, refer to Digital_Guardian_8_7_Management_Console_Users_Guide and update the DG Windows Agent config.xml with the below entries:

    <wipConnectionCheckv4Enable>1</wipConnectionCheckv4Enable>

    <wipAgingPeriodInSeconds>0</wipAgingPeriodInSeconds>

Analytics & Reporting Cloud

Version: 5.2.0

March, 2025

New Features

  • Workspace Enhancements - Title Component

    • This release introduces the ability to add and edit titles (headers) as components to workspaces.

  • Export Profile Change

    • In this release, additional whitespace formatting in the JSON format for Export Profiles has been removed to reduce the payload size. Only the additional whitespace was removed; the payload is still in the JSON format and should not impact any process that loads the data as a JSON object.

Fixes

  • Fixed an issue where it was unable to assign incidents to users synced from the Azure AD.

  • Fixed an issue where the export profile with JSON format does not show event was blocked = true.

  • Fixed an issue where an incident created by dragging and dropping an expanded event has an incorrect event association.

Back to Top

 

Document Management (RJS)

iForms Server

Version 2.9.4

March 13, 2025

New Features

  • Added Microsoft Graph Authentication capabilities to allow for authentication to Azure based SQL databases.

  • Added support for virtual NIC cards to licensing module for IBM I users.

Enhancements

  • Upgraded Microsoft ODBC driver to support connections to new SQL versions.

  • Update Datasources documentation.

Fixes

  • 12 Java Security Updates.

  • Fixed issue where user could not set the number of copies on the monitor export settings when using a PC Printer to anything greater than 1.

Webdocs Invoice Manager

Version 2.3.1

March 11, 2025

Enhancements

  • Improvements with APIs between WIM and Webdocs Windows for Workflow.

Fixes

  • Minor Template Details Page Fixes: Query Type drop down list, Connection Name Column.

  • Corrected page navigation after save of Template Schemata Details.

Back to Top

 

FileCatalyst

FileCatalyst Workflow

Version 5.2.0 - Build 13

March 27, 2025

New Features

  • Implement OAuth with MFA via HTTP headers and authentication middleware

  • Added support for reverse proxy and 'x-source-ip' header for accurate tracking of remote IP addresses

  • Temp FC Direct accounts when strict security is enabled now inherit the virtual folders from the main proxy service account

  • TLS 1.3 compatibility when connecting to FileCatalyst Direct Server

  • Added an option to disable strict recipient tracking, this option is not recommend for email auth

  • Rebrand as Fortra

  • Added support for STARTTLS and DEBUG for Outgoing SMTP Server

  • Skip CAPTCHA challenge cookie length is now configurable

  • Added ability to disable CAPTCHA per order form

Fixes

  • XML file is broken due to SQL wrappers

  • Super Admin can NOT access any file area

  • Documentation added for per uploaded file upload form

  • editPrintJob.jsp does not display heading.editJob from the language file

  • Various stability and performance fixes

  • Various documentation fixes

FileCatalyst Direct

Version 4.0.0 - Build 375

March 24, 2025

Added: 

  • All - Modernized look and feel.

  • All - Upgrading to 4.0.0 from a previous version will uninstall the Swing admins, on Windows.

  • All - Windows installers now detect last install location rather than defaulting to "Program Files."

  • Central, HotFolder, Server - Implemented faster table rendering for improved user experience.

  • HotFolder, Server - Added an identifier of the connected node to the HTML admin.

  • HotFolder, TransferAgent - Switched OSX app bundles to use new JPackage framework for ".app" files.

  • Central - Set default sorting order for Central Session History to be start time instead of status.

  • HotFolder - Added the ability to shut down HotFolder from the HTML admin.

  • HotFolder - Added the ability to add a FileCatalyst Workflow site through the HotFolder HTML admin.

  • HotFolder - Added the ability to install the HotFolder service through the HTML admin.

  • HotFolder - Added the ability to use HotFolder Connect through the HTML admin.

  • HotFolder - Removed HotFolder Swing remote admin - replaced with HTML admin only.

  • HotFolder - Removed the option to configure ports which are no longer used, from the HotFolder HTML admin, due to the removal of the Swing admin.

  • Server - Added the ability to shut down Server from the HTML admin.

  • Server - Added the "ETA" column to the Server's Sessions view in the HTML admin.

  • Server - Added the ability to install the Server service through the HTML admin.

  • Server - Added the "Rate" columns to the Server's Sessions table in the HTML admin.

  • Server - Added the ability to monitor transfers grouped "By User" in the HTML admin.

  • Server - Added a string filter functionality to the Server logs through the HTML admin.

  • Server - Added the ability to multi-enable/disable through the HTML admin.

  • Server - Improved Server's Sessions table formatting.

  • Server - Removed Server Swing remote admin - replaced with HTML admin only.

  • Server - Added the ability to enable/disable groups from within the groups list in the HTML admin.

  • Server - Added the User Authentication sub-panel to the Server HTML admin.

  • TransferAgent: Weblink - Fixed the issue where users would see an error message in Weblink when the "Force lowercase usernames" configuration was set on the Server.

Fixes

  • All - Multiple security fixes.

  • HotFolder, Server - Fixed an issue in the remote HTML admin where it would prompt for credentials even if the remote admin is disabled.

  • HotFolder, Server - Fixed an issue where effective rate was not being separated from actual rate in the activity view.

  • Server, TransferAgent - Fixed issue where Google Cloud Storage buckets with the "uniform" access control could not be used by FileCatalyst Server.

  • HotFolder - Fixed an issue in the HTML admin where the button to remove files from the transfer cache on HotFolder was incorrectly labeled "Open."

  • HotFolder - Fixed an issue in the HTML admin where "Enable remote administration of service" being disabled would prevent the ability to set "Login required for access."

  • HotFolder - Fixed an issue in the HotFolder HTML admin scheduler view, where editing task execution frequency would be greyed out, requiring deselecting "Scheduled Execution" and reselecting it.

  • Server - Fixed an issue in the Server HTML admin where "Check Service Status" and "Test Authentication" buttons would not work.

  • Server - Fixed an issue where a NullPointerException was being thrown when attempting to lock out a non-existent user.

  • Server - Fixed an issue with the Server HTML admin where editing the home directory would not show the EFS options.

  • Server - Fixed an issue where large data sets of users, groups, and virtual folders would be extremely slow to render in the HTML admin.

  • TransferAgent - Fixed an issue where the FileCatalyst logo or the TransferAgent link on the navigation panel would redirect to a page that does not exist.

Known Issues:
Compatibility Advisory:

  • Central - Central v3.9.X will be the only versions of FileCatalyst Central, compatible with older HotFolder, Server, and TransferAgent nodes, as well as v4.0.0 nodes. Upgrading to v4.0.X requires additional steps detailed in this article.

  • HotFolder, Server - HotFolder, Server, and TransferAgent v3.9.X nodes will be the only versions compatible with older versions of FileCatalyst Central, as well as FileCatalyst Central v4.0.0. Upgrading to v4.0.X requires additional steps detailed in this article.

Back to Top

 

Fortra

Fortra platform

March 20, 2025
Enhancements

  • Add/Edit Roles page now includes General and Permissions tabs.

  • Improved messaging when error occurs.

  • Add Solution functionality moved to Products page.

Fixes

  • Resolved security vulnerabilities and minor bug fixes.

Endpoint Manager

March 21, 2025
Fixes

  • Fixed issue with tables not showing remembered search value.

  • Resolved security vulnerabilities and minor bug fixes.

March 10, 2025
Fixes

  • Fixed Last Connected field event message so it shows correctly in Event Fusion Center.

  • Resolved security vulnerabilities and minor bug fixes.

Back to Top

 

Fortra Application Hub

Version 1.3.1

March 11, 2025

Enhancements

  • Upgraded Apache Tomcat to 9.0.100

  • Upgraded Postrgres driver to 42.6.2

  • Upgraded Open Source version of IBM Toolbox for Java to 10.6

  • Upgraded Spring Security LDAP to 5.7.15

Fixes

  • Addressed CVE-2024-22259 vulnerability.

  • Fixed version number on Diagnostics page.

Back to Top

 

IBM Partnership

Backup, Recovery, and Media Services (BRMS)

Product 5770-BR1: PTF 7.5 SJ04540, 7.4 SJ04539

March, 2025

Enhancements

  • The SQL service QUSRBRM.CG_BACKUP_STATUS has been enhanced to show the volume expiration status and expire date. See the BRMS wiki for more information at https://ibm.biz/brms-enhancements.

Fixes

In version 7.4 and later:

  • Backup control group QNFSIPLINC may fail with messages MSGCPF9801 and MSGBRM1820 is fixed.

  • Backup for a control group using a Journaling report object list failing with messages MSGCPD0018, MSGMCH3601, MSGRNQ0222 and MSGBRM1820 is fixed.

  • Fixed instance where SQL service QUSRBRM.MEDIA_INFO may complete successfully with warning SQL STATE 01004.

  • Fixed instance where version controlled volume sets may not expire as expected when running STRMNTBRM EXPMED(*YES) EXPSETMED(*NO).

  • Fixed issue where *ALLUSR and *IBM backups may fail with message MSGCPF38AA.

  • Issue where DUPMEDBRM with parameter SBMOPT(*YES) may fail with message MSGBRM1033 is fixed.

  • Issue where DUPMEDBRM using an expired volume on the TOVOL() parameter may incorrectly fail with message MSGBRM0004 reason code 06 is fixed.

  • Issue where STRRCYBRM volume report may list incorrect or incomplete duplicated volumes when using DUPMEDBRM with TOSEQNBR > 1, or when using DUPMEDBRM to duplicate a parallel backup to a single volume is fixed.

Product 5770-BR2 Version: PTF 7.5 SJ03537, 7.4 SJ03536

March, 2025

Enhancements

  • The SQL service QUSRBRM.CG_BACKUP_STATUS has been enhanced to show the volume expiration status and expire date. See the BRMS wiki for more information at https://ibm.biz/brms-enhancements.

  • The BRMS web interface has been enhanced to show control group attributes and backup list details. See the BRMS wiki for more information at https://ibm.biz/brms-enhancements.

Fixes

In version 7.4 and later:

  • Backup control group QNFSIPLINC may fail with messages MSGCPF9801 and MSGBRM1820 is fixed.

  • Backup for a control group using a Journaling report object list failing with messages MSGCPD0018, MSGMCH3601, MSGRNQ0222 and MSGBRM1820 is fixed.

  • Fixed instance where SQL service QUSRBRM.MEDIA_INFO may complete successfully with warning SQL STATE 01004.

  • Fixed instance where version controlled volume sets may not expire as expected when running STRMNTBRM EXPMED(*YES) EXPSETMED(*NO).

  • Fixed issue where *ALLUSR and *IBM backups may fail with message MSGCPF38AA.

  • Issue where DUPMEDBRM with parameter SBMOPT(*YES) may fail with message MSGBRM1033 is fixed.

  • Issue where DUPMEDBRM using an expired volume on the TOVOL() parameter may incorrectly fail with message MSGBRM0004 reason code 06 is fixed.

  • Issue where STRRCYBRM volume report may list incorrect or incomplete duplicated volumes when using DUPMEDBRM with TOSEQNBR > 1, or when using DUPMEDBRM to duplicate a parallel backup to a single volume is fixed.

  • Fixed issue where the BRMS web interface Enterprise Communication Status may incorrectly report Inactive for a 5770-BR1 installed system.

  • Fixed issue where the BRMS web interface View BRMS Log on a Control Group Backup Status entry with a Status of Active did not show the current BRMS Log messages.

Rational Developer for i (RDi)

Version 9.8.0.4

March 6, 2025

Enhancements

  • Updated the JVM to IBM Semeru 11.0.25+9

  • Updated ACS to 1.1.9.7

  • Updated JTOpen to 20.0.8

  • Updated code coverage CCaaS core function to 2.2.5

Back to Top

 

Terranova Security

Version: 1.112.1

March 19, 2025

Enhancements
  • The platform has been updated to comply with WCAG 2.1 AA standards, ensuring better accessibility for all users.
Fixes
  • Other minor bug fixes.

Back to Top

 

Titus

DCS for Windows

Version 2023.1 HF1

March 17, 2025

Fixes

  • Added additional protection to the UserSettings file to prevent I/O exceptions when file in use by multiple DCS end points.

Mail for iOS

Version 2023.0.1

March 10, 2025

Fixes

  • Fixed an issue where email messages would sometimes show a classification label that was not selected.

Back to Top

 

Vera

Version 3.24.1

March 2025

New Features

  • Support for Adobe Acrobat and Reader: Digital Guardian Secure Collaboration (Vera) announces support for Adobe Acrobat and Reader (25.001.20432):

    • Adobe Acrobat and Reader for Windows Client (3.23.9)

    • Adobe Acrobat for Mac Client

Updates

  • Windows Clients: Secure Collaboration (Vera) has updated the code signing certificates and this will impact users who use "silent update" for their Windows clients. We recommend users update to the latest Secure Collaboration (Vera) version by downloading the client builds from the tenant and manually running the installer.

    NOTE: There will be no impact for users using other update settings.

  • Mac Client: With the Adobe 25.001.20432 release, a new feature “Enable protected mode at startup (Preview)” runs Adobe applications in a restrictive environment and does not allow Secure Collaboration (Vera) to control the application. If users have this feature released and enabled by default, they will face issues while opening secured files. We recommend that users turn off this feature for Secure Collaboration (Vera) to interact with Adobe Acrobat software. This feature can be disabled by going to Acrobat > Preferences > Security (Enhanced) and deselecting Enable Protected Mode at startup (Preview).

Enhancements

  • Users need to upgrade their existing CentOS-based appliance to 3.23.2.

  • As CentOS's lifecycle comes to an end, connectors have been updated to support Rocky Linux. Users must set up a new Rocky Linux-based On-Prem cluster that will be available with the appliance version 3.24.0.

Fixes and Security Updates

  • Fixed an issue where users without the "Editing" policy rights could not open the Vera-secured Excel (.xlsx); instead, the file crashed. This issue was seen only on the macOS Sequoia with the Apple silicon chipsets.

  • The Secure Collaboration team will be performing an infrastructure upgrade to enhance its security posture.

Back to Top