Release Notes of Xcitium & OpenEDR Platforms & Xcitium Communication Client & Xcitium Remote Control March Release (March 22-23, 2023)

Hello everyone!

We’re pleased to inform you that the latest version of Xcitium Enterprise & Xcitium Platform & OpenEDR Platform are live now!

The release schedule was implemented as follows:

  • US Region Portal: The release will start on 2023-03-22T06:00:00Z
  • EU Region Portal: The release will start on 2023-03-23T06:00:00Z
  • Agents & Xcitium Remote Control: The release will start on 2023-03-23T06:00:00Z

The release was implemented within 30 minutes of deployment, during release time the platform could be under maintenance mode, where you might observe minor glitches.

And if you observe any issues after release, please feel free to share them with us.​

Xcitium Enterprise & Platform

New Features

  • Ability to define subdomain name while creating an Xcitium account.
  • Ability to limit resource usage of Xcitium Client - Security processes from the portal.
  • Ability to clean up automatic generated HIPS & Firewall rules on the agent via portal.

Improvements

  • MDR icon on device list turns green when log forwarding setting under profile configuration is enabled.
  • Support for MacOS 13.
  • Improvement in the registration flow to automatically log in without the need for re-login after registration.
  • File Info page to display more detailed file information for firewall events.
  • Updating SIEM UI and menu structure on the Xcitium Platform.
  • Proper ordering of processes in the process tree for Xcitium Client - Security events on the Event Search screen.
  • United States & International phone numbers mentioned in emails.
  • Updated Xcitium Server Status page subscription emails.

Bug - Fixes

  • Fixed the issue of the version selection for the Xcitium Client - EDR on the update additional packages pop-up not working properly.
  • Fixed the issue of not displaying the data on the dashboard-endpoint widgets unless change the date.
  • Fixed the issue of displaying the wrong logs on the HIPS tab under device list.
  • Fixed the issue of the displaying password prompt when uninstalling XCS with the MSI Uninstall command from the portal.
  • Fixed the issue of showing the action value as “Value not in the list” instead of “Create Process, Unknown DLL loading to process” for the HIPS event on the portal if the process loads unsigned DLL file(s).
  • Fixed the issue of showing incorrect customer information on the customer value under the HIPS Device List.
  • Fixed the issue of not showing information for Acronis data usage on the portal.
  • Fixed the issue of showing overuse seats while Xcitium Advanced Trial license is active.

OpenEDR Platform

Bug - Fixes

  • Fixed the issue of being unable to sign-up for OpenEDR with an existing CAM account.

Xcitium Communication Client

Improvements

  • Improvement in EDR & Xcitium Client - Security agents communications to more compatible and more consistent event stories by adding an event time and process creation time fields for all available event types, adding parent process for Application Control, Autoruns, Virtual Desktop, and Containment Activity events.

Device Management

New Features

  • Ability to see a thumbnail of the end users’ Windows device inside Endpoint Manager.
  • Ability to record the screen / session of Remote Control to your local device.
  • “Curtain” / Blackout mode for Remote Control.
  • Support for Android 13.
  • Support for Android 13 KNOX.
  • Chat functionality added to Agent and Endpoint Manager. This will not be enabled by default, to have this enabled please raise a support ticket requesting it’s activation.

Bug - Fixes

  • Closing Remote Control makes a session debug file on the desktop.
  • Procedures run multiple times during a maintenance window due to crashes.

Appendix

New Portal Versions

  • Xcitium Enterprise: 4.13.0
  • Xcitium Platform: 3.62.0
  • Endpoint Manager: 8.1
  • OpenEDR Platform: 1.5.0

New Agent Versions

  • Xcitium Communication Client - Windows: 8.1
  • Xcitium Remote Control - Windows: 8.1
  • Android - Mobile Device Management Client: 8.1
2 Likes

This is an epic release guys…thnx so much!

2 Likes

@QuickSilverST Thank you!

We also fixed the problem you mentioned for the previous version with this release. Could you check this, please?

Kind regards,
Elif

1 Like

This is in deed an epic release. :+1:,

I do have a question and concern about the screen thumbnail. Is there a way to disable this function. this is good for must users but when you are dealing with C-Level executives. this could be a concern.

Also are there any plans to improve the reporting functionality to be able to make detail reports, or even to be able to user third party products like Zoho analytics

Thanks

Yes, i did see i know have the option to upgrade EDR agent, thank you very much :slight_smile:

We are glad to see that you liked the release content. We would like to get your feedback on new features so that we can continuously improve platform capabilities and provide even better service.

Some feedback i can give with this new release, my dashboard seems to be out of sync or something. It still shows endpoints that need the latest XCC and EDR agent, but then you look at the info of the endpoint in xcitium, under summary it shows it has the latest XCC agent and when you remote to the endpoint, under programs and features it is the latest update, but when you check the audit widgets it shows the endpoint is on a lower agent version and the upgrade is available and can select it to update.

I noticed the same thing. My endpoints were mostly sitting at 8.1.46155.23030 this morning and I went to update the ones that weren’t online to get the update previously and they were all updated to 8.1.46222.23030. No issues so far, but odd quirks with versioning lately.

Hey J ITech Solutions
unknown
Unknown (4)
Xcitium Verdict Cloud detected my sample as Highly Suspicious with XAMAS

Glad I’m no the only one. Will log a ticket with support.

Which sample, malware?

@QuickSilverST random bro

New CC installs on Windows 7 endpoints but once installed those endpoints show up offline and are no longer accessible.

hi @troxelr

Try to remove the CC and freshly install once again to devices and check

Win 7 only support till v 11.1 i think

That works with an endpoint but we’re talking a couple hundred endpoints.

Hi all, we discovered the latest communication agent version (v 8.1) has a bug which causes devices to become offline on older operating systems below:
Windows 7
Windows 8
Windows 8.1
Windows Server 2008 R2
Windows Server 2012

Our engineering team fixed the issue with a new build and it is currently being fully tested. We will make the fix publicly available once we confirm that the fix is fully working.

We will update from here as soon as the new version is available.

1 Like

Hi all, I would like to inform that fixed version for Communication Client (v8.1.46265.23030) is rolled out. You can simply over-install the new version on the affected endpoints without removing the existing communication client.

1 Like