Version 4.2 Secure Endpoint Private Cloud 83
30 August 2017 Release Notes
• Fixed a bug where files contained inside PDF files were not scanned.
• Fixed a bug where some UDP connections were not monitored.
• Fixed a bug where user information was missing from some events.
• Fixed a bug where some deferred scans were dropped because the deferred
scan file was not written to correctly.
• Fixed a bug where the URL reported for some network events were malformed.
• Fixed a bug where Definition Update events were missing from the Events table.
• Fixed a bug where the known viruses count for Definition Update events was
incorrect.
• Made automatic ClamAV definition updates more robust.
• Clarify in Execution Blocked events and notifications that no action was taken
when the connector is running in audit mode.
• Removed stale files from ClamAV working directory at daemon start-up.
• Reduced the performance overhead of wildcard exclusions.
• Fixed a bug where a kernel extension could panic if there are active network
connections when the daemon is stopping or retrying a failed initialization step.
• Fixed various logging issues.
• Updated curl version to 7.51.0.
• Addressed an issue where the connector would consume high CPU when a local
database reached a certain size.
• Fixed a bug where the connector would consume high CPU when some local
3rd party software would periodically touch but not modify files.
• The connector is now able to successfully quarantine files that have immutable
flags set.
• Addressed various issues with scan error reporting.
• Fixed an issue where you could not fetch a file from a computer after it was
deleted even if other copies of the same file existed on the computer.
• Addressed an issue where the connector would only perform a Retrospective
Quarantine on the first instance of a file on the computer.
• Fixed a bug where scans in progress when the computer was rebooted did not
appear to complete in the Console.
• Fixed an issue where outdated ClamAV definitions were still being loaded by the
connector in some instances. This could potentially cause an increase in false-
positive detections.
• Patched ClamAV engine to address potential vulnerabilities when handling
certain archive file types (CVE-2016-1371, CVE-2016-1372).
• Modified the connector installer to prevent downgrades when running the
installer locally.
• Added more diagnostic information collected by the Support Tool.
• Improved performance when using Application Blocking lists on Mac OS X 10.8
and 10.9.
• Improved handling of nested archive files.
• Fixed an issue where the connector was not sending information about the
current user for certain events.
• Fixed an issue where the connector wasn’t cleaning up its child processes.