Absolute 7.18 Release Notes

This topic describes the software changes included in Absolute 7.18. It also describes the changes included in all hotfixes since the release of Absolute 7.17.

This release introduces performance, security, data integrity, and usability improvements that enhance the responsiveness, reliability, and ease of use of the system. It also introduces enhancements, improvements, and fixes to existing features and functionality.

To view the software changes introduced in this release that apply to the Absolute agent, see the Absolute agent release notes: Version 7.18.

NOTE  Depending on the Absolute product licenses associated with your account, some of the following software changes may not be available to you.

Features and enhancements

This release introduces two new features that allow you to remotely delete files from your Windows and Mac devices:

  • Delete File

    A new security action, Delete File..., is now available from the Action menu of device reports and your devices' Device Details page.

    This feature lets you remotely delete files and folders from your devices to protect your organization's confidential and sensitive data. Depending on the criteria you enter in a request, you can delete individual files, folders, or file types, or you can use patterns to delete items in multiple locations.

    Learn more

  • Delete All Files

    The Wipe security action, which remotely removes all data from your devices before you reuse, resell, or dispose of them, now includes a new option: Delete All Files.

    The Delete All Files wipe option overwrites all file content with a series of zeros and ones, essentially making the files unreadable and unrecoverable. It then renames and deletes the files, and deletes all non-OS and user profile data. For Windows devices, you can also select an option to disable the operating system.

    You can perform a Delete All Files wipe on both encrypted and unencrypted devices.

    Learn more

Both security actions listed above conform to the Clear standard defined in NIST Special Publication 800-88, Guidelines for Media Sanitization, and they are HIPAA compliant. After either action is processed on a device, a log file is uploaded to the console. You can then download the log file from Action History to demonstrate compliance.

After you submit a Delete File request or a Delete All Files wipe request, you can go to Action History to do the following:

In the Settings area, the following agent-related tools have been moved from the Download Packages page to a new page named Utilities:

  • Network Diagnostics Tool

  • Windows Image Prep Tool

  • Persistence Status Monitor

Learn more

When configuring an Application Persistence policy and selecting the Report, repair, and reinstall option, you can now upload the installer file to Absolute console for the most recent version of the following applications:

  • BeyondTrust Jump™ Client
  • Cisco® AMP for Endpoint Connector
  • Cisco AnyConnect® Security Mobility Client
  • Crowdstrike Falcon®
  • GlobalProtect™
  • McAfee® ePolicy Orchestrator®
  • Microsoft® SCCM
  • SentinelOne™
  • Tanium™
  • VMware Carbon Black Cloud™
  • VMware Workspace ONE™

Learn more

The Absolute agent is now supported on devices running the following operating systems:

  • Windows 11

  • macOS 12

Application Persistence policies, which collect information about the functional status of third party applications installed on your Windows devices, now support persistence of the following applications:

You can now persist the following application versions:

  • Netskope® Client version 84 and higher
  • VMware Workspace ONE™ version 21.0 and higher
  • Cisco AMP for Endpoints (Cisco Secure Endpoint) version 7.4.1 and higher

  • Assets > Applications page

    On the Applications page in the Assets area, you can now:

    • filter the applications by device group.
    • reset the page's filters by clicking > Reset filters.
    • save an application's device list view as a custom report. The Application name column and a combined Application/Version filter are automatically added to the report.

  • Device Details > Applications page

    On a device's Applications page in Device Details, you can now:

    • filter the device's applications by application name, publisher, version, installed date, or install location.
    • export the Applications page. The Device, Username, and OS Name columns are automatically added to the exported report.
    • save the Applications page as a custom report. The Device column is automatically added to the custom report.
    • add or remove columns before you export or save the page.

  • Reports > Installed Applications report

    The following enhancements have been added to the Installed Applications report

    • You can now save the report as a custom report.

    • A new filter named Application is available. Begin entering an application name in this filter to open a selection list of applications, categorized by publisher.

      NOTE  The current Application filter has been renamed Application name.

The following enhancements are now available on the Location History page in Device Details:

  • Availability of historical data: you can now view more than 30 days of location information for a device.

    Use the new Custom date range option to select the time period that you want to view. You can view up to 30 days of data at a time. The calendar picker allows you to go back 12 months, but note that data is only available from the activation date of the device's Geolocation Tracking policy.

    Learn more

  • Map enhancements:
    • The default zoom level of the map is now determined by the distance between the device's detected locations. For example, if all locations are in the same city, the map is automatically zoomed to street-level view.
    • At a zoom level above city-level, the city's dot marker now shows the number of times the device's reported location was in that city. Note that if it was only once, no number shows.

  • Timeline enhancements: the timeline is now simplified and easier to work with.

    • You can now quickly move to the next 30-day date range in the timeline by clicking Older data. To move back up the timeline, click Recent data.

    • If a location change was not detected on a given day, one of the following values now shows next to the date label: No location change or Location not available.

