Absolute 7.22 Release Notes

This topic describes the software changes included in Absolute 7.22. It also describes the changes included in all hotfixes since the release of Absolute 7.21.

This release introduces performance, security, data integrity, and usability improvements that enhance the responsiveness, reliability, and ease of use of the system. It also introduces enhancements, improvements, and fixes to existing features and functionality.

To view the software changes introduced in this release that apply to the Absolute agent, see the Absolute agent release notes: Version 7.22.

NOTE  Depending on the Absolute product licenses associated with your account, some of the following features, enhancements, and fixes may not be available to you.

Features and enhancements

Some device actions can be disruptive to an organization if they are created by mistake or by a disgruntled employee. To prevent this situation, you can configure limits on the number of devices that can be included in requests before a secondary approver is required. The following device actions support dual approval:

Learn more about configuring dual approval

Learn more about approving dual approval requests

The following components of the Freeze feature have been updated or enhanced:

Freeze message templates are now managed alongside End User Message templates in the Messages area in Settings. Go to the Messages area to create and manage Freeze message templates. You'll also see that the Freeze message editor now has an updated interface, and you can add a logo to your message.

Learn more

To help you get started, the following Freeze message templates are available by default:

  • End of School Year
  • Laptop return
  • Out of compliance

Learn more

To support this new functionality, the Manage permission has been added to Freeze Device. To create, edit, and delete Freeze message templates, your user role needs to be granted this permission. All user roles that are currently granted the Perform permission are now granted the Manage permission.

About existing Device Freeze message templates

The Device Freeze Messages area is no longer available in Settings. Your existing Device Freeze message templates have been migrated to the Messages area. To view your templates, click on the navigation bar, click Messages, and then click Freeze Message.

Learn more

You can now assign a custom name and description to your Freeze request. Also, the Freeze message editor now has an updated interface, and you can add a logo to your message.

Learn more

NOTE  Device eligibility is now determined after the Freeze request is submitted. If a device is not eligible to be frozen, an action status of Failed shows in Action History.

To simplify the Remove Freeze workflow, the Remove Freeze dialog now contains two options instead of three:

  • Unfreeze devices and cancel pending on-demand freeze requests (default)

  • Cancel pending and downloaded freeze requests scheduled for a future date

Learn more

NOTE  Device eligibility is now determined after a Remove Freeze request is submitted. If a device is not eligible for a Remove Freeze request, an action status of Failed shows in Action History.

When creating a Freeze request or a Remove Freeze request, you can now customize the request's email notifications by selecting the individual status change events that will trigger a notification. The following events are available:

  • Request is created

  • Request is complete

  • Device is frozen (available in Freeze requests only)

  • Device freeze is removed

  • Remove freeze is failed

You can also create up to 5 email notification rules, each containing one or more events and email recipients.

Configuring email notifications for Freeze requests

Configuring email notifications for Remove Freeze requests

NOTE  If a Freeze request that you want to remove was submitted before the release of Absolute 7.22, the old email notification process is applied. This means that any email notification customizations you select in the Remove Freeze request are ignored, and the email recipients specified in the original Freeze request are notified of each status change event.

Freeze and Remove Freeze have been added to the Actions page in the History area. View the progress of On-demand, Scheduled, and Remove Freeze requests. You can view the progress for the request as a whole, or view the Action status for an individual device.

To more accurately reflect the information shown in the Device Freeze Passcode report, the report has been renamed Device Freeze Status.

The Device Freeze Status section of a device's Device Details page has been updated. The grid has a new look and you can now open the Device Freeze Status report, filtered for the device, directly from the page.

For consistency, the statuses shown in this section have been updated to match those shown in the Device Freeze Status report:

Old Freeze status

New Freeze status

 Applies to... Details
Freeze requested

Pending

All Freeze types

A Freeze request has been submitted, but it has not been sent to the device yet
Scheduled

Ready

 Scheduled

A Freeze request has been sent to the device and it is waiting for the scheduled date
Scheduled Timer Expired

Frozen - Timer Expired

 Scheduled

The scheduled date has been reached, but the device has not checked in to confirm its Frozen status
Conditional - Offline Set

Set

 Offline

The Offline Freeze rule has been sent to the device and it is waiting for the offline timer After an Offline Freeze rule is activated on a device, the offline timer starts counting down on the device. With each successful agent check-in the timer resets. If a device does not check in before the timer expires, the device is frozen. The length of the timer in days is specified in the rule configuration. to expire
Offline Timer Expired

Frozen - Timer Expired

 Offline

The offline timer has expired, but the device has not checked in to confirm its Frozen status
Frozen Frozen All Freeze types The device is frozen and it has checked in to confirm its status

NOTE  The Unfreeze code history link has been removed from the Device Freeze Status section.

You can now create and manage a default contact list for theft reports in a new area in Settings. Go to the Investigation Report Contacts area to add or edit contacts, change their status, or export the contact list. Individuals on the contact list will automatically receive an email notification when the status of a theft report changes.

Learn more

If you want to view the contact list while you're submