Absolute 7.12 Release Notes

This topic describes the software changes included in Absolute 7.12. It also describes the changes included in all hotfixes since the release of Absolute 7.11.

This release introduces performance, security, data integrity, and usability improvements that enhance the responsiveness, reliability, and ease of use of the system. It also introduces enhancements, improvements, and fixes to existing features and functionality.

To view the software changes introduced in this release that apply to the Absolute agent, see the Absolute agent release notes: Version 7.12.

NOTE Depending on the Absolute product licenses associated with your account, some of the following software changes may not be available to you.

Features and enhancements

Web usage support (New!)

You can now collect the last 7 days of web activity on your Chromebook and Windows devices. Activate the Web Usage policy to view information about the websites and webpages that your users visited most recently using the Chrome browser.

After the policy is activated, you can view your devices' web usage in the following new reports:

Weekly Web Usage, which shows the past 7 days of usage
Rising Web Usage, which shows recent trends in usage

Data security action - Wipe (New!)

You can now use the new Wipe security action to perform a cryptographic erasure (Crypto Erase A data sanitation process that removes all encryption keys, effectively making all data on a device irretrievable and reverting the device's solid state drive (SSD) to its factory default state.) on your Windows devices encrypted by BitLocker Drive Encryption, and your Mac devices encrypted by FileVault. Crypto Erase is a data sanitation process that removes all encryption keys, effectively making all data on a device irretrievable. After the Wipe is complete, a Certificate of Sanitization is generated and made available in Action History area of the console.

NOTE The Wipe action conforms to the Purge standard defined in NIST Special Publication 800-88, Guidelines for Media Sanitization, and it is HIPAA compliant.

Action History (New!)

View the status of Device actions in the new Action History. View the progress of your Device action request, as well as the action status for each device in the request.

NOTE Wipe is currently the only action supported in Action History. New actions will be added in future releases. You can still view other actions in Reports > Recent Events > Event History.

Offline Freeze rules (New!)

You can now protect your Windows and Mac devices by creating an Offline Freeze rule. Rules are applied at the policy group level and are configured in the new Policies > Rules area. After you activate an Offline Freeze rule, any devices that are offline for the number of days specified in the rule are frozen and an email notification is sent to you. Learn more

The availability of Offline Freeze rules depends on the version of Freeze applied to your account. If the Rules page isn't available in the Policies area and your Absolute product license includes the ability to freeze devices, Absolute hasn't enabled the Rules feature in your account yet, but we will shortly. To help you get started after the feature is enabled, your account is preconfigured with a default 30-day rule.

NOTE Offline Freeze rules replace two existing Device Freeze features: Conditional Offline Freeze and Device Freeze Offline Policies. If you currently use Conditional Offline Freeze requests to protect your offline devices, those requests will remain unchanged until you remove them. However, if you want to create a new request, you'll need to create an Offline Freeze rule instead. If you currently use Device Freeze Offline Policies to protect your offline devices, Absolute will reach out to you about enabling the Rules feature and migrating over your existing policies. For more information, contact Absolute Technical Support.

Event History (New!)

In the new Event History area, you can view a log of the events triggered over the past 30 days by a user, a device, or the system. You can view details about each event, search for a particular event of interest, and filter the page based on one or more criteria.

NOTE In the current release, only a subset of events are logged. More events will be added in future releases.

Improved device re-enrollment: The process for re-enrolling a Windows or Mac device has been improved.

When you reinstall the Absolute agent on an unenrolled device, the device is now successfully enrolled in the applicable Absolute account without any intervention by Absolute Technical Support. In addition, if the device is re-enrolled in the account it was unenrolled from, the same Identifier is assigned to the device; if it's a different account, a new Identifier is assigned.

Application Persistence enhancements
- Application Persistence policies, which collect information about the functional status of third party applications installed on your Windows devices, now support persistence of the following third-party applications:
  - Tanium™ Learn more
  - Citrix Workspace™ Learn more
- You can now persist the following application versions:
  - Cisco AnyConnect Secure Mobility Client^®, version 4.8.x
  - F5^® BIG-IP^® Edge Client^®, version 71.2020.x
  - Pulse Connect Secure, version 9.1.x
- The dashboard's Application Health widget has been improved. The following enhancements are now available:
  - The widget's Advanced Settings now include additional options to allow you to filter the widget data by device group and the Last connected The date and time when a device's Absolute agent last checked in to the Absolute Monitoring Center. field.
  - When you click an application's bar or column to open the Application Persistence report, the report's data now reflects the filters and advanced settings applied in the widget, and the report includes columns for the applicable application only.
- To improve the usability of the Application Persistence report, its default view now shows Status and Status details columns for Microsoft BitLocker Drive Encryption and Microsoft SCCM only. You can still use Edit columns to add columns for other applications.
Script Library enhancements
- If you have an Absolute Control or Absolute Visibility license, you now have access to the Script Library, which includes over 100 scripts that you can run remotely on your devices. Absolute is making this feature temporarily available to you at no charge until the end of August 2020. To continue using the Script Library after this promotion ends, contact Absolute Global Sales.
- The following Absolute scripts, which you can run on your Windows devices, are now available in the Script Library in the Settings area:
  - Enable or Disable SMBv3 Compression
  - Enable or disable a Windows Service on a system
  - Force SCCM Windows Software Installation Cycle
  - Uninstall HP Assistant software
  - Show a Return Device Notification
- The following Absolute script, which you can run on your Mac devices, is now available in the Script Library in the Settings area:
Chromebook support: You can now use Absolute 7 to synchronize Chromebook data from the Google Admin console to your Absolute account. The Absolute 7 integration has the following improvements over the Classic integration:
- Select children OUs by selecting the parent OU in the Absolute console
- Organizational unit, Auto-update expiration and Notes are now synchronized and available in the Absolute console
The Absolute 7 integration replaces the current Chromebook integration in Settings > Classic Account Settings.

IMPORTANT The enhancements described in this section apply to only those accounts that are upgraded to Absolute 7 Chromebooks. You'll know that your account is upgraded if the Settings menu includes Chromebook Settings. For those customers using the Classic Chromebooks, Absolute is in the process of upgrading your account to the new Absolute 7 feature.
SIEM Integration enhancement: You can now view and analyze Absolute 7 events in your Security Information and Event Management (SIEM) solution. After you download the Absolute SIEM Connector from the Absolute console and install it on a computer on your network, you can configure it to send events from Absolute to a SIEM solution, such as RSA® Security Analytics, HP ArcSight, or Splunk®. Learn more

After setting up the SIEM integration, you can also use the SIEM Event API to return a list of configured event records for your account.
Enhanced EDD reports: The following Endpoint Data Discovery reports now have a new look and feel with updated interactions for managing columns, searching and filtering report content, exporting, and performing device actions:
- Data Risk Assessment
- Devices with At-Risk Files in Cloud
- GDPR Summary
- Match Score Summary
- Reporting Data
Mac support: The Absolute agent is now supported on devices running macOS 10.15. Ensure that you install agent version 7.12 or higher on these devices.
NOTE The Data Delete security action is not supported on macOS 10.15. If you currently use Data Delete to protect your devices, we recommend using macOS 10.13 or 10.14.
New role permissions: To support the new features introduced in Absolute 7.12, the following permissions are now available on the Permissions page in the User Management > Roles area:
- Action History
- Audit Event History
- SIEM Integration
- Weekly Web Usage
- Wipe Device
These permissions have been granted to the appropriate default roles. For example, System Administrators are granted Manage capabilities for each permission. To grant these permissions to any custom roles you've created, update each role's permissions.

Improvements and fixes

Absolute 7.12 introduces the following improvements and fixes:

Feature/Area	Improvements and fixes
Anti-Malware detection	When the following anti-malware products are installed on a device, they are now detected and shown in the Anti-Malware report: Windows devices: Cisco AMP for Endpoints, version 6.3.x Crowdstrike Falcon, version 5 Mac devices: Crowdstrike Falcon, versions 3, 4, and 5
Application Persistence (AP)	When VMware Carbon Black Cloud is persisted on a device, the Data Updated field is now available in the VMware Carbon Black Cloud section of the device's Device Details > Policies page. The field shows the date and time when the health of the application was last checked. When Pulse Connect Secure is persisted on a device, the correct status (Not Compliant) now shows in AP reports if the application is not installed. Previously, it may have showed a status of Compliant. When Dell Encryption is persisted on a device, and the RAR component detects that the application needs to be reinstalled, the Dell Encryption Client is now successfully installed.
Bulk device actions	You can now successfully upload a .csv file that is greater than 1 MB in size. Note that the file can't exceed the maximum file size of 2 MB (2048 KB).
Data Delete	When you submit a Data Delete request on a Windows device running Windows Defender Application Guard, the request now completes as expected.
End User Messaging	After the release of Absolute 7.11, new end user messages may not have been displayed on your devices. This issue is now fixed. New end user messages are now displayed as expected.
Hardware data collection	The following fields are now populated for Windows devices: Camera > Description Camera > Is Enabled NOTE These fields are available in Absolute device reports and under Hardware > Camera on a Windows device's Device Details page. A device's Public IP Address field now retains the last detected value if the public IP isn't available (for example, the device is offline) when the Hardware scan runs. When the network SSID changes on a Windows or Mac device, the new value is now uploaded to the Absolute Monitoring Center in the device's next agent connection, which typically occurs every 15 minutes. The value shows in the device's Network SSID field on the Hardware > Network page in Device Details. After the release of Absolute 7.11, a full Hardware scan may have failed to run on a Windows device after its network SSID changed. This issue is now fixed. The scan is now performed within the next 24 hours, as expected.
License management	When Absolute licenses expire and devices are automatically moved to the Unlicensed Policy Group, any devices that are frozen, missing, or reported stolen are no longer moved, even if they have old activation dates. Instead, devices with newer activation dates are moved until no devices are associated with the expired license.
Policy groups	You can now successfully move multiple devices from one policy group to another if you first filter the policy group's devices by device group before selecting the devices to move. Previously, it appeared that the Move action was saved successfully but the devices were not moved.
Reports	Files set to Ignore on All Devices are no longer included in the EDD Reporting Data report. When you save a Device Usage report as a custom report, you can now select devices in the custom report and submit a Device action request. A new column, Police File Uploaded, is now available in the Assets > Devices> Reported Stolen page. This column shows the file name of the police report, if it was uploaded. Report filters now have improved usability: When multiple OR operators are used in one filter, the filter now shows the number of items that are hidden. You can now expand and collapse the filter area when filters show in more than one row. You can now press `Enter` to set the text values in a filter. Enhanced breadcrumbs provide a way back to previous content when viewing a sub-report. For example, you can use the breadcrumbs to navigate back to the Weekly Web Usage report from the Weekly Web Usage - <website> report. In the Operating Systems report, the Release ID column now shows as a default column instead of the Security patch level column.