S E ECURE NDPOINT R N ELEASE OTES Version 5.4 7 December 2022 Secure Endpoint Console 5.4.20221207 Bugfixes/Enhancements • Fixed a bug in the exclusions API that required anyDrive to be a parameter. • Added improvements to the Kenna Risk Score workflow: • Sort Computers page list by risk score. • Show the risk score in the collapsed view on the Computers page. • Filter the Computers page list by risk score. • The risk score is now included in the exported computers CSV. • The risk score is now included in the Computers API output. • Reduced the size of the organization switcher bar to give more space for page content. Version 5.4 Secure Endpoint Release Notes 1 23 November 2022 23 November 2022 Secure Endpoint Console 5.4.20221123 New • Device Control - a feature that provides visibility and control over USB mass storage devices - is now available for endpoints running Windows connector 8.1.3 and later. • You can now create exclusions for Windows cloud IOCs. Bugfixes/Enhancements • Added automated actions for endpoint isolation on Mac connectors. • New exclusion APIs are now available to all users. • Improved the process to disable SecureX integration and enable it again. 14 November 2022 Secure Endpoint Windows Connector 8.1.3 New • Beginning in Windows Connector 8.1.3, end users will no longer be able to read the contents of the policy.xml file. Policy information can only be accessed by users with privileges to view and edit the policy in the Secure Endpoint Console. (CSCwc05323) IMPORTANT! Contact support if you require this file to remain readable. • This version of the Secure Endpoint Windows connector is only supported on 64-bit versions of Windows 10 and 11 and 64-bit versions of Windows Server 2016, 2019, and 2022. • Added support for Windows 10 22H2 and Windows 11 22H2. • Added support for Device Control. • Allow the Secure Endpoint GUI to work across multiple logged in users (maximum 8 users). • Improved exploit prevention engine for: • Chrome credential protection - exploit prevention will protect against theft of saved passwords from the Chrome browser. • Amsi bypass protection - exploit prevention will prevent patches to the AmsiScanBuffer function. Version 5.4 Secure Endpoint Release Notes 2 9 November 2022 • The connector installer in version 8.1.3 and later will now check for certain Windows patch levels to make sure computers are up to date before proceeding with the install: • Windows 10 version 21H1 - KB5011487 • Windows 10 version 21H2 - KB5011487 • Windows 11 - KB5011493 • Windows Server 2016 (Desktop & Server Core) - KB5011495 • Windows Server 2019 (Desktop & Server Core) - KB5011503 • Windows Server 2022 - KB5011497 Bugfixes/Enhancements • General performance and stability improvements for the exploit prevention engine. • Improved performance on scanning large depth folder. • Fixed an issue where detection events generated while the connector was offline were not visible in the console after connecting to the cloud again. • Decreased the debug logging time from 2 hours to 15 minutes. • Fixed an issue that could cause false-positive detections on archive files. • Addressed an issue where the connector could cause high CPU usage when installed along with the Tanium Platform. • Addressed an issue where some messages on the endpoint were displayed in English even though another language was selected. • Improved the connector proxy discovery mechanism. • Fixed memory leaks that could occur in some conditions. • Updated libexpat to 2.4.8. (CSCwc64881) • Updated nghttp2 to 1.47.0. (CSCwc75108) • Updated pcre to 10.40.0. (CSCwc75107) • Updated libxml2 to 2.9.14. (CSCwc79949) • Updated sqlite3 to 3.39.2. (CSCwc80840) • Updated TETRA license key. 9 November 2022 Secure Endpoint Mac Connector 1.21.0 New • Added support for Endpoint Isolation including automated actions. • Supports macOS 13. • Added ability to install unsupported versions of Orbital on macOS 13. See https://orbital.amp.cisco.com/help/cisco-orbital-requirements/ for requirements. Version 5.4 Secure Endpoint Release Notes 3 26 October 2022 Bugfixes/Enhancements • A cloned Mac/Linux VM or a VM created from a template that has already had the connector installed will now register in the Secure Endpoint console as a new connector (with unique UUID) when using VMWare. • Updated ampcli posture command output to include more details on connection status. • Fixed an issue where an Orbital upgrade failure event would include an invalid upgrade version. Secure Endpoint Console 5.4.20221109 Bugfixes/Enhancements • Default device settings for integrations are now available on the Organization Settings page. (Device package only) 26 October 2022 Secure Endpoint Linux Connector 1.20.1 Bugfixes/Enhancements • Fixed an issue where the connector would load an incorrect kernel module for some kernel versions. (CSCwc48270) • Added compatibility for recently released Amazon Linux 2 kernels related to the following vulnerabilities: • CVE-2022-33742 • CVE-2022-33741 • CVE-2022-33740 • CVE-2022-26365 Version 5.4 Secure Endpoint Release Notes 4 19 October 2022 Secure Endpoint Console 5.4.20221026 Bugfixes/Enhancements • Made improvements to the exclusions API. Secure Endpoint iOS Connector 1.6.4 Bugfixes/Enhancements • Updated Umbrella to 1.6.4. See the Umbrella release notes for details. 19 October 2022 Secure Endpoint Windows Connector 7.5.7 New • This version of the connector is the last to support legacy operating systems such as Windows 7 and 8, Server 2012, and all 32-bit versions of Windows. • Beginning in Windows Connector 7.5.7, end users will no longer be able to read the contents of the policy.xml file. Policy information can only be accessed by users with privileges to view and edit the policy in the Secure Endpoint Console. Exclusions will still be visible in the connector IP Tray user interface unless this setting is disabled in the policy settings (“Hide exclusions” can be found under “Client User Interface”). (CSCwc05323) IMPORTANT! Contact support if you require this file to remain readable. • Added support for Windows 10 22H2 and Windows 11 22H2. Version 5.4 Secure Endpoint Release Notes 5 19 October 2022 • New Exploit Prevention protection features: • Chrome credential protection • Amsi bypass protection • The connector installer in version 7.5.7 and later will now check for certain Windows patch levels to make sure computers are up to date before proceeding with the install: • Windows 7 - KB5003228 • Windows 8.1 - KB5011564 • Windows 10 version 21H1 - KB5011487 • Windows 10 version 21H2 - KB5011487 • Windows 11 - KB5011493 • Windows Server 2008 R2 - KB5011552 • Windows Server 2012 - KB5011535 • Windows Server 2012 R2 - KB5011564 • Windows Server 2016 (Desktop & Server Core) - KB5011495 • Windows Server 2019 (Desktop & Server Core) - KB5011503 • Windows Server 2022 - KB5011497 Bugfixes/Enhancements • Fixed compatibility for the connector alongside Bitdefender OEM installs that were broken as a result of their driver name changes. (CSCwc38793) • Enhanced retry mechanism for proxy discovery. • General performance improvements for Exploit Prevention. • Updated libexpat to 2.4.8. (CSCwc75107) • Updated nghttp2 to 1.47.0. (CSCwc75108) • Updated pcre to 10.40.0. (CSCwc75107) • Updated libxml2 to 2.9.14. (CSCwc79949) • Updated sqlite3 to 3.39.2. (CSCwc80840) Version 5.4 Secure Endpoint Release Notes 6 12 October 2022 12 October 2022 Secure Endpoint Console 5.4.20221012 Bugfixes/Enhancements • Minor bugfixes and performance improvements. 28 September 2022 Secure Endpoint Console 5.4.20220928 Bugfixes/Enhancements • Changed a demo data computer name from Demo_CTA to Demo_Global_Threat_Alerts. • Renamed the API Business audit log type to Organization to match the console UI. • Renamed the API MutedArtifact audit log type to MutedObservable to match the console UI. Secure Endpoint Android Connector 2.5.0 Bugfixes/Enhancements • Enhanced Android 13 support. • Minor bugfixes and performance improvements. Secure Endpoint iOS Connector 1.6.3 Bugfixes/Enhancements • Updated Umbrella to 1.6.3. See the Umbrella release notes for details. Version 5.4 Secure Endpoint Release Notes 7 14 September 2022 14 September 2022 Secure Endpoint Console 5.4.202200914 Bugfixes/Enhancements • Connector diagnostics button disabled for demo computers. 31 August 2022 Secure Endpoint Console 5.4.20220831 Bugfixes/Enhancements • Minor bugfixes and performance improvements. 23 August 2022 Secure Endpoint Mac Connector 1.20.0 New • Added support for Cisco Orbital when using Apple silicon. Requires Orbital Node 1.21 or later. Bugfixes/Enhancements • Fixed a user interface issue where some events occurring in the same minute were displayed out of order. • Event timestamps in the ampcli history page now display the seconds. • Fixed an issue in the Network Extension that would cause instability in network connections. • Fixed an interoperability issue when running applications that use macOS Endpoint Security. Version 5.4 Secure Endpoint Release Notes 8 17 August 2022 17 August 2022 Secure Endpoint Console 5.4.20220817 New • An API for managing exclusions is now available. Documentation is at: https://developer.cisco.com/docs/secure-endpoint/#!exclusions Bugfixes/Enhancements • Error message is displayed when user attempts to set up MDM with an invalid API key or invalid license. • Improved user interface when creating exclusions with invalid data. Version 5.4 Secure Endpoint Release Notes 9 8 August 2022 8 August 2022 Secure Endpoint iOS Connector 1.6.2 Bugfixes/Enhancements • Updated Umbrella to 1.6.2. See the Umbrella release notes for details: https://support.umbrella.com/hc/en-us/articles/8109252127508 5 August 2022 Secure Endpoint Windows Connector 8.0.1.21164 (Supersedes 8.0.1.21160) Bugfixes/Enhancements • Addressed an issue where older versions of the AnyConnect (4.10 and earlier) start menu shortcut would launch the connector instead. 3 August 2022 Secure Endpoint Console 5.4.20220803 Bugfixes/Enhancements • Executable exclusions support for non-exe executable files. 27 July 2022 Secure Endpoint Windows Connector 8.0.1.21160 (Superseded by 8.0.1.21164) New • Secure Endpoint is now part of Cisco Secure Client (integration available from the Secure Endpoint downloads page). • You can now download both the Secure Endpoint Windows connector and Secure Client from the console Download Connector page. • Redesigned user interface to allow integration with Secure Client. • Added more information on the user interface about Secure Endpoint. Version 5.4 Secure Endpoint Release Notes 10
Description: