I have the pleasure of announcing the release of the CB Protection 8.1.6 Windows Agent.
This release adds the following improvements and enhancements:
The 8.1.6 Windows Agent is considered a maintenance release with a focus on corrective content, security and Windows 10 Update Performance.
Our research into Windows 10 update performance showed that we had a long-time regression that went back to our 8.0 release. In prior versions of 8.x, the agent would unnecessarily analyze files repeatedly during file opens and file cleanups. File cleanup is an OS command that tells us that all of the handles to the file have been closed (e.g. every program/thread/process that could be using the file is done with it). As a result of this work, in 8.1.6, customers should notice an improvement in performance during Windows Updates. We’ve also added some additional logging and instrumentation to further enhance the collection and tracking of agent performance metrics. This will allow us to collect better data which will enable us to further improve performance of the Windows agent in future releases.
The following minor changes have been made.
- Added a TimedOverride.bt9 file that now logs when TimedOverride.exe is launched. This new log file is found in the Bit9\Parity Agent\logs folder.
- Added a new agent configuration property, "skip_session_enumeration_in_scm". When this setting is enabled in a Citrix/Multi-user environment, user enumeration will be disabled. This will lead to performance improvements but will break user-based policy determination and will slow the update time of logged-in users at the console. We expect this setting to be used only for very specific environments.
- Removed the authentication requirement for the dascli ValidateCerts command
Product security is our top priority for CB Protection, and in this release we have included several new enhancements to ensure that our product is prepared to keep you and your endpoints secure. These changes include:
- Fixed an issue that could allow some files to be launched by msiexec even though they were not approved.
- Addressed a vulnerability where it was possible to remove CB Protection without disabling Tamper Protection.
- Fixed an issue where it was possible to execute unapproved .Net Core Console applications when those applications should have been blocked by custom rules.
In addition to the above, we've continued to improve quality by addressing several defects. Additional details can be found in the release notes.
You can download the CB Protection 8.1.6 Windows Agent here.