Absolute 7.16 Release Notes

This topic describes the software changes included in Absolute 7.16. It also describes the changes included in all hotfixes since the release of Absolute 7.15.

This release introduces performance, security, data integrity, and usability improvements that enhance the responsiveness, reliability, and ease of use of the system. It also introduces enhancements, improvements, and fixes to existing features and functionality.

To view the software changes introduced in this release that apply to the Absolute agent, see the Absolute agent release notes: Version 7.16.

NOTE  Depending on the Absolute product licenses associated with your account, some of the following software changes may not be available to you.

Features and enhancements

Custom Data (New!)

In the Policies > Custom Data area, you can detect information that is not currently captured by Absolute from your Windows devices by configuring and activating Custom Data collection. The information is captured by adding data points and enabling the collection for one or more policy groups. Currently, data points are configured and provided by Absolute. Once Custom Data information is collected from your devices, the information can be added to most pages and reports.

Learn more

Device Details enhancements

The Device Details area has been improved. The area now has a new look and feel featuring an enhanced summary area, repositioned tabs, and more easily accessible device action buttons. You'll notice that the new summary area contains more of the information you're most interested in, such as its anti-malware and encryption statuses.

To access a device's Device Details area, click its device name on any page that shows devices in a results grid, such as a page in the Assets > Devices area, or in a device report.

Learn more

Reach Script API enhancements

New endpoints have been added to the Reach Script API that allow you to query the Reach Script library, query the parameters of a specific script, and download the script files for a specific script. Learn more

Application Persistence enhancements

  • Application Persistence policies, which collect information about the functional status of third party applications installed on your Windows devices, now support persistence of the following third-party applications:

  • You can now persist the following application versions:

    • CrowdStrike Falcon® version 6.x
    • Ivanti® Security Controls version 9.4.x

Administrative tools enhancement

You can now download the following administrator tools from the Download Packages page in the Settings area:

  • Windows Image Prep Tool: contains PowerShell scripts to help you create a disk image that will automatically install and activate the Absolute agent when the image is deployed to your Windows devices.

  • Persistence Status Tool: command line tool to check the activation status of Absolute Persistence on your Windows devices.

For more information, see Downloading Packages for Your Account in the Absolute User Guide.

Absolute Resource Center enhancement

To make all resources available from one convenient location, the Absolute Resource Center area has moved from the icon to the icon. The icon is now available in the main toolbar on each console page.

To access a resource, click the icon and select one of the options from the menu.

Learn more

NOTE  On some console pages, a icon is also available in its original location. You can use either icon to access the console Help.

Improvements and fixes

Absolute 7.16 introduces the following improvements and fixes:

Feature/Area

Improvements and fixes

Android support
  • Support for the Android 10 operating system has been removed. Absolute supports Android 4.4.2 to 9 only.
Application Persistence
  • To support IdP deployments, the Installation Token and Netskope Add-on Manager hostname fields are now optional in the Application Persistence policy configuration.
  • Upgrades to F5 BIG-IP Edge Client version 71.2020.x are now supported from version 71.2015.x and higher.

Chromebooks
  • In some cases, the Hardware and Device Usage components of the Chromebook extension failed to upload hardware and device usage information. This issue is now fixed.
Data Delete
  • Previously, if you selected the pre-defined Standard Office Documents option when creating a Data Delete policy, the option failed to be saved. This issue is now fixed.

Device groups

  • After you delete a device group, you no longer need to refresh the page to see that the group is removed from the Device Group sidebar.
Endpoint Data Discovery (EDD)
  • Previously, updating the columns included in a custom Match Score Summary report may have caused some custom EDD rules to be duplicated. This issue is now fixed.

  • The Absolute agent's EDD component is now successfully installed on a Mac device running macOS 11.2.

  • The following EDD reports can now be successfully filtered by device group using the "is" filter operator:

    • GDPR Summary

    • Match Score Summary

    • Data Risk Assessment

Freeze
(Classic version)
  • Previously, in some cases, if a device had been frozen by a Device Freeze Offline Policy before an Absolute account was migrated from Classic Device Freeze to ABS 7 Freeze, and a Remove Freeze request was submitted after migration, the request was reported as completed in the Absolute console, but the device remained frozen. This issue is now fixed.
Freeze

(Absolute 7 version)

  • After you submit any of the following requests, the confirmation dialog now contains a link to the correct page:

    • Freeze request

    • Conditional Freeze request

    • Remove Freeze request

    It now opens the History > Events page, not the Event History report in the Reports area.

  • On a frozen device, you can no longer start the device in Safe Mode and then successfully log in to the device.
  • Previously, in some cases, upgrading to a newer version of the DFZ component wrongly triggered some Offline Freeze rules to freeze devices when the freeze conditions had not been met. This issue is now fixed.

History

  • On the History > Events page:
    • Previously, when filtering reports and pages using negative filters such as Device is not and Device does not contain, the filter results may have been incorrect. This issue is now fixed.

    • An event is now logged when a custom device field is updated using a Reach script.

    • Previously, a Volume updated event appeared where the Mount point changed from Empty to Empty. This type of event is no longer being reported.

    • The following anti-malware-related events are now logged:

      • Device AV product changed
      • Device became AV protected
      • Device became AV unprotected
    • Remove Freeze events now show the user who submitted the Remove Freeze request. Previously, they showed the user who submitted the original Freeze request.

    • After the release of ABS 7.15, an event failed to be logged to Event History when a theft report was created or updated. This issue is now fixed.

Identifier assignment
  • Previously, if an issue, such as a WMI failure, occurred on a Windows device during an agent call, and that issue impacted the Absolute Monitoring Center's ability to correctly identify the device, the system may have assigned the device a new Absolute Identifier. This issue is now fixed. The system now ignores the agent call.
Language support
  • When you view the Absolute console in a language other than English:
    • The grayed out placeholder text that shows in some fields, such as some search and filter fields, is now displayed in the correct language.
    • The Response reason for a failed Manage Supervisor Password request is now displayed in the correct language in the Event Details field of the Event History report.
Missing Devices
  • Previously, when you cloned a theft report, you were unable to search for and select the new device in the Device field. This issue is now fixed.
Persistence activation
  • The Persistence activation process has been enhanced to ensure that Persistence is not activated on a device unless the Absolute agent installer is used to enroll the device in an Absolute account.

Reports

 

  • A number of improvements have been introduced to the Edit columns function in reports and pages, including:
    • When editing the columns in a report or page, child columns are now nested under their parent column.
    • Searching in Available columns has been optimized and results appear quicker.
    • You can now search Available columns using ampersand (&).
  • The text in the search box is now cleared when you switch between All Devices and Missing Devices in the Assets area.
  • When scheduling a report, the Recipient field is no longer case sensitive.
  • When Average daily usage was equal to zero, reports incorrectly displayed No Data. This issue is now fixed.
  • You can now save a custom report created from Reported Stolen in the Assets area.
  • Previously, when you scheduled a Match Score Summary report, the emailed report did not include match scores for custom EDD rules. This issue is now fixed.
  • Previously, if you saved the Full-Disk Encryption Status report as a custom report, you were presented with a blank page when you tried to open the custom report. This issue is now fixed.

  • After the release of ABS 7.15, you could not export a device report if you were assigned to a single device group. This issue is now fixed.

Reports (Classic)
  • The following reports will be deprecated in a future release:
    • Installed Software Overview Report
    • Installed Programs by Account Report

    When you access these reports, you are now presented with a dialog that lets you either Continue with Classic Report, or Go to New Report. The second option opens the Applications page in the Assets area.

Report filters
  • A number of improvements have been introduced to the Filter function in reports and pages, including:
    • When you add filters to a report or page, you can now reset the filters back to the defaults. To reset the filters, click and select Reset filters.
    • You can now filter a report or page using any of the battery data points that are collected.
    • When filtering using a data point that measures memory size or clock speed, you can no longer use decimals when entering a value if the filter uses the base unit. For memory size, the base unit is bytes. For clock speed, the base unit is MHz.
    • Pressing Enter when the cursor is in the value filter field now closes and applies the filter.
Rules
  • The following device information is now included in email notifications:

    • device serial number

    • username of the last logged in user

SIEM integration
  • Previously, non-string data types failed to be included in the ObjectProperties parameter of a syslog message. This issue is now fixed.
User Management
  • If you click Cancel to close the Invite User dialog, the system no longer tries to validate the Email Address field.

  • The user profile of the logged in user now shows on the Users page in read-only format. It is also included when you export the user list for their assigned role.

Web Usage

  • The performance and usability of Web Usage reports for the following websites have been improved:
    • accounts.google.com
    • youtube.com
    • microsoftonline.com
  • When you activate a Web Usage policy, you are now presented with the following warning on the Activate Policy dialog:
  • This policy installs browser extensions on activated devices. If you use other tools to manage browser extensions on your devices, conflicts may arise. Before activating this policy, learn more about the conflicts that may occur and how to resolve them.

    Before you click Activate, determine if this warning applies to you. If it does, you may need to contact Support to request a self-managed browser extension. Learn more

  • Reducing the size of the window no longer causes the Y-axis of the Web Usage chart to show a mix of units (hours and minutes).

  • When you export the Web Usage chart in .xlxs or .csv format, recently removed websites are no longer included.

  • For Windows devices, the user who was logged in when the web activity occurred is now reported correctly, in all cases.
  • If a webpage title contains unicode characters, the title now displays correctly in the Web Usage (Trending) report.
Wipe
  • You can no longer use the Upload Bulk Device File feature to submit a Wipe request. This change was introduced to reduce the impact of a Wipe request submitted in error or by a malicious user.

  • Previously, when a Wipe request was made for a device that wasn't fully encrypted, the request had to be sent to the device and executed before the request failed. Now, the request fails during the eligibility check. In History > Actions, the device failure reason is now Device is not fully encrypted.