Hello everyone!
We’re pleased to inform you that the latest version of Xcitium & OpenEDR & Secure Internet Gateway Platforms & Agents & Remote Control & THAT are live now!
The release schedule was implemented as follows:
- US Region Portal: The release will start on 2023-06-21T05:00:00Z
- EU Region Portal: The release will start on 2023-06-22T05:00:00Z
- Agents & Xcitium Remote Control: The release will start on 2023-06-22T05:00:00Z
The release was implemented within 30 minutes of deployment, during release time the platform could be under maintenance mode, where you might observe minor glitches.
And if you observe any issues after release, please feel free to share them with us.
Xcitium Enterprise & Platform
IMPROVEMENTS
- Added an onboarding popup window to display the current provisioning status and to guide users to further provisioning options.
- Added a new Threat Hunter Assessment Tool available now from the Xcitium Platform Tools menu.
- Implemented a new API to fetch all data that is presented under the Dashboard/Compliance section of the Xcitium console.
- Disabled the Xcitium Message Center permanently and removed the option to open it from the UI to resolve CPU usage issues.
- Added the ability to clone a role in Endpoint Manager.
BUG-FIXES
- Fixed an issue specific to enabling MDR as expected when installing the Xcitium Client Communication only from the portal admin.
- Fixed an issue with the “Show with the purged file(s)” filter that was not working under Endpoint Manager/Security/File Rating.
- Fixed an issue resulting from not deleting log sources from the SOCaaP Interface.
- Fixed an issue of custom Xcitium Client Communication (XCC) agent (the Endpoint Manager agent) rebranding not being applied properly from the correct profile.
- Fixed an issue with user interface details displaying incorrectly after re-installing the Xcitium Client Security (XCS) agent.
- Fixed an issue of data field alignment under the Data Loss Prevention (DLP) section of the UI.
Xcitium Client Security – Windows
IMPROVEMENTS
- Implemented the ability to decline Xcitium Client Security Updates if there is a pending OS update reboot on the endpoint.
- Added HIPS protection for LSASS processes.
- Enhanced enumeration detection and response by implementing the ability to block applications and running processes in response to potentially dangerous or anomalous command-line operations.
BUG-FIXES
- Fixed the issue with blocked USB storage devices not getting re-blocked as expected when re-enabled via the device manager.
- Fixed the issue with blocked removable drives with external device control being allowed re-enablement from the device manager in the portal.
- Fixed a process tree issue showing the wrong tree due to missing embedded code.
- Fixed the issue of high CPU usage during a DLP scan running on Windows server 2012 R2 with Xcitium Client Security 12.10.0.8697 installed.
- Fixed the issue of some processes having incorrect parent applications on the Xcitium Client Security process tree due to Windows assigning the same PID to a new process as in another previously launched, already closed process.
- Fixed the issue of consecutive scans increasing the cmdagent memory usage.
- Fixed a system crash issue after an Xcitium Client Security 12.14 installment.
Xcitium Client Security – macOS
NEW FEATURES
- First phase of ZeroDwell Containment for macOS, as a BETA feature. With this feature:
- Applications that have invalid signatures are blocked.
- Applications that have malicious file ratings are blocked.
- All AppStore 3rd-party applications that are signed by Apple/AppStore will be run without any restriction.
- Applications that have trusted file ratings are run without any restrictions.
- Applications that have unrecognized file ratings are run virtually.
EDR
BUG-FIXES
- Fixed the issue of incorrect msi name in EDR installed/uninstalled messages.
- Fixed the issue with EDR not uninstalling properly and continuing to collect events following an attempt to uninstall both the Xcitium Client Security and EDR from the portal at the same time.
- Fixed an issue with Lsalso.exe causing a high CPU-usage performance issue when an EDR agent is installed.
- Fixed the issue with msiexec.exe heuristic command-line analysis not working as expected in Xcitium Client Security 12.14.0.9145.
Device Management
IMPROVEMENTS
- Added the ability to choose a screen recording location in Remote Control.
- Implemented the ability to use “Curtain”/ “Black Out” mode Remote Control for macOS.
BUG-FIXES
- Fixed an issue of displaying the client access control password for the Xcitium Client Communication agent in a plain text format.
- Fixed a vulnerability issue in SQLite for ITSM web services.
- Fixed an issue of the offline monitor generating an online alert.
OpenEDR Platform
IMPROVEMENTS
- Added an email option to the “Refer a Friend” popup for the OpenEDR Platform to provide a way to share and promote open-source EDR awareness and availability.
- Added automatic redirection from Thank You page to the OpenEDR portal to decrease click counts and ease access to the portal.
BUG-FIXES
- Fixed the issue with inaccessibility of the enrollment link during registration of OpenEDR when the registrant’s email contains a “+” character.
- Fixed the issue where an OpenEDR registration could not be completed when the registrant’s email contained capital letters.
Secure Internet Gateway
IMPROVEMENTS
- Implemented the ability to increase the maximum number of domains that can be whitelisted or blacklisted, up to 3000.
BUG-FIXES
- Fixed the issue with data not displaying in the “Overview” and “Reporting” pages of the Secure Internet Gateway portal.
Threat Hunter Assessment Tool (THAT)
NEW FEATURES
- Rebranded the “Unknown File Hunter Tool” to Threat Hunter Assessment Tool (THAT)” with the Xcitium interface.
IMPROVEMENTS
- Added informative explanations and improved the product interface design for each process step, and for all scan results, to provide user-friendly usage and readability enhancements.
- Improved steps for logging into the application and for continuing as a guest user.
- Converted the tool to be a plug-and-play application.
BUG-FIXES
- Fixed an issue of showing unnecessary error messages specific to ongoing operations.
- Fixed an issue with excessive duration when processing an application-closing command.
Appendix
NEW PORTAL VERSIONS
- Xcitium Enterprise: 4.14.0
- Xcitium Platform: 3.65.0
- Endpoint Manager: 8.2
- OpenEDR Platform: 1.7.0
- Secure Internet Gateway: 2.14.19
NEW AGENT VERSIONS
- Xcitium Client Security – Windows: 12.15
- Xcitium Client Security – MacOS: 2.4.4.974
- Xcitium Client Communication – Windows: 8.2
- Xcitium Client Communication – MacOS: 8.2
- Xcitium Remote Control – Windows: 8.2
- Xcitium Remote Control – MacOS: 8.2
- EDR: 2.7
NEW TOOL VERSIONS
- THAT: 6.0.0