Absolute 7.20 Release Notes

This topic describes the software changes included in Absolute 7.20. It also describes the changes included in all hotfixes since the release of Absolute 7.19.

This release introduces performance, security, data integrity, and usability improvements that enhance the responsiveness, reliability, and ease of use of the system. It also introduces enhancements, improvements, and fixes to existing features and functionality.

To view the software changes introduced in this release that apply to the Absolute agent, see the Absolute agent release notes: Version 7.20.

NOTE  Depending on the Absolute product licenses associated with your account, some of the following features, enhancements, and fixes may not be available to you.

Features and enhancements

Features at end-of-life

Improvements and Fixes

Absolute 7.20 introduces the following improvements and fixes:



Absolute agent

  • Previously, after running the Windows core agent installer on a Lenovo Thinkpad T14 Gen 2 device, the device ceased to respond to inputs. This issue is now fixed.
  • Addressed an issue with the Mac core agent installer so the installer doesn't write settings to the device on a failed installation


  • The Anti-Malware > Definition report column now shows the correct definition version for McAfee Endpoint Security.


  • Previously, if a gold image was installed on the device, an incorrect installation date may have been reported for a Window base app (e.g. Calculator, Camera). This issue is now fixed.
  • Advancing and then reverting the system date on a Mac device no longer stops the collection of new and updated application information.
Application Persistence
  • Following the release of a hotfix on March 15, updating an application's policy configuration on the Policies > Persistence tab may have intermittently failed. This issue is now fixed.

  • The following Application Persistence policies have now been updated:

    • Cisco® AMP for Endpoints

      Policies now check for an additional verified signature for the services being monitored for health checks.

    • CrowdStrike Falcon®

      • The Custom ID (CID) field is now optional and has been renamed Additional installation commands. The Bulk maintenance token (if required) field has been renamed Additional uninstallation commands.

      • Policies now correctly shows that they support EXE files, and not MSI files

    • Dell Encryption

      The Application Persistence policies for Dell Encryption no longer contain the Encryption External Media selector. If you would like to install the Encryption External Media version of the Dell Encryption Client, you can include it as a parameter in the Additional installer commands. See Dell Encryption Client documentation for the supported syntax.

    • Microsoft® SCCM

      • You can now configure the specific minimum version of Microsoft SCCM you expect to be running on your devices.

      • The hardware inventory scans and software inventory scans now indicate that they only apply to report and repair.

    • Symantec DLP

      Policies now check for an additional verified signature for the services being monitored for health checks.

    • Trend Micro Apex One™

      Policies now check multiple folders for the services being monitored by health checks.

    • VMware Carbon Black Cloud™

      Previously, Application Persistence policies for VMware Carbon Black Cloud™ checked to see if the Carbon Black Cloud WSC service (RepWSC.exe) was running. Now, policies only check to see if Carbon Black Cloud WSC service (RepWSC.exe) is installed.

    • Zscaler™ Client Connector

      The RAR component now only checks for the existence of the ZSAUpdater (ZSAUpdater.exe) and ZSATunnel (ZSATunnel.exe) services. It no longer checks to see if these services are running.

  • Application Persistence polices no longer show that the file:// protocol is supported.


  • When you schedule a page in the Assets area, the page is now added to Scheduled view of the Reports page.
  • In the menu, the Save As option is now labeled Save as report to more accurately reflect the end result of the action.
  • Previously, the sidebar in the Assets area may have intermittently failed to load. This issue is now fixed.


  • The minimum requirements for user passwords has been updated to allow users to more easily create passphrases.

    Password requirements are as follows:

    • Must be between 8 and 64 characters in length
    • May contain any printable ASCII characters, including spaces and Unicode characters
    • Reuse of the user's last 5 passwords is not permitted
  • A single user session can no longer exceed 12 hours in length. If this limit is reached, the session is terminated and a Session max time exceeded event is logged to Event History. The user must log in again.

Chromebook support

  • When you unenroll a Chromebook through the Google Admin Console, either by deprovisioning the device or by moving it to an unsynced OU, the Events page in the History area now shows the change was initiated by Google Sync.
  • Previously, if the sync between Absolute and a Google account failed, there was no way to update the account information in the Absolute console. The account had to be removed, which also removed the organizational unit configurations. You can now go to Settings > Chromebooks settings and use the new Update Account button to update your Google account information.


  • Previously, if you searched for and viewed one device after another from the Dashboard, a caching issue may have occurred on the Device Details page. This issue is now fixed.
  • The performance of the dashboard has been improved. Widget data now loads more quickly after login.

  • Previously, the device groups field in a widget's Advanced Settings dialog failed to contain a selection list of the account's device groups. This issue is now fixed.

Device Details

  • A status alert banner now shows in the summary area of the Device Details page when a device has a pending Run Script, Delete File, or Wipe request. To cancel a request, click Cancel in its banner.

    For example:

Endpoint Data Discovery (EDD)

  • A warning related to the deprecated Data Delete feature has been removed from a Mac device's EDD Summary page.
  • To improve the performance of EDD scans, a set of directories commonly associated with source code have been excluded from scans with a scan level set to Targeted or Moderate.


(Absolute 7 version)

  • You can now include a device's device name or Absolute Identifier in a Freeze message using the Insert variable field.
  • Immediately following the release of ABS 7.19, your first attempt to submit a Freeze request may have led to a Bad Request error, or the Classic Device Freeze workflow may have been invoked, including authorization codes. This issue is now fixed.
  • In some rare cases:
    • A device could be unfrozen when additional digits were entered with the device's unfreeze code. This issue is now fixed.
    • The status of a newly frozen device may have been unexpectedly changed to Freeze Failed. This issue is now fixed and the device remains frozen.

Full-Disk Encryption

In Full-Disk Encryption Status reports and pages:

  • The Installed (Not encrypted) encryption status has been renamed Not encrypted.
  • The following statuses have been added to more accurately reflect the status of BitLocker Drive Encryption on a Windows device:

    • Decryption in progress
    • Suspended

    Note that in the Encryption Status widget on the Dashboard, the Suspended status is counted as Encrypted and the Decryption in progress status is counted as Not encrypted.

  • When BitLocker is the only encryption product installed on a fully decrypted device, BitLocker Drive Encryption is now reported as the detected encryption product.


  • User roles that are not granted View permissions for Geolocation can no longer view device locations by adding Geolocation-related columns to a report.
  • When viewing devices on a map, zooming in past a particular zoom level in Satellite view no longer causes the view to switch to Globe view.
  • The Google Wi-Fi Positioning algorithm has been enhanced to more accurately determine if a device has changed its location.
  • When a user restarts a Windows 10 or 11 device, the device is now immediately scanned for its current location.
  • Previously, some Geolocation features, such as the Map view icon and Unexpected location change rules, were intermittently not available in the console. This issue is now fixed.

  • For some customers that were migrated from Classic Geolocation to ABS 7 Geolocation, a message stating that Geolocation Tracking is not enabled may have showed when a user attempted to open the Classic Device Location History report. This issue is now fixed and the report opens as expected.

History > Events

  • The System information updated > System name event has been renamed System information updated > Device name.
  • The following Application Persistence events no longer return the Status Details in the Summary column:
    • App persistence remediated
    • App persistence remediation failed
    • App persistence device became compliant
    • App persistence device became noncompliant
  • The App persistence reason updated event is no longer created


  • The Username associated with a Chromebook device is now available in Device Usage related fields in Insights.
  • On the Application Usage - IT Dashboard, the Application Usage by Device Name visualization is now sorted by total minutes in use in descending order. Previously, it was sorted by application name in ascending order.

  • The Device Count & Map visualization now consistently shows device locations on the Alerts -Security, Risk, and Compliance Dashboard.

  • An issue has been resolved in which application usage data sometimes failed to be imported.

  • Previously, some visualizations on the following dashboards were slow to load data:

    • Executive Summary

    • Device Inventory - IT Dashboard

  • This issue is now fixed.


  • If your account resides in the US Data Center (cc.us.absolute.com), the Investigation Report link provided in email notifications contained the URL for another data center. This issue is now fixed.

Language support

  • When you view the Absolute console in a language other than English, the title of the Upcoming Offline Device Freeze report now shows in the correct language.



  • A small progress notification dialog is now shown when you export any ABS 7 report. Previously, some reports used the Notifications indicator () to show the progress of the export.
  • You can now access the classic Activation Report by clicking the new Firmware Activation link in All Reports view of the Reports page, or from the Device report category.

  • Clicking a report's Refresh this page icon no longer removes all newly added report columns.

  • Previously, the Upcoming Offline Device Freeze report may have failed to show all devices with an outstanding Offline Freeze rule, or update the date shown in the Expected freeze date column for some devices. These issues are now fixed.

  • Number fields exported in reports are now properly recognized as number format and can be used in Excel in formulas and for sorting.


  • Duplicate rule names are now supported.

User Management and permissions

  • You can now export a report that contains information about each user in your account.
  • When suspending a user account, you can no longer select the current date in the Temporarily suspend until field.
  • On the Invite User dialog, the default setting for the Default User Session Timeout field is now set to 20 minutes instead of 60 minutes.