Secure Endpoint Agent release notes - Version 7.8

If automatic agent updates are disabled, you can assign an agent version to your account's Windows and Mac devices to prevent agent upgrades. To determine if you want to assign agent version 7.8, review this topic to learn about the improvements included in this version of the Secure Endpoint Agent.

About the Secure Endpoint Agent

The Secure Endpoint Agent is a small software client that resides on devices that are managed in the Secure Endpoint Console. After the agent is initially installed on a new device, it is activated with the first connection to the Absolute Monitoring Center.

Each agent package includes software specific to its supported operating system, including the agent and its associated components, an installer, and a readme file.

System requirements

The 7.8 package bundle contains Secure Endpoint Agent software that supports devices running the following operating systems:

Operating system	Supported versions
Windows	Versions 7, 8, 8.1, and 10
macOS	Versions 10.9 to 10.14

Agent improvements and fixes

Version 7.8 of the Secure Endpoint Agent includes the following improvements and fixes:

Platform	Improvements and fixes
Windows	The Application Persistence (RAR) component of the Secure Endpoint Agent can now report on and persist version 11.0.x of the Ivanti Endpoint Manager agent. The Secure Endpoint Agent now collects the following agent version information: Agent A field and report column showing the version number of the core agent (rpcnet) installed on a Windows or Mac device. For Chromebooks, it shows the version number of the Absolute for Chromebooks extension. Component Manager The component manager (also known as CTES) is installed on top of the core agent and manages the agent components responsible for initiating device actions and collecting device data. Most agent components are controlled by policies, such as the Hardware and Installed Applications policies. The component manager typically connects to the Absolute Monitoring Center every 15 minutes, at a minumum, to send device data and receive instructions. Persistence agent A field and report column showing the version number of the Absolute Persistence agent (rpcnetp), which is embedded in the firmware of a Windows device by the device manufacturer. If a device's Secure Endpoint Agent is tampered with or removed, the Persistence agent connects to the Absolute Monitoring Center, which triggers the core agent (rpcnet) to be downloaded and reinstalled on the device. You can add this information to reports or view it on a device's Device Details page. When Bitdefender Endpoint Security Tools is upgraded on a Windows device, the Secure Endpoint Agent now detects the correct version number for the application and shows it in the Anti-Malware report. If one of the following versions of Dell Full Disk Encryption is installed on a device, the Secure Endpoint Agent now detects it: 10.0, 10.1 or 10.2. The information is available in the Full Disk Encryption Status report. When both BitLocker and TrueCrypt are installed on a device but only TrueCrypt is being used for full disk encryption, the Secure Endpoint Agent now detects the correct status of TrueCrypt. This information is available in the Full Disk Encryption Status report. When one of the following applications is installed on a device with a self encrypted drive (SED), and the drive is encrypted, the Secure Endpoint Agent now reports a status of Encrypted, which shows in the Full Disk Encryption Status report: Trend Micro Full Disk Encryption Check Point Full Disk Encryption Previously, the status may have been reported as Installed (Not Encrypted). If a device is upgraded from the 32-bit to the 64-bit version of WinMagic SecureDoc, the Secure Endpoint Agent now detects the correct status. This information is available in the Full Disk Encryption Status report. The RAR component of the Secure Endpoint Agent now returns a new Repair Status, Pending reboot. This status shows in Application Persistence reports if a device reboot is required to complete the repair of a persisted app. Previously, devices in this state showed a Repair Status of Failure. If the Endpoint Data Discovery (EDD) policy is activated on a Windows device, the Secure Endpoint Agent now collects the date and time when a scanned file was last accessed on the device. This information shows in the File Accessed column in EDD reports. When you set the Scan Level for an EDD scan to Moderate or Targeted, the following directory is no longer scanned on a Windows device: <any drive letter>\ProgramData. If an entry related to the Device Freeze component is deleted from the Windows registry, the Secure Endpoint Agent now self heals the component by restoring the registry entry. This issue and it's associated fix do not apply to accounts that are using the Classic Device Freeze feature.
Mac	The performance and stability of the Secure Endpoint Agent 's EDD component is now improved. When you set the Scan Level for an EDD scan to Moderate or Targeted, the following directory is no longer scanned on Mac devices: /opt/local/include. If the Device Freeze component's properties file is tampered with, the Secure Endpoint Agent now detects the error and self heals the component. This issue and it's associated fix do not apply to accounts that are using the Classic Device Freeze feature.

Platform

Improvements and fixes

Windows

The Application Persistence (RAR) component of the Secure Endpoint Agent can now report on and persist version 11.0.x of the Ivanti Endpoint Manager agent.
The Secure Endpoint Agent now collects the following agent version information:
You can add this information to reports or view it on a device's Device Details page.
When Bitdefender Endpoint Security Tools is upgraded on a Windows device, the Secure Endpoint Agent now detects the correct version number for the application and shows it in the Anti-Malware report.
If one of the following versions of Dell Full Disk Encryption is installed on a device, the Secure Endpoint Agent now detects it: 10.0, 10.1 or 10.2. The information is available in the Full Disk Encryption Status report.
When both BitLocker and TrueCrypt are installed on a device but only TrueCrypt is being used for full disk encryption, the Secure Endpoint Agent now detects the correct status of TrueCrypt. This information is available in the Full Disk Encryption Status report.
When one of the following applications is installed on a device with a self encrypted drive (SED), and the drive is encrypted, the Secure Endpoint Agent now reports a status of Encrypted, which shows in the Full Disk Encryption Status report:
- Trend Micro Full Disk Encryption
- Check Point Full Disk Encryption
Previously, the status may have been reported as Installed (Not Encrypted).
If a device is upgraded from the 32-bit to the 64-bit version of WinMagic SecureDoc, the Secure Endpoint Agent now detects the correct status. This information is available in the Full Disk Encryption Status report.
The RAR component of the Secure Endpoint Agent now returns a new Repair Status, Pending reboot. This status shows in Application Persistence reports if a device reboot is required to complete the repair of a persisted app. Previously, devices in this state showed a Repair Status of Failure.
If the Endpoint Data Discovery (EDD) policy is activated on a Windows device, the Secure Endpoint Agent now collects the date and time when a scanned file was last accessed on the device. This information shows in the File Accessed column in EDD reports.
When you set the Scan Level for an EDD scan to Moderate or Targeted, the following directory is no longer scanned on a Windows device: <any drive letter>\ProgramData.
If an entry related to the Device Freeze component is deleted from the Windows registry, the Secure Endpoint Agent now self heals the component by restoring the registry entry.

This issue and it's associated fix do not apply to accounts that are using the Classic Device Freeze feature.

Mac

The performance and stability of the Secure Endpoint Agent 's EDD component is now improved.
When you set the Scan Level for an EDD scan to Moderate or Targeted, the following directory is no longer scanned on Mac devices: /opt/local/include.
If the Device Freeze component's properties file is tampered with, the Secure Endpoint Agent now detects the error and self heals the component.

This issue and it's associated fix do not apply to accounts that are using the Classic Device Freeze feature.