Vera

IMPORTANT: Vera has been commercially rebranded to Fortra's Digital Guardian Secure Collaboration (DGSC) and the help pages will be rebranded throughout 2024. As of late September, all secure collaboration information and messaging has been migrated to the Digital Guardian website.

March 2025

Version 3.24.1

March 2025

New Features

  • Support for Adobe Acrobat and Reader: Digital Guardian Secure Collaboration (Vera) announces support for Adobe Acrobat and Reader (25.001.20432):

    • Adobe Acrobat and Reader for Windows Client (3.23.9)

    • Adobe Acrobat for Mac Client

Updates

  • Windows Clients: Secure Collaboration (Vera) has updated the code signing certificates and this will impact users who use "silent update" for their Windows clients. We recommend users update to the latest Secure Collaboration (Vera) version by downloading the client builds from the tenant and manually running the installer.

    NOTE: There will be no impact for users using other update settings.

  • Mac Client: With the Adobe 25.001.20432 release, a new feature “Enable protected mode at startup (Preview)” runs Adobe applications in a restrictive environment and does not allow Secure Collaboration (Vera) to control the application. If users have this feature released and enabled by default, they will face issues while opening secured files. We recommend that users turn off this feature for Secure Collaboration (Vera) to interact with Adobe Acrobat software. This feature can be disabled by going to Acrobat > Preferences > Security (Enhanced) and deselecting Enable Protected Mode at startup (Preview).

Enhancements

  • Users need to upgrade their existing CentOS-based appliance to 3.23.2.

  • As CentOS's lifecycle comes to an end, connectors have been updated to support Rocky Linux. Users must set up a new Rocky Linux-based On-Prem cluster that will be available with the appliance version 3.24.0.

Fixes and Security Updates

  • Fixed an issue where users without the "Editing" policy rights could not open the Vera-secured Excel (.xlsx); instead, the file crashed. This issue was seen only on the macOS Sequoia with the Apple silicon chipsets.

  • The Secure Collaboration team will be performing an infrastructure upgrade to enhance its security posture.

January 2025

Version 3.24.0

January 2025

New Features

  • Mac Client

    • Digital Guardian Secure Collaboration (Vera) announces support for macOS Sequoia.

  • SaaS

    • Multiple users can co-edit the SharePoint or OneDrive-hosted secured files using the OnlyOffice editor and push the edited secured files back to SharePoint or OneDrive.

    • Digital Guardian Secure Collaboration (Vera) announces support for the SMB3 protocol with the 3.24.0 release.

    NOTE: To use the SMB3 protocol, users must upgrade their existing connectors.

Fixes

  • Fixed an issue where the Digital Guardian Secure Collaboration (Vera) tenant Graphical User Interface (GUI) failed to update the correct SharePoint credentials for SharePoint shares.

  • Improved the security fixes.

End of Support

  • Digital Guardian Secure Collaboration (Vera) announces the end of support for 3.22 with the 3.24.0 release. Users are recommended to update their clients to ensure smooth operations.

  • Digital Guardian Secure Collaboration (Vera) announces the end of support for macOS Monterey for the Mac client by the 3.25.0 release.

July 2024

Version 3.23.8

July 2024

Fixes

  • Fixed an issue where the Vera user without the "Copy Paste" permission can copy the secured PowerPoint (PPT) slides to an unsecured PowerPoint file. This issue was observed in some special situations when multiple monitors were used.

June 2024

Version 3.23.7

June 2024

Fixes and Security Updates

  • Important Update to the SaaS Portal

    • The Secure Collaboration team will be performing a planned infrastructure upgrade to enhance its security posture.

May 2024

Version 3.23.6

May 2024

Fixes and Security Updates

  • Share Page Policy Mapping

    • Fixed an issue where the Policy Mapping under Advanced Settings in the Share page was not saved after modification if more than one type of share was present.

Version 3.23.5

May 2024

Fixes and Security Updates

  • Important Update to the Vera SaaS

    • The Secure Collaboration team will be performing an infrastructure upgrade to enhance its security posture.

Version 3.23.4

May 2024

Fixes and Security Updates

  • Important Update to the Windows Agent

    • Fixed a security issue for the Adobe Acrobat Reader.

April 2024

Version 3.23.3

April 2024

New Features

  • Digital Guardian Secure Collaboration (Vera) announces support for Adobe Acrobat and Reader (24.001.20615):

    • Adobe Acrobat and Reader for Windows Client

    • Adobe Acrobat for Mac Client

Fixes

  • Important Update to the Vera Server

    • Fixed an issue where the UI becomes slow or unresponsive for some action when there are hundreds of shares configured.

March 2024

Version 3.23.2

March 2024

New Features

  • (Mac Client) Digital Guardian Secure Collaboration (Vera) announces support for macOS Sonoma.

Updates

  • The SharePoint URL has been updated in steps 14 and 19 of the "Creating a Vera Share for OneDrive" section. For more information, refer to OneDrive Integration Guide for Vera-Hosted Connector.

Enhancements

  • (Mac Client) Digital Guardian Secure Collaboration (Vera) announces the end of support for macOS Big Sur with the 3.24.0 release.

Fixes

  • Important Update to the Digital Guardian Secure Collaboration (Vera) Server

    • Fixed an issue where some users could not verify their credentials using SAML authentication.

  • (Windows Client) Fixed an issue where Microsoft Office files failed to open and close properly.

  • (Windows Client) Fixed an issue where the user could save an unsecured copy of Microsoft Office files even when the "Save As" option was disabled.

December 2023

Version 3.23.0

December 2023

New Features

  • Windows Client

    • Digital Guardian Secure Collaboration (DGSC) announces initial support for PDF-XChange Editor v10.0.1 for Digital Guardian Secure Collaboration’s Windows Client.

  • On-Prem DGSC Key Connector

    • The on-prem DGSC Key Connector (previously known as Vera Key Connector) will now use MongoDB 6.0. All connectors (including DGSC Key Connector) can be deployed in both on-premises data centers (such as DGSC (Vera) Center) and AWS.

    NOTE: The existing customers with the on-prem DGSC Key Connector (using Riak DB) will be manually upgraded to the new on-prem DGSC Key Connector with MongoDB.

  • iOS and iPadOS

    • Digital Guardian Secure Collaboration’s iOS and iPadOS applications now support iOS 17 and iPadOS 17.

September 2023

Version 3.22.5

September 2023

Fixes

  • (Vera SDK) Updated the Vera SDK with the newer and stable Curl 8.0.1 library to consume all recent changes and bug fixes made available in Curl.

Version 3.22.4

September 2023

Fixes

  • (SaaS) Made enhancements to the AD validation query.

  • (Windows Client) Fixed an issue where, even if the Copy/Paste object was set to "Don't Allow" in the policy settings, the feature (Copy/Paste object) was still available in the Edit mode of Nitro Pro PDF.

  • (Windows Client) Fixed an issue where the Vera watermark was not clearly visible when using Nitro PDF.

  • (Windows Client) Fixed an issue where a secured Outlook attachment and Office file were saved as an unsecured file with the recent Office builds.

July 2023

Version 3.22.3

July 2023

Fixes

  • (Linux with Vera SDK) Fixed an issue where an error was seen while granting access to the Vera document.

  • Fixed an issue where the user was shown an error message saying "command failed with an exception" via SDK or Vera command line.

June 2023

Version 3.22.2

June 2023

Fixes

  • (Windows Client) Fixed an issue where when a user clicks the Enable Editing (Protected View Only) option on a secured Microsoft Office file, the file must switch to standard view in order to be edited, but the system displays an error stating "This operation is not allowed on secure documents".

May 2023

Version 3.22.1

May 2023

Fixes (Security Vulnerability)

  • Adobe has released a patch for a few users on the latest version of Adobe (with a new UI). If a user is on this version of Adobe and opens a secure file to which they have access with a specific policy, the file opens without any restrictions, just like an unsecured file. This issue has been fixed by forcing all Adobe users to use a stable version of the old UI. This limitation will be enforced until Adobe releases a general and stable version.

Version 3.22.0

May 2023

New Features

  • Windows Client

    • Vera announces support for Nitro Pro PDF v13.67.0.45.

    • The Vera Policy Bar is replaced with Vera Policy Badge on the Vera client except for Microsoft Visio and Adobe Acrobat (in pivot mode). The new policy badge allows the file owner to view an enhanced description of the permissions, actionable items, and scalability to show and select a classification.

    • Vera announces support for Microsoft Azure Windows 10 multi-session and Windows Server 2019.

    • Vera announces support for Adobe Acrobat Reader’s (64-bit) new UI experience in shim mode only. This new UI experience is rolled out only for limited users, refer to Adobe’s note as mentioned below.

NOTE: Currently, the new experience is being rolled out as an experiment and available for Acrobat (64-bit) English locale only with no third-party plug-ins installed. The feature may not be available to all users.

  • Mac Client

    • Vera announces support for Apple silicon.

  • SaaS

    • Vera was using ONLYOFFICE PostgreSQL V10.18 and its life cycle will end by April 2023. Now, Vera will upgrade the ONLYOFFICE PostgreSQL to version 14.4.

  • Android Mobile

    • Vera announces support for Android 12 and 13.

Fixes

  • Fixed an issue where the Vera client will show a warning to the end users if the protected mode based on the group policy is found because the protected mode set by the group policy will not be supported by the Vera client for Adobe.

  • (Windows Only) Fixed an issue of watermarks not seen on the Vera secured files with the Adobe Reader V2022.003.20322. This issue was observed only in Vera client and fixed with the 3.21.2 release.

  • Fixed an issue where the document cannot be displayed due to a policy that restricts screen capture. Users with privileges to modify the access of multiple files were not able to perform this task.

April 2023

Version 3.21.6

April 2023

Updates

  • (Windows Client) Customers running 3.21.3 and 3.21.4 versions can successfully upgrade to 3.21.5 via regular or silent upgrade methods. Version 3.21.5 is signed with Vera Security, Inc. certificate.

  • (Windows Client) Customers running 3.21.5 and 3.21.2 or lower versions can successfully upgrade to 3.21.6 via regular or silent upgrade methods. Version 3.21.6 is signed with Vera’s certificate.

Version 3.21.5

April 2023

Fixes

  • (Windows Client) Fixed an issue where the silent update to 3.21.4 for Windows clients was failing because the VeraSetup.msi certificate expired, and it has been signed by a new certificate.

March 2023

Version 3.21.4

March 2023

Fixes

  • (Windows Client) Fixed an issue where users were unable to open the Vera-secured PDF files after the Adobe Acrobat Version 2023.001.20064 update.

Version 3.21.3

March 2023

Updates

  • Windows clients signed their binaries with a certificate that will expire on March 9, 2023. Now, Vera will renew this certificate to avoid disruption in the customer environment. Vera wants customers to update their Vera Windows client to the latest version with the 3.21.3 release.

February 2023

Version 3.21.2

February 2023

Fixes

  • Fixed an issue where the links from Outlook would crash or refuse to open on the Microsoft Edge browser. This issue was noticed with the latest Microsoft Edge Browser update (version 110.0.1587.41).

  • Fixed an issue where the secured PDF files would open as unsecured with Adobe 2022.003.20310 (old UI) release.

  • Fixed an issue where the AD proxy does not work if the proxy is set to both group sync requests and authentication.

  • Fixed an issue where Null Pointer Exception (NPE) occurs when a previously deleted file reappears in the Box folder.

November 2022

Version 3.21.1

November 2022

Updates

  • Vera announces the end of support for macOS Catalina with the 3.22.0 release.

  • Vera announces the support for macOS Ventura with the 3.21.0 release.

    Vera has verified that the newly released macOS Ventura works as expected with Vera’s previously released 3.21.0 version.

Fixes

  • Fixed an issue when performing a perm-sync of files through SharePoint, the evaluated source resulted in FileShare instead of Classification Rules, which impacted folder-level Classification Rules.

  • Fixed an issue of the invalid date range in the Licensed Users Report.

  • Fixed an issue where the Kerberos Single Sign-On (SSO) authentication did not work with Two-Factor Authentication (2FA).

  • Fixed an issue where Vera will notify the users to disable the Adobe Acrobat new UI feature that blocks them from accessing the secured files. Users can revert to the old UI by clicking View > Disable New Acrobat in the Acrobat application.

October 2022

Version 3.21.0

October 2022

New Features

  • Vera allows you to secure files based on classification labels and tags. For each classification tag, you can apply rules based on auto-selected folder membership access or group-based membership access for files that are manually or automatically classified. The Classification Rules tab replaces the combined functionalities of the Partner Policy Mapping and Partner Policy Share Mapping tabs.

Updates

  • Vera provides an option to their customers to copy Vera events from an AWS S3 bucket, without the need to open inbound ports to their environment or set up a Syslog server.

  • The Vera agent may be unstable if the endpoint user installs Vera software first and then an administrator installs System Center Configuration Manager (SCCM). Vera’s installation procedures have been updated to remove user-based installation when Vera is deployed by an administrator via SCCM installation. Vera recommends rebooting the endpoint after the administrator installation.

  • Vera has integrated the Titus C++ SDK into the Vera SDK, so when the Netskope discovery scans the file and identifies the partner policy tag, Vera can internally call the Titus SDK to write the Titus data classification tag on the file in Titus readable format and then encrypt the file.

  • Vera announces the end of support for macOS Mojave in this release.

  • SharePoint support for rendering all VIB-supported files on the browser if the supported application is not present on the desktop.

  • Kerberos Single Sign-On Integration - Logs a user into the Vera client automatically if the user signs into Windows via Active Directory.

Fixes

  • Fixed an issue where the access request emails were not sent.

  • Fixed the low-risk vulnerabilities that were identified by Capital One's internal team.

  • Fixed an issue where the SDK third-party authentication OAuth token expires.

  • Fixed an issue where user’s session credentials are passed through the URL instead of a cookie.

  • Fixed an issue where the application was allowing the client to specify a cipher suite that uses insecure encryption and/or hashing algorithms.

  • Fixed an issue where the user export report and the dashboard count do not agree.

  • Fixed an issue by creating an API that returns the tenant's correct number of TAD sync-able documents.

  • Fixed a security issue with SAML authentication which allowed the user to log in via SAML into the Vera portal even though they were not whitelisted in the authentication settings.

  • Fixed an issue where all the file copies were not displayed on the File Details window.

  • Fixed an issue where a time-bomb error was reported when the files were opened in the browser.

  • Upgraded all the Vera connectors to 3.19.1, allowing the security teams to rescan vulnerabilities.

  • Fixed an issue where the watermark is missing when printing a TIFF file to paper from the Windows Photo Viewer.

  • Fixed an issue where the multi-install fix is not working when the user is not signed out from the machine.

July 2022

Version 3.20.1

July 2022

New Features

  • The native Linux executable is packaged with the Vera SDK. All required executable and libraries are under samples/c++/linux/bin. For more information, see readme.

Fixes

  • Fixed an issue by improving the VIB workflows to support opening of secure files in a browser if a Vera-supported application is not present on the desktop.

  • Fixed an issue that allows Vera to message when some records are not copied due to co-owner restrictions while cloning access to or from another user.

  • Fixed an issue that impacts the performance where slowness occurred in opening unsecured Excel files in SharePoint.

May 2022

Version 3.20.0

May 2022

New Features

  • Manage access for files that are shared widely to allow one or more other users to be Co-Owners of the file in the SaaS Windows Client and MacOS Client. File Co-Owners are people and/or groups that can receive and grant access requests, share the file and edit it but cannot change the ownership or remove privileges from the owner. Please see the new File Co-Owners section in the Admin Guide.

  • Windows Client - Box Drive - Vera-secured files showing Vera icon

    For Box Drive, the icons of Vera-secured files will show the native application icon (Vera icon) when the Vera Client is installed in the machine.

  • Windows Client - Enable the Keyboard Enter Button on Vera Client Login

    If you are not signed into the Vera client and try to open a Vera-protected document, it prompts you to sign in. While signing in, if you press Enter on the keyboard it will sign you in.