    • Multi-day periods when the device checked in but no location change occurred are now clearly indicated by the text Checked in <#> over <#> days or Checked in everyday for <#> days.
    • Multi-day periods when the device was offline are now clearly indicated by the text Offline everyday for <#> days.

    • Depending on the device's location history and the selected date range, you may be able expand and collapse the timeline.

    Figure 1: Example of timeline on a device's Location History page

    Learn more

  • The following events are now logged to Event History:

    • Delete File events:
      • File delete requested
      • File deleted
      • File delete failed
      • File delete cancellation requested
      • File delete canceled
      • File delete cancellation failed

    • Authentication-related events

      • Session timeout

  • New Wipe events now show on the Events page as Cryptographic wipe or File delete events, depending on the options selected in the Wipe request. Learn more

    NOTE  All Wipe events that occurred prior to the release of Absolute 7.18 now show on the Events page as Cryptographic wipe.

Features nearing end-of-life

Note that over the next 6 months, Absolute will be deprecating the following features:

Feature

Details

Data Delete

The Data Delete feature will no longer be available after February 2022. In preparation for this feature's end-of-life, we recommend that you do the following:

  • begin using the Delete File and Wipe features to delete data from your devices.
  • download all Data Delete deletion log files and end of life certificates that you require for your records. For more information, see the Absolute User Guide.

Android support

Absolute will stop supporting the Absolute agent for Android after February 2022.

If you are using the Android agent on your devices, it will continue to call in to the Absolute Monitoring Center with updated data. However, no new versions of the agent will be released, including updates for bug fixes.

The Absolute agent currently supports devices running Android versions 4.4.2 to 9.0.

Classic Absolute SIEM Connector

The Classic Absolute SIEM Connector will be unavailable for download after February 2022. If you want to start sending logged events from the Absolute console to a SIEM application, we recommend that you download and configure the Absolute 7 SIEM Connector.

NOTE  All Classic SIEM integrations configured prior to February 2022 will continue to be supported and to function as expected.

Improvements and Fixes

Absolute 7.18 introduces the following improvements and fixes:

Absolute agent

  • On the Download Packages page, the Supported Platforms column now shows the correct OS versions for Mac agents 966 and 976.
Applications
  • When Endpoint Protector by CoSoSys is installed on a device, it is now detected and shows in Applications pages and reports.
Application Persistence
  • When configuring Application Persistence for Symantec Endpoint Protection, you can now select whether the following services are monitored during application health checks:

    • Symantec Endpoint Protection Scan Service (ccSvcHst.exe)

    • Symantec Endpoint Protection WSC Service (sepWscSvc.exe)

  • In some cases, the BeyondTrust Jump Client status was being reported as Not Compliant even when BeyondTrust Jump Client was installed correctly. This issue is now fixed.
  • Previously, if your policy configuration for ESET Endpoint Antivirus required an initialization file, reinstall would fail if the name of the INI file wasn't using the default name. The policy now uses the name of the INI file that is uploaded in the policy.
Authentication

  • The console's login page has been restyled to have a cleaner look and feel. The following email templates have also been restyled:

    • Request Password Reset

    • Password Changed

  • For accounts with Single Sign-On enabled, you can now submit a Local Login request without contacting Absolute Technical Support.
  • On the Absolute Login page, you can now click Having trouble logging in? to view a Help topic containing troubleshooting tips.
Chromebook support

  • Previously, when a Chromebook was synced to the Absolute console but didn't yet have the Chromebook extension deployed, reporting the Chromebook stolen failed. This issue is now fixed.

    This only applies to those accounts that are upgraded to Absolute 7 Chromebooks. You'll know that your account is upgraded if the Settings menu includes Chromebook Settings. For those customers using Classic Chromebooks, Absolute is in the process of upgrading your account to the new Absolute 7 feature.

  • Previously, smart groups that were based on a field from the Google Admin console weren't updating when a change was made to the Google Admin console field. For example, when a device moved between organizational units in the Google Admin console, the smart group wasn't updated in the Absolute console after the changes were synced to the Absolute console. This issue is now fixed.

    This only applies to those accounts that are upgraded to Absolute 7 Chromebooks. You'll know that your account is upgraded if the Settings menu includes Chromebook Settings. For those customers using Classic Chromebooks, Absolute is in the process of upgrading your account to the new Absolute 7 feature.
Dashboard
  • The dashboard's License Consumption widget now shows the status of your base licenses only. Previously, add-on licenses were also included in license counts.
Device Details
  • The name of the Details > Overview page has been changed to Details > Summary.
  • For devices with an activated Endpoint Data Discovery policy, a new field is available in the Overview area of the Device Details page. The Match Score field shows the total Match Score for the device, based on the most recent EDD scan.
  • When the Unenrolled banner shows for a Disabled device, the Last connected field now shows the date and time when the device last checked in to the Absolute console. If it precedes the unenrolled date, the Absolute agent has not yet been removed from the device.
  • Previously, users without the View permission for Custom Data Collection could see the Details > Custom Data Points page.
Device Groups
  • Previously, when adding a description to a device group, the description wasn't saved. This issue is now fixed.
Endpoint Data Discovery (EDD)
  • Files in the Recycle Bin (Windows) and Trash (macOS) folders are now scanned, at all scan levels.
  • Previously, in some rare cases, you couldn't edit the policy configuration for an EDD policy because the default configuration was corrupted. This issue is now fixed.
Freeze

(Absolute 7 version)

  • On a frozen Windows device, you can no longer use a keyboard shortcut to dismiss the Freeze message and access the Windows sign-in screen.

  • You can now view a history of the unfreeze codes associated with a device. The new Unfreeze Code History dialog shows information about a device's prior Freeze requests in the following columns: Unfreeze code, Freeze ID, Freeze type, and Requested date. Learn more
Full-Disk Encryption Status
  • The Absolute agent now successfully detects the encryption status of Dell Encryption, version 11.
Geolocation
  • You can now add Latitude and Longitude columns to any device report using Edit columns.
  • A location change event is no longer logged if the new location is detected using OS Location API and the detected accuracy is low.
  • The system no longer falsely detects that a device has exited or entered a geofence when the geofence covers a large geographical area, such as an entire country.

History

On the Events page:

  • When using Cancel All Scripts on a stolen device, the ScriptCancelAllRequested and ScriptCancelFailed events now appear on the Events page.

On the Actions page:

  • The wording for the Failure reasons has been improved. For example, when a Device Wipe action failed because BitLocker was suspended, the Failure reason was Device not fully encrypted. Now, the Failure reason is BitLocker is suspended.
Investigations
  • You can now successfully submit a theft report for a device when its detected model name exceeds 50 characters.

  • Previously, when the Reported Stolen page in the Assets area was exported, the Report ID column was formatted with commas. The Report ID column is now formatted without commas.
Language support
  • The language set on the Absolute Login page is now persisted across user sessions. If no language is set, the page defaults to the language set in the browser.

  • The language and locale set in a user's User Profile is now consistently applied when the user logs in to the Absolute console, even if a different language was set on the Absolute Login page.
Missing devices
  • When you're reporting a device missing, or updating the email contacts for a missing device, you can now add email addresses to the Send email field by selecting them from a selection list. The list contains the email addresses associated your account's user profiles.
Policy Groups
  • On a policy group's Settings page, the Installed Software policy has been renamed Installed Applications.
Reach scripts

  • In some cases, the Add or Remove Domain User/Group to Local Group script failed. This issue is now fixed.

  • Previously, the Simple MSI Installer script appeared twice in the Script Library. This issue is now fixed.

  • When creating a new script, the script description is now limited to 255 characters.

  • The Run Script button is now disabled when you upload an invalid script file. A valid script file:

    • must be a PowerShell script for Windows (.ps1) or a Bash script for Mac (.sh).

    • can only be up to 1468 KB.

    • cannot be empty.

  • When using Cancel All Scripts on a stolen device, the ScriptCancelAllRequested and ScriptCancelFailed events now appear on the Events page.
Report filters

  • When adding filters to a report, you no longer need to know the word order or the structure of the search term. For example, you can now enter encryption status rather than encryption > status to return the Encryption > Status column.
Reports

  • The following fixes apply to the Schedule Report feature:

    • The maximum file size for a scheduled report has been increased from 9 MB to 20 MB.
    • In some cases, when the Installed Applications report was scheduled, it wasn't exported. This issue is now fixed.
    • Previously, if you exported or scheduled a custom report containing the Identifier column or the Serial Number column, the export failed. This issue is now fixed.
    • When scheduling a report, you can now add email addresses to the Send email field by selecting them from a selection list. The list contains the email addresses associated your account's user profiles.

  • Previously, an Application Persistence Report that was opened from the Application Health widget in the Dashboard contained the correct application in the Absolute console. However, when the report was exported, it showed the data for Microsoft SCCM and BitLocker instead of the selected application. This issue is now fixed.

  • Previously, after you favorited the Installed Applications report, it showed on the Reports page as Device Application Report until you refreshed the page. This issue is now fixed.
Rules
  • When creating an Offline Freeze rule, you can now add email addresses to the Send email field by selecting them from a selection list. The list contains the email addresses associated your account's user profiles.
Unenroll Device
  • Previously, if you used the Upload Bulk Device File option to unenroll multiple devices, the devices would fail to be unenrolled if the uploaded serial numbers were lower case. This issue is now fixed. Serial numbers can now be lower case or upper case.
User Management
  • Previously, when a Power User with permissions for a single Classic device group used the Select All checkbox to add devices to a new static device group, all devices in the account were added to the new group instead of just the devices in the Classic device group. This issue is now fixed.

Web Usage

  • Previously, in some cases, the username associated with a Windows device's web usage may have been reported as NT Authority\SYSTEM instead of the actual username. This issue is now fixed.
Wipe

  • Previously, if you were assigned View or Manage permissions for Wipe, you could download the Certificate of Sanitization for devices that were not assigned to you. This issue is now fixed.