Updates

  • Vera announces end of support for the following applications/versions on MacOS:

    • AutoCAD, AutoCADLT, Reader and Adobe Illustrator version 2019 in the 3.20.0 release.

    • Office 365 version 15.41.0 and earlier in the upcoming 3.20.0 release.

NOTE: For viewing secured PDF files on MacOS, users can use Vera Preview.

  • Vera announces the end-of-life support for OS X Mojave in the upcoming 3.21.0 release.

  • Outlook shim for MacOS in the upcoming 3.21.0 release.

NOTE: For Outlook support, users must upgrade to the Vera JS add-in to continue using Vera with Outlook on a Mac.
Fixes

  • Fixed an issue where MacOS users with Vera Client installed cannot open and edit unsecured PPT files in SharePoint online.

  • Fixed an issue where after installing the SharePoint add-in application, Vera considered normal HTML files (not Vera-secured files) as Vera-secured files and displayed an error when opening the file.

  • Fixed an issue where the Vera icon may not display for Dropbox under certain special conditions.

  • Fixed an issue where there is a discrepancy in the file name when the file is opened in a browser and in a default application. Vera improved the handling of renamed files when viewing in the browser. Files that have been renamed in the local file system or in SharePoint and subsequently opened using the browser will be noted as such in the file details page.

  • Fixed a bug where in some situations, users with privileges to modify the access of multiple files were not able to do so.

April 2022

Version 3.19.3

April 2022

Fixes

  • Resolved an issue where Save Policy was not enforced in View-in-Browser (VIB) (Server Only).

March 2022

Version 3.19.2

March 2022

New Features

  • Added support for Acrobat 2022 (Adobe Pro DC and Adobe Reader) for Adobe's latest update (22.001.20085) to Windows and Mac clients.

Fixes

  • Fixed an issue where if an Adobe Acrobat does not have a .pdf extension in the title, the Windows client opens the file as an unsecured file.

March 2022

Version 3.19.1

March 2022

Updates

  • Vera now uses Log4j files 2.17.1, fixing CVE-2021-44832.

  • Vera now supports SharePoint 2019 OnPrem.

Fixes

  • Fixed an issue where if one user with administrator role (admin1) changed settings for another administrator (admin2) in the portal, admin2’s role was downgraded to that of a regular user, and the audit trail incorrectly identified the transaction.

  • Fixed an issue when users opened a secured PDF file, a corrupted file error message displayed and the file did not open. This issue encountered with the Adobe Acrobat latest version 2021.011.20039.

  • Fixed an issue where Apple Mail shim in 12.1+ (Monterey) did not work because of the recent Apple Mail updates.

January 2022

Version 3.19.0

January 2022

New Features

  • The Vera brand is changing. With this release, the new Vera by HelpSystems logo and logomark will appear in Vera's website, Vera online, Vera documentation, and Vera External APIs.

  • A new button is available to update the AppSecret. Users can use the existing download button to get the new configuration.

Updates

  • Vera announces the support for Symantec V15.8.

  • Vera expands the support for SharePoint. Users can now use the VIB/EIB functionality for protected files hosted on SharePoint.

  • Vera announces the support for PDF files rendering by OnlyOffice cluster.

  • Vera announces the support for the Outlook new UI with the JS add-in on MacOS.

  • Vera announces the support for MangoDB 4.2. MongoDB version 4.0 will reach End of Life (EOL) on April 30, 2022. Atlas clusters currently running MongoDB 4.0, which will be automatically upgraded to MongoDB 4.2 after April 30, 2022.

  • Vera announces the end of support for Microsoft IE11 for VIB/EIB:

    • With the Vera 3.19.0 release, the View-in-Browser/Edit-in-Browser (VIB/EIB) functionality is no longer supported on Internet Explorer 11 (IE11). Other browsers, such as Microsoft Edge, Google Chrome, Mozilla Firefox, and Safari, will continue to be supported. There are no changes to file types, sizes, or any other capabilities of VIB/EIB.

    • This decision is prompted by several factors. Microsoft has set IE11 on a sunset path, with O365 already not supporting it, and planning to withdraw operating system support for IE11 in Q2 2022. Usage of IE has been steadily declining in the Vera user base, with Edge increasing share. As a security company, Vera always recommends using the newest, best-supported version of software. This includes Vera's underlying Javascript libraries, which are also dropping IE11 support with this and subsequent releases.

  • Vera announces the end of support for the following MacOS applications in the upcoming releases:

    • AutoCAD, AutoCADLT, Reader, and Adobe Illustrator version 2019 in the upcoming Vera Release 3.20.0.

    • Outlook shim in the upcoming Vera Release 3.21.0.

    • Office 365 version 15.41.0 and earlier in the upcoming Vera Release 3.20.0.

NOTE: For viewing secured PDF files on MacOS, users can use Vera Preview.
NOTE: For Outlook support, users must upgrade to the Vera JS add-in to continue to using Vera with Outlook on a Mac.
Fixes

  • Fixed an issue where export and dashboard counts do not match:

    • Fixed an issue where the Statistical reports included some duplicate users.

    • Fixed an issue where some leftover content remained during a npm install/npm build.

  • Fixed an issue where Excel experienced slowness when Vera is installed.

  • Fixed an issue where Office 365 latest and Office 2019 – V.16.57 applications were crashed when Vera 3.18.x is installed on Mac. This issue is fixed for all Vera supported OS X versions.

  • Fixed an issue where securing a large file failed using Veracmd.

  • Fixed an issue where TAD Vera client (3.17) service stopped from time to time with the "Event 1000, application error" message on the Windows application logs and caused the key syncing to stop.

  • Fixed an issue where now admin has the option not to show the login button on the download page if User portal access is disabled.

  • Fixed an issue where the error messages provided too much information when you log in to the Vera portal.

  • Fixed an issue to merge the duplicate users and now the user count matches the export count.

  • Fixed an issue that was related to npm install/npm build that did not remove the files properly.

December 2021

Version 3.18.3

December 2021

Updates

  • Updated Apache Log4j2 version to 2.17.0 (NVD-CVE-2021-44228 and CVE-2021-45105 (nist.gov)).

Version 3.18.2

December 2021

Fixes

  • Added fixes to the Vera Infrastructure to address the zero-day vulnerability related to Apache Log4j2 (NVD - CVE-2021-44228 (nist.gov)).

November 2021

Version 3.18.1

November 2021

Updates

  • Vera announces the support for PDF files rendered in OnlyOffice, so the PDF files will not use the PDFJS add-in when enabled; instead, the PDF files will go to the OnlyOffice cluster for rendering. This option can be turned on in Settings by the administrator.

  • Vera announces the support for Android 64 bit, Android 10, and Android 11. The Android Vera app is available on Google Play Store.

  • Vera announces the support for the recent Apple Monterey (Mac) and iOS 15.

  • Vera announces the support for Windows 11.

  • Vera announces the support for User Authentication through Ping MFA. Administrators can configure Ping through the Auth Rules window on the portal. Current support is for Authentication through the Primary Device in Ping.

Fixes

  • Fixed an issue where the Apple Mail returned an "Incompatible plug-ins disabled" error while enabling Vera mail bundle in the Monterey release. The Vera Mail bundle is enabled and the user can secure the file using the Vera plugin.

October 2021

Version 3.18.0

October 2021

New Features

  • Vera has now added the ability to view secured .msg files in browser flow (VIB) as PDF’s. Following attachment types will be rendered along with the email body - .pdf, .docx, .doc, .xlsx., xls, .ppt, .pptx.

NOTE: Admin must log into the Vera portal and enable viewing of secured .msg files in "Enable Browser Viewing" under general settings to allow the opening of these files in VIB.
NOTE: If using On prem FCC or On prem FSC setup, these will also need to be upgraded by admin to the latest version (3.18.0).
NOTE: .msg files secured before the 3.18 release will continue to be treated as Access Control files. Users will have to unsecure and re-secure these files to upgrade their protection for access control to DLP.

  • Vera announces the support for most recent versions of the Apple iOS 14.5, 14.6, and 14.7.

  • Vera provides an option to select a specific PING ID when multiple secure options are available.

  • Vera enables Administrators to manage k8s clusters for GFCC connectors validation and deployment.

  • Vera now supports short-lived access tokens that are valid for 4 hours. The administrators are requested to re-authenticate their Dropbox share for this to take effect. From September 2021, Dropbox will retire the creation of long-lived access tokens and will introduce the new short-lived access tokens.

  • Vera introduces an event log for unauthorized users trying to access a Vera secured file. Whenever an unauthorized user tries to open a Vera secured file, the event log will be updated with a log.

  • Create New Users on invitation - This setting will create new users in the Vera system when they are invited to collaborate on documents through Box, instead of waiting until they accept the invitation. This setting applies for new Box users only when the Box Share is configured to scan All Folders.

NOTE: Connector is required to enable the "Create New Users" feature.
Security Updates

  • Vera has restricted the HTTP endpoint so that it can only open files with the Vera solution.

NOTE: Each Vera.exe instance owns a local-host HTTP server that is responsible for opening the locally secured files. When a secured file is opened, the encrypted HTML version is opened via the browser, and then an HTTP request is issued. However, it was observed that this HTTP request can be used to open any file, not just those previously secured by Vera. To avoid any possible attack, Vera has restricted the HTTP endpoint.

  • To avoid XSS attacks, all user inputs will be sanitized before being returned to the user. All special characters (such as < > " ' &) will be converted into their corresponding HTML escape characters. Also, all user-provided data will be subject to input validation (such as numeric, date, and alphanumeric).

  • Vera has taken the following steps to prevent the Server-Side Request Forgery attack:

  • The application will be reviewed to check which function the value is passing.

  • Forbid any reverse call from the server, except the AllowListed hosts or IPs.

 
Fixes

  • Fixed an issue which allows the user can to unsecure a file with "Maintain Original Owner" Saving Policy after multiple Save/Save As operations. This fix was related to an issue with UI automation.

  • Fixed an issue where the Windows Outlook pop-up asking to select policy is shown even if the recipient has access to the secure attachment.

  • Fixed an issue where the TAD Server Windows client keeps crashing.

  • Fixed an issue where the Windows Outlook Share Info feature was broken.

  • Fixed an issue where the Veraadminservice.exe was crashing.

  • Fixed an issue where the custom install location feature was not working in the Windows client installer.

August 2021

Version 3.17.1

August 2021

New Features

  • Vera has introduced the image zoom-in and zoom-out options in the browser mode without compromising the image quality. Supported file types are .bmp, .jpg, .jpeg, and png.

  • Vera has introduced how to install Windows Vera in a custom location.

  • Vera now supports short-lived access tokens that are valid for 4 hours. The administrators are requested to re-authenticate their Dropbox share for this to take effect. From September 2021, Dropbox will retire the creation of long-lived access tokens and will introduce the new short-lived access tokens.

  • Vera introduces an event log for unauthorized users trying to access a Vera secured file. Whenever an unauthorized user tries to open a Vera secured file, the event log will be updated with a log.

Security Updates

  • Vera has restricted the HTTP endpoint so that it can only open files with the Vera solution.

NOTE: Each Vera.exe instance owns a local-host HTTP server that is responsible for opening the locally secured files. When a secured file is opened, the encrypted HTML version is opened via the browser, and then an HTTP request is issued. However, it was observed that this HTTP request can be used to open any file, not just those previously secured by Vera. To avoid any possible attack, Vera has restricted the HTTP endpoint.

  • To avoid XSS attacks, all user inputs will be sanitized before being returned to the user. All special characters (such as < > " ' &) will be converted into their corresponding HTML escape characters. Also, all user-provided data will be subject to input validation (such as numeric, date, and alphanumeric).

  • Vera has taken the following steps to prevent the Server-Side Request Forgery attack:

  • The application will be reviewed to check which function the value is passing.

  • Forbid any reverse call from the server, except the AllowListed hosts or IPs.

 
Fixes

  • Fixed an issue where the Vera application would fail to open or crash on launch after the recent iOS upgrades. This issue was encountered in iOS 14.5, 14.6, and 14.7.

  • Fixed an issue where the user was unable to copy from a Vera secured Word, PowerPoint, or Excel file in the protected view and paste the data in the regular view file even if the copy-paste policy was enabled.

  • Fixed an issue where the user was unable to open a Vera secured file that was created using MS Office suite 97/2000/2003.

  • Fixed an issue where the data leak was happening from the MS Office clipboard, even with the copy policy disabled or enabled only between the secured files.

  • Fixed an issue where the Adobe Acrobat and Reader were crashing when the user was trying the snapshot option with copy policy disabled for the secured file.

  • Fixed an issue where the user was receiving an error message “Error opening file. Please try to open it again” when clicking on any link after a search in WinOS.

June 2021

Version 3.17.0

June 2021

New Features

  • Vera has introduced the image zoom-in and zoom-out options in the browser mode without compromising the image quality. Supported file types are .bmp, .jpg, .jpeg, and png.

  • Vera now supports short-lived access tokens that are valid for 4 hours. The administrators are requested to re-authenticate their Dropbox share for this to take effect. From September 2021, Dropbox will retire the creation of long-lived access tokens and will introduce the new short-lived access tokens.

  • Vera introduces an event log for unauthorized users trying to access a Vera secured file. Whenever an unauthorized user tries to open a Vera secured file, the event log will be updated with a log.

Security Updates

  • Vera has restricted the HTTP endpoint so that it can only open files with the Vera solution.

NOTE: Each Vera.exe instance owns a local-host HTTP server that is responsible for opening the locally secured files. When a secured file is opened, the encrypted HTML version is opened via the browser, and then an HTTP request is issued. However, it was observed that this HTTP request can be used to open any file, not just those previously secured by Vera. To avoid any possible attack, Vera has restricted the HTTP endpoint.

  • To avoid XSS attacks, all user inputs will be sanitized before being returned to the user. All special characters (such as < > " ' &) will be converted into their corresponding HTML escape characters. Also, all user-provided data will be subject to input validation (such as numeric, date, and alphanumeric).

  • Vera has taken the following steps to prevent the Server-Side Request Forgery attack:

  • The application will be reviewed to check which function the value is passing.

  • Forbid any reverse call from the server, except the AllowListed hosts or IPs.

 
Fixes

  • Fixed an issue where the user was unable to copy from a Vera secured Word, PowerPoint, or Excel file in the protected view and paste the data in the regular view file if the copy policy was enabled.

  • Fixed an issue where the user was unable to open a Vera secured file that was created using MS Office suite 97/2000/2003.

  • Fixed an issue where the data leak was happening from the MS Office clipboard, even with the copy policy disabled or enabled only between the secured files.

  • Fixed an issue where the Adobe Acrobat and Reader were crashing when the user was trying the snapshot option with copy policy disabled for the secured file.

  • Fixed an issue where the user was receiving an error message “Error opening file. Please try to open it again” when clicking on any link after a search in WinOS.

April 2021

Version 3.16.0

April 2021

New Features

  • Vera has introduced the new end-user help portal. The end-users can navigate to the newly introduced help portal to have access to end-user-relevant documents, multimedia, and some new features that were unavailable in the legacy (admin) help portal.

  • Vera has introduced a flag to allow permission sync in SharePoint when a file is uploaded by a collaborator. Previously, this permission sync occurred only when the owner of the file uploaded it.

  • Vera has introduced a "View in Browser" permission. Now the administrators can restrict the users from viewing any file in the browser mode.

Updates

  • Vera extends its support for Apple M1 on macOS with Rosetta mode. To enable this support, users have to force all the supported universal applications that are being used with Vera secured files to run under Rosetta emulation instead of natively. For more information, go to Vera Admin Portal > Knowledge Base Articles > How to force universal Mac applications to run under the Rosetta emulation instead of native emulation?

  • Vera extends its support for Microsoft Office 365 groups. For more information, go to Vera Admin Portal > Technical Guides > Microsoft O365 Group Integration Guide.

  • Vera now supports a custom KEYSTORE location option so that the administrators can store the list of access keys at a customized location. For more information, go to Vera Admin Portal > Technical Guides > Total Access Device Support for Vera Client.

  • Vera announces the end of support for macOS 10.13 with the Vera release 3.16.0.

 
Fixes

  • Fixed a security issue of possible Cross-Site Scripting (XSS) vulnerability in the activity log page. This issue has been fixed by using the following changes:

  • Always encode untrusted data (all parameters which are submitted to the server and then stored in the database or rendered as part of the web page) before including it in web pages.

  • HTML encoding must target the following characters: ' (single quote), " (double quote), > (greater than), < (lesser than), & (ampersand), / (forward slash) and \ (backslash).

    NOTE: This is context-dependent.

  • (WinOS) Fixed an issue where the user tried to copy content from a Vera secure file with copy disallowed to another Vera secured file, the copy was blocked but the user was seeing a “Word has encountered a problem” error.

  • (WinOS) Fixed an issue where the data leak was observed when using the translator option and copying the data to OneNote.

  • (WinOS) Fixed an issue where the Adobe Acrobat was crashing when the user was performing the Redact operation.

  • (WinOS) Fixed an issue where the user was using the look-up feature on Adobe Acrobat with selected words, the dictionary.com was opening and making selected words available for copying.

  • (WinOS) Fixed an issue where the users were getting a data leak issue when opening the file as a recipient using the clipboard option in normal view on a Microsoft Excel, Word, or PowerPoint file. Users were able to copy-paste content from the secured file even if the copy-paste policy was disabled.

  • Fixed an issue where the Vera secured files stored in Box or Dropbox with a PDF link functionality enabled were opening in the browser mode even when the particular file type was disabled from the "Enable Browser Viewing" option.

  • Fixed an issue where permission syncing was not working in a few cases where there were too many entries in the Cloud Storage folder.

  • Fixed an issue where the "Permanently delete unsecure file", "Place unsecure file in recycle bin", and "Retain metadata" headings were inconsistent for different shares like SMB, Box, Dropbox, and SharePoint.

  • Fixed an issue where the user was uploading the secure file from SMB to the SharePoint folder, sometimes the permissions from SMB and SharePoint were getting merged, but sometimes they were not getting merged.

  • Fixed an issue where certain assets in the application do not enforce the use of TLS/SSL to encrypt traffic over the network.

  • Fixed the following customer-reported tickets:

    • Fixed an issue where the mail merge option in Microsoft Word was not working with the Vera client installed.

    • Fixed an issue where the existing user’s access was getting revoked when a new user was granted access.

    • Fixed an issue where the AD Connector Membership Sync was not working when the gateway URL had a double backslash in the URL.

March 2021

Version 3.15.0

March 2021

New Features

  • Vera now provides a link to the terms of use and privacy policy in the sidebar of the Vera portal. The values are configurable in the administrator’s settings in the Branding section.

Updates

  • Vera extends its support for Adobe Acrobat DC version 21.001.20135 on macOS and Windows operating systems.

  • Vera extends its support for Adobe Acrobat Reader version 21.001.20135 on Windows operating systems.

  • Vera announces the end of support for macOS 10.13 with the Vera release 3.16.0.

 
Fixes

  • Fixed the following security issues:

    • Cross-Site Scripting (XSS) attacks using the username prevention and stored documents. Vera has initiated a white list policy, all the received user’s inputs are now sanitized before returning it to the user. All special characters (such as < > " ' &) will be converted into their corresponding HTML escape characters. Also, all user-provided data will be subject to input validation (such as numeric, date, and alphanumeric).

    • Certain fields were missing values for a few audit records; now the audit logs will capture Username, User email ID, Policy name, EnforcePolicyInfo, and RuleName.

  • Fixed an issue of the customer error pages. Vera now displays the custom error pages with the error codes.

  • Fixed an issue of audit search confusing and unintuitive. When customers conducted a generic audit search in the administrator portal, Vera occasionally brought up unrelated search results because diagnostic fields in the records were added to the search results.

  • Fixed an issue where the user was creating a subfolder in a Vera-secured folder in OneDrive and moving it to a new share location and ACEs, the shared processor was getting removed and started again.

  • Fixed the JS Add-in Trust Certificate issue where if the user has skipped or canceled the trust certificate settings pop-up while using the Outlook JS add-in option, then they can change the settings by following the steps mentioned in the error message.

  • Fixed an issue CVE (CVE-2021-3156) in Sudo-1.8.23-10.el7_9.1.x86_64.

  • Fixed the following customer-reported tickets:

    • Fixed an issue where the user was opening a .tiff orientation 6 file in the browser mode and it was showing as a mirror image of the original image.

    • Fixed an issue where the file owner was setting the forwarding policy as positive and sending the file to a recipient, the recipient was not getting the file forwarding option.

    • Fixed an issue where the Vera help page would display an AWS error message on the home search bar.

    • Fixed an issue where some authorized users were unable to work with Vera clients and were getting stuck at the authentication page.

    • Fixed an issue where the users were getting an error “There was an error opening the document. This file cannot be found”. This issue was seen with Adobe version 20.013.20074.

    • Vera has made changes to mitigate the Slowloris vulnerability.

    • Fixed an issue where few users were seeing an error message "File not found" while opening files from MS Visio from SMB. This issue was found with client version 3.9, Windows 10, and Visio Standard 2016-version 2010.

    • Updated the activity log display in the user detail page with a focus on recent events.

January 2021

Version 3.14.0

January 2021

New Features

  • Vera announces support for the following operating systems:

    • iOS 14

    • Connectors CentOS 7.9 and RedHat 7.9

  • Vera has created a lockout system called Brute-Force Attack Protection where if the user has attempted an incorrect password multiple times, then the user will be locked for a period of 1 minute, and progressively increasing as incorrect attempts continue. For more information, refer to "Brute-Force Attack Protection" technical guide from the Vera admin portal.

  • Vera extends its support for Server Message Block (SMB) with the Vera-Symantec Integration. If a secured file is uploaded to the SMB folder, the File Share connector correctly updates the document with the SMB share location and Access Controls Entries (ACEs) sourced from the SMB folder.

Updates

  • Vera announces end of the support for the following operating systems and applications with the 3.14.0 release:

    • Operating Systems: iOS 11 and Windows 7

    • Applications: Microsoft Office 2010 (Windows) and Microsoft Office 2016 (Mac)

  • Security Updates:

    • Vera has disabled access to the application.wadl to restrict information about the Vera API to possible attackers. For any questions or concerns regarding the Vera API and/or Vera SDK, please contact support.

    • Vera has developed a solution to prevent user enumeration that will reduce the chance of information leakage. Following are the different scenarios:

      • If email authentication is configured and its authentication flow is selected, Vera sends an email to authenticate a new user.

      • If email authentication is not configured, then Vera sends an email_auth as the auth flow to the UI but does not send an actual email.

    • Vera has improved the security of the web portal by restricting the scope and usage of the cookies used by the help option to prevent a Cross-Site Request Forgery (CSRF) brute-force attack.

    • Vera has added an HttpOnly flag to the help portal page cookies to prevent any data leaks or a brute-force attack.

Fixes

  • With a Vera-secured file, users with the Adobe Acrobat application cannot combine the file with another as per the policy and it used to display the incorrect error message "Could not be added to the list because it doesn't exist". This error message has been updated to display "Operation is disabled by the policy".

  • Vera has updated the event logs that were created during a role change for a user. An improved display of audit events when the new role is assigned will also be displayed in the audit event.

 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where the matching rule for the folder had additional filename criteria if the folder rename event was not handled properly.

    • Fixed an issue where the .tif files were unable to open in the browser.

    • Fixed an issue where a user creates and provides access to a secured file to another user, and it opens as an unsecured file and stores it as an unsecured copy in OneDrive.

    • Fixed an issue where users were unable to install the Vera client on iPad.

December 2020

Version 3.13.0

December 2020

New Features

  • This Vera release adds support for Symantec DLP integrations in the Vera client and service. Customers must first obtain and install the Vera Security Automation (VSA) for DLP - Symantec edition in order to use these functionalities. The following are the supported Symantec versions:

    • 15.5

    • 15.7

  • Vera has integrated with the SDK application (a reliable set of APIs provided by the application provider) to identify in-app workflows and enforce policy. This new approach enhances reliability and stability as compared to earlier.

  • Vera now supports the Export from Workspace option in Windchill. Files exported from Windchill using this option will be exported as secured files.

  • Vera now supports animated GIFs with a View in Browser mode.

  • Vera has increased the size of files for and View in Browser and Edit in Browser modes in OnlyOffice.

Enhancements

  • The Vera integration with SharePoint Cloud is now possible with the Azure AD application. With this, the creation of a SharePoint cloud is very simple since it removes the need to register and manually upload the Vera SharePoint add-in app. The Azure application is tenant-scoped.

  • Added an advanced setting using a JSON snippet to enable or disable advanced features.

NOTE: A JSON snippet will be provided by Vera and should be used with Vera's consultation.

  • User will be prompted to follow steps to download and open the secured file in the supported application (Box and Dropbox).

NOTE: The old secured files will continue to show the old message.
Updates

  • Vera extends its support for macOS Big Sur.

  • Vera extends its support for .jt file type on Creo and Windchill.

  • Vera announces end of the support for the following operating system and application with the 3.13.0 release:

    • Operating System: iOS 10

    • Applications: Adobe Acrobat and Adobe Reader 2015 (Mac)

  • Vera announces end of the support for the following operating system and application with the 3.14.0 release:

    • Operating System: iOS 11 and Windows 7

    • Applications: Microsoft Office 2010 (Windows) and Office 2016 (Mac)

Fixes

  • macOS Big Sur:

    • Fixed an issue where multiple Vera finder extension processes were running in the background with macOS Big Sur.

    • Fixed an issue with the Vera preview of a PDF file on BigSur Beta10 using Vera client version 3.12.0.

    • Fixed an issue where Vera QTP Save and ExportAs operations were failing.

    • Fixed an issue where Vera Preview save operation was failing.

    • Fixed an issue where the recent file list is presented as empty even after accessing multiple files.

 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where there was an inconsistency with Vera version deprecations on Windows and Mac client versions.

    • Fixed an issue where some of the older Vera-secured files were not working.

    • Fixed an issue where document owners were unable to grant additional access because the email ID or username was case-sensitive.

November 2020

Version 3.12.0

November 2020

Updates

  • Vera announces end of the support for the following operating system and application with the 3.13.0 release:

    • Operating System: iOS 10

    • Applications: Adobe Acrobat and Adobe Reader 2015 (Mac)

Fixes

  • macOS Big Sur

    • Fixed an issue where the user can copy and paste the secured image by using the copy-and-paste option from the Edit menu.

    • Fixed an issue where the user could use the share option for a secured image even though the option was disabled.

    • Fixed an issue where the user could use the share option for a secured video even though the option was disabled.

    • Fixed an issue where the video application was crashing while accessing a secured video.

    • Fixed an issue where the Vera notification window does not show the Vera logo when the Vera application is installed.

    • Fixed an issue where the user could export an unsecured copy of a file when opening a Vera-secured Adobe Illustrator file.

    • Fixed an issue where when a user is signed out of the Vera client and opens a new MS Word document to make changes, the user receives a "Session Expired" notice when selecting any tab from the Insert menu in the Big Sur version of macOS.

    • Fixed an issue where the user could get an unsecured copy of the secured MS Office file when the file is saved to OneDrive.

    • Fixed an issue where the application stops responding when the user clicks Save from the File menu.

 

October 2020

Version 3.11.0

October 2020

New Features

  • Vera’s security has been extended to support the macOS Big Sur beta 9 version with release 3.11.0. Vera will continue to validate 3.11 against newer versions of Big Sur beta and GA.

  • Vera has added the user’s email ID to the exported user's list CSV file to ensure a better auditing experience.

  • Vera has updated to ensure the document opens in VIB mode by default with this release. Users can click the Edit icon to edit the document, and the changes are applicable for doc, docx, ppt, pptx, xls, and xlsx.

Fixes

  • Security Fixes

    • Fixed several security vulnerabilities in the portal flagged by scanning tools and updated JavaScript libraries to address security vulnerabilities found via scans.

  • Miscellaneous Fixes

    • Fixed sorting issues by adding new indexes "tenantID + time + docName” and “tenantID + time + author”, thereby improving the performance of the My Files page on the admin portal.

    • Fixed an issue where users were facing difficulties while granting access to a requestor using the Internet Explorer browser.

  • Customer-Reported Fixes

    • Fixed an issue of excessive advertisement queries from ADC.

    • Fixed an issue where files were forwarded to Vera Email Connector to be unprotected before to distribution if users were using both mail and key connectors.

    • Fixed an issue where, after updating a Vera-secured file that is placed in Box, a duplicate file with the user’s email ID was created after saving the changes.

    • Fixed an issue where users can copy the secured PNG file to the unsecured PowerPoint file.

    • Domain checks for cross-origin requests have been added to improve security.

 

August 2020

Version 3.10.0

August 2020

New Features

  • Vera has added JavaScript-based add-in support for Microsoft Outlook 2019 and Office 365. The add-in enhancement includes the following features:

    • Secure attachments and manage access.

    • Manage the re-sharing of secured files.

    • Grant time-based access.

    • Allow the unsecured attachments.

    • Support for email rules.

    NOTE: The JavaScript add-in is currently available only for macOS and is not relevant for other platforms. To learn more about integration, usage, and maintenance, go to the Vera Add-in for the Microsoft Outlook 2019 and Office 365 guide.

  • Vera has added support for Vera-hosted and on-prem connectors to the CentOS 7.8 operating system. The connector upgrade step (Vera appliance upgrade) before 3.10.0 would update only the Vera RPMs. Starting with release 3.10.0, the upgrade step will also upgrade the connector instance’s operating system.

  • Vera has added support for Adobe Acrobat Pro 2020 on macOS. This support has been added only to OS X 10.14 and OS X 10.15.

  • Vera has added support for the Autodesk DWG TrueView 2019 application on Windows 10.

  • Vera has added key sync and SOLR alerts on the DR environment.

  • Vera has added the Rule Disable button on the Vera tenant.

  • Vera has increased the search bar's character size to 70 for more convenience when searching for long file names.

Enhancements

  • Improved watermark on the dark background that was not visible properly.

  • Added the following new fields to the exported audit logs:

    • userEmail, ruleName, tenantName, tagName, targetResourceName, policyName, and targetResourceId.

  • Administrators can add or remove a user from various groups with a single file upload.

Fixes

  • Security Fixes

    • Fixed a potential Path-Relative Style Sheet Import (PRSSI) vulnerability from the VIB and EIB paths.

    • Vera no longer allows the uploading of SVG files as logos because of the potential for Cross-Site Scripting (XSS) vulnerabilities. The supported file types are JPG, PNG, and GIF.

    • Fixed an issue of an HTML injection vulnerability that was identified on the web application.

    • Fixed the Ghostcat Vulnerability, where it was found that port 8009 was enabled even after being disabled and given a workaround.

  • Miscellaneous Fixes

    • Fixed an issue where connectors would send many connector up/down alert emails.

    • Fixed an issue where customers were facing delayed silent client updates during the 3.9.0 release.

    • Fixed an issue where the file open event was not recorded in the Internet Explorer 11.

    • Fixed an issue of Connector GUI spinning.

 

July 2020

Version 3.9.0

July 2020

New Features

  • Vera has added a mandatory client secret expiration date for OneDrive and SharePoint.

  • Vera has updated the group page that supports paginated lists with search support.

  • Vera now supports Internet Explorer 11 as a web viewer for the Vera client authentication page in release 3.9.0.

  • The client secret for SharePoint Online and OneDrive can now be updated from the portal UI. If the share was marked Pending due to an expired secret, it will be moved to the Verified state after updating the secret.

Enhancements

  • Vera has added improvements for OneDrive on macOS that allow customers to open a Vera-secured MS Office file, save the changes made, and use Save As to create a new file.

  • FSC group sync performance has been improved by reducing the number of calls to the external storage provider as well as to the Vera cloud, thereby reducing the time to respond to group changes.

  • Improved site security by adding the following headers:

    • Referrer-Policy

    • HTTP-Strict-Transport-Security

    • X-XSS-Protection

Fixes

  • Fixed CSV injection vulnerabilities in User and File Export reports.

  • Fixed an issue with the recreate API connection in case of token expiration during Box event processing.

  • Fixed permission-checking vulnerabilities during server API calls.

  • Fixed an issue of a blank screen while selecting a secured file on OneDrive.

  • Fixed an issue where the document with a view-only policy does not show a watermark as expected during Flattener Preview.

  • Fixed an issue where the Microsoft PowerPoint application does not show a watermark while running a slide show with a protected view.

  • Fixed an issue where the deleted files were showing up in the CSV report.

  • Fixed an issue where multiple identical membership sync requests in ADC are de-duped.

 

May 2020

Version 3.8.0

May 2020

New Features

  • Vera has added support for .tif and .tiff file types that can be viewed in web browsers using Vera's View in Browser (VIB) feature.

  • Vera has introduced a new option to download the list of secured files from the portal, and the files are available in CSV format.

Updates

  • Vera announces the end of support for Internet Explorer 10 as the web viewer for the Vera client authentication page and will start emulating Internet Explorer 11 after release 3.9.0.

  • Vera announces the end of support for macOS Sierra v10.12.

Critical Notices

  • On Windows OS, users updating to the most recent version of the Vera client (Version 3.7.0) may get a warning window suggesting Vera as an unrecognized software. The warning message appears because Windows Defender Smartscreen has not yet trusted our client version 3.7.0 because it was signed with a new code signing certificate. Users can click Run anyway to download the latest version of our client.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where the previous version of the Vera 64-bit SharePoint add-in is not getting uninstalled if the user tries to update to the latest version of the add-in.

    • Fixed an issue where the Vera client (Windows) auto-protect doesn't work with the latest DropBox client v89.4.278.

    • Fixed an issue where only 75% or less of the page was visible if the user tried to open a secure file in the browser flow and print it.

    • Fixed an issue where changing the time zone completely changed dashboard results in the portal.

    • Fixed an issue where if the recipient of the secured files tries to perform a save-as operation on an existing file after making edits on Office 2013 and O365, then the file opens as an unsecured file.

    • Fixed an issue where, for SMB groups, when the group gets renamed in AD, the name change is not being updated in Vera Cloud, and hence file access permissions are not being updated for the group.

    • Fixed an issue where File Secured/Accessed stats from February get updated to January.

    • Fixed an issue where a user who is in the SharePoint site's owners group is not getting synced into the Vera group for that site's owners. Due to this, the user is not able to unsecure the file.

    • Fixed an issue where the Vera client secures a file as part of Share (Box, Dropbox, or OneDrive) client integration. The connector gets the event, and instead of just updating ACLs on the file, it is re-securing the file.

    • Fixed an issue where, when selecting a user from the Alerts and Notifications section in the admin dashboard, the URL is malformed and results in an error.

    • Fixed an issue where, when a user uses Internet Explorer to open a protected file from SharePoint, it does not invoke the Vera IE add-in and the file doesn't open in the native Office application. Instead, they are taken to the "this document is protected" page with the link to download the client.

    • Fixed an issue where the user is not able to open secured text and CSV files less than 4 KB on a Windows machine.

    • Fixed an issue where the access records update considered only the first page while processing policy deletion.

    • Fixed an issue where opening a secured PDF file (with screen capture policy disabled) and an unsecured PDF file at the same time prevents screen capture and sharing for the unsecured file as well.

    • Fixed an issue where the VKC upgrade failed for some customers because of an error in the underlying SSH key rotation.

Potential Security Vulnerability

  • The X-Frame-Options-Frame-Options must be set to disallow framing by external sites.

  • Special characters in exported Audit Log CSV files should be escaped to prevent attacks on downstream ingestion systems.

April 2020

Version 3.7.0

April 2020

Updates

  • Vera announces that .tif and .tiff are now fully supported DLP file types on Windows Photo Viewer.

  • Vera announces the end of support for macOS Sierra v10.12.

Critical Notices

  • On Windows OS, users updating to the most recent version of the Vera client (Version 3.7.0) may get a warning window suggesting Vera as an unrecognized software. The warning message appears because Windows Defender Smartscreen has not yet trusted our client version 3.7.0 because it was signed with a new code signing certificate. Users can click Run anyway to download the latest version of our client.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where memory is not released after Vera tagging fails for a corrupted file.

    • Fixed an issue where clicking the Download Logs button in the Admin Portal failed.

    • Fixed an issue where admins receive an email indicating that the SharePoint share needs to be re-authenticated in the Vera Admin Portal because the auth token is not auto-refreshing. Sometimes the admin needs to re-create the share to re-establish the connection with SharePoint.

    • Fixed an issue where MacOS users can bypass all policy setting restrictions (screenshot, print, copy/paste, and edit) on files located in a OneDrive folder.

    • Fixed an issue where Adobe Illustrator users (2019 and 2020) can drag and drop content from a secure file when that feature has been disabled.

    • Fixed an issue where saving an Adobe Illustrator 2020 file larger than 30MB leaves the file unsecured.

    • Fixed an issue where authors were unable to select a policy when granting access to a universal shim file from pending requests.

    • Fixed an issue where disabled AD users were not removed from AD groups, which confuses whether membership sync is working correctly.

    • Fixed an issue where Dropbox files were not getting secured consistently using Shares.

    • Fixed an issue where users can open unsupported secured file types in Illustrator 2019 and 2020. Only secured.ai files should open in Illustrator.

    • Fixed an issue where renamed AD group names were not updated on the Group Details page in the Vera Admin Portal.

    • Fixed an issue where only 75% or less of the page was visible if the user tried to open a secure file in the browser flow and print it.

February 2020

Version 3.6.0

February 2020

Updates

  • Vera announces the end of support for macOS EI Capitan v10.11.

  • Adobe has introduced a change in their latest version of Acrobat Reader that can cause users to be unable to open Vera-protected Adobe files. Because this is being pushed out as an automatic update, many users will not know that their version of Adobe has been updated. Vera has a fix for this issue included in the 3.6.0 release. For users who are unable to update their Vera client for any reason, we recommend they drag and drop the Vera-protected PDF into a web browser, and Vera will open the file via the web viewer.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where an unsecured copy of a secured file can be extracted via the Save As operation if the user tries to close the application while both the secured and unsecured files are open.

    • Fixed an issue where an unsecured copy of a secured file can be extracted by creating a new template from a secured file using the New From Template option.

    • Fixed an issue where an unsecured copy of a secured file can be extracted by sharing a PDF file from the Acrobat application via Web mail.

    • Fixed an issue where, when opening a PowerPoint [unsecured] attachment from Outlook, PowerPoint launches and gets stuck at the splash screen.

    • Fixed an issue where disabling a user does not result in a prompt to transfer file ownership.

    • Fixed an issue where a secured file fails to open after a client upgrade unless the user restarts the Vera client.

    • Fixed an issue where migrating from an on-premise File Conversion Connector to a hosted File Conversion Connector disables the Edit in Browser feature.

    • Fixed an issue where secured file contents can be copied into an unsecured file using the Place command in Illustrator, regardless of whether the Copy/Paste policy is enabled.

    • Fixed an issue where the author of a .txt file is unable to open the file after securing it.

    • Fixed an issue where MS Word users (Mac High Sierra) sometimes lose data while working on a secure Word file in a folder in Box.

    • Fixed an issue where new distribution lists take too long to populate users on the Vera tenant.

    • Fixed an issue where the admin portal allows import of a distribution list or group whose name contains a space but attempts to grant access to that group fail on the Vera Client.

December 2019

Version 3.5.0

December 2019

New Features

  • Vera has updated Access Management for copied files in SharePoint/OneDrive. This update makes the behavior of the SharePoint integration consistent with the behavior of the Box and Dropbox integrations.

  • Vera users can now update partner tags for unchanged documents.

Enhancements

  • The Vera audit log has been enhanced to include partner tagging errors.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where users having PowerPoint 2016 and OS X 10.13 were unnecessarily prompted to enable access and restart PowerPoint. This notification is intended for OS X 10.14 users only.

    • Fixed an issue where attempts to modify and check a Vera-secured file back into Windchill caused the Vera client to exit unexpectedly.

    • Fixed an issue where policy restrictions for Vera-secured PowerPoint files are shown for unsecured files having similar names.

    • Fixed an issue where some users have observed frequent errors when opening Vera-secured Solidworks files.

    • Fixed an issue where SSO implementations that incorporate boomerang have been shown to produce login problems for certain Vera users.

    • Fixed an issue where using the SDK to secure a file in a Share folder resulted in a secured original and a duplicate file.

    • Fixed an issue where many administrators have failed to include the leading forward slash (/) when configuring a shared folder, resulting in failure to secure files as expected. To address this issue, the required syntax has been changed to eliminate the need for the forward slash.

    • Fixed an issue where some users have received timeout errors when attempting to save rules.

November 2019

Version 3.4.0

November 2019

Updates

  • Version 3.4.0 has broken the silent updating feature for macOS clients. When updating to version 136 or later, customers using the silent update feature will observe that their users must approve the upgrade. However, once they have updated to version 136 or later, the silent update feature will function as intended once again. Keep in mind that the user should only experience this if they have secure files open at the moment of the update; otherwise, the upgrade should proceed smoothly.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where the watermark disappeared on the browser if the image was saved with 16-bit color or less.

    • Fixed an issue where RCA/AD and File Connector failed to upgrade to 3.3.1 to the latest Connector Version.

    • Fixed an issue where Box Share goes into a bad state immediately after re-authentication.

    • Fixed an issue where CREO is hanging when the latest version of Vera (134) is installed.

    • Fixed the crashing issue related to tagging.

    • Fixed an issue where MAC was unable to give access to groups from Save As.

    • Fixed an issue where the Group Auto Populate list UI on Windows is distorted and the user is unable to select a group.

    • Fixed an issue where the Vera client does not secure files from Save As when assigning permissions to an AD group on Windows.

    • Fixed an issue where the Mail Rule caused an intermittent "Office Add-In is Unavailable" exception.

    • Fixed an issue where server error 0 was displayed when leaving a secure file opened in the MS Office application for a long time.

    • Fixed an issue where new secure files overwrite old secure files with the same name in local folders on Windows.

October 2019

Version 3.3.0

October 2019

New Features

  • Vera has added the "None" option for the email connector encryption.

  • Vera now allows users using the Vera SharePoint browser extension to open a file from Version History directly with the Vera client.

Enhancements

  • Vera has updated the number of days a user is considered “Active” from a rolling 30-day period to a rolling 90-day period.

  • Vera now requires users to open a secure file at least once on their device before they can access the file offline. However, if the user has encrypted search enabled on their device, Vera will identify any secure files on the device and sync keys for those files, regardless of whether the user has already accessed them.

  • Vera client users will be able to leverage the Box plug-in to upload unsecure files, but they will not be able to use this feature with secure files.

  • The Vera admin has the option to either disable and allow the disabled user to keep ownership of the file, or to just deactivate and transfer ownership. The user will no longer be able to access their own files or allow other users to access them while they are disabled.

Updates

  • Vera announces the end of support for 32-bit Applications on the macOS platform.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue of disabling users from the connector.

    • Fixed an issue of upgrade of ISPN on JDK8.

    • Fixed an issue with mail queuing on the mail connectors after upgrading to 3.2.0.

    • Fixed an issue with the Vera client login screen.

    • Fixed an issue with the local folder rule-securing.

    • Fixed an issue with opening the Access Control file.

    • Fixed an issue with Microsoft Protect View on 131 clients.

    • Fixed the egress issue in Microsoft Word.

    • Fixed an issue with groups being created.

August 2019

Version 3.2.0

August 2019

IMPORTANT: With this release, Vera is moving to a new versioning scheme to decouple product versioning from internal development cycles. The product (admin portal and connectors) will reflect the new versioning scheme in the next major release.
New Features

  • Vera administrators can now hide the Files Shared with Me tab in the Vera end-user portal.

  • The Vera administrator is now prompted to assign a new policy at the time of deleting an old policy. If there are no files associated with the given policy, then the policy selection prompt is bypassed.

  • SharePoint and OneDrive now support the ability to exclude sub-folders.

  • Vera now supports Save As workflows to the OneDrive folder locations.

Enhancements

  • Vera has added the ability to hide the Average View Time and Number of Times Accessed values (the value will be converted to 0’s for all files) from the file details page on the User Portal.

  • Vera has changed the Vera Email Connector outbound sending protocol to use STARTTLS. This will not impact any existing customers, but upon upgrading to version 3.2.0 or higher, Email Connectors will start using TLS if the receiving server supports TLS by broadcasting STARTTLS.

  • Linux SDK now has parity with all the other versions of the SDK.

  • Vera has improved the security of the connectors by no longer indicating a username is not correct upon a failed login attempt.

  • Vera has enhanced all Connector alerts by including the Connector IP and hostname.

Updates

  • Vera announces the end of support for 32-bit Applications on the macOS platform.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where policies were unable to be renamed to their original names.

    • Fixed an issue where users are getting imported from SMB to Vera and are not populating the correct user name.

    • Fixed an issue where the Gear icon was missing on the SDK application page.

    • Fixed an issue where an MS Office file opened in protected view allows copy/paste, though the policy restricts it.

    • Fixed an issue where some files in Box were not encrypted.

    • Fixed an issue of not getting the Manage Access option in v131.

    • Fixed an issue where, in some cases, DropBox and Ondrive leave existing files unprotected but newer files are getting secured fine.

    • Fixed an issue where the Archived Meeting invite message type was changed.

    • Fixed an issue where new MS Office application icons needed to be adopted for Vera Office apps.

June 2019

Version 3.1.0

June 2019

New Features

  • Vera administrators can now manually add custom SharePoint roles in the policy mapping section.

  • Vera administrators can now configure Vera Directory Connector settings to handle internal and external Google group members the same way when file access is granted or revoked.

  • Vera administrators now have the ability to disable the built-in delay for shimmed applications (Access Control Save Back and Open From).

    NOTE: This functionality is in beta and can only be enabled for clients upon request. If you are interested in this feature, please contact Vera representative.

  • Vera now supports Dark Mode on macOS Mojave, except for Microsoft Office applications.

Updates

  • Vera announces end of the support for 32-bit applications on the macOS platform with upcoming releases.

Fixes
 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where some folder paths in the Share folder mapping section were not being correctly updated when changes were made to the share.

    • Fixed an issue where some policies were unable to be renamed to their previous names.

    • Fixed an issue where screen capture permission was bypassed in certain cases.

    • Fixed an issue where the Vera client caused MS Office to present a blank screen.

    • Fixed an issue of setting Total Access User.

    • Fixed an issue where the Times Accessed field in the Has Access tab was not populating.

    • Fixed an issue where saving General settings disables SharePoint extensions on the client page.

    • Fixed an issue of displaying file permission.

    • Fixed an issue where a Group Not Found Error was seen when trying to modify the policy in the tenant.

    • Fixed an issue of Creo performance when accessing unsecure files.

    • Fixed an issue where there was an excessive delay when upgrading share connectors.

    • Fixed an issue of Key synchronization.

    • Fixed an issue with the WebEx Outlook plugin on macOS Mojave.

    • Disabled dark theme for all Microsoft applications at this time; however, the dark theme is still applied to all non-MS Office applications when enabled.

    • Fixed an issue where an unexpected error message was seen on the Vera Android application.

    • Fixed an issue to retain the message ID when unsecuring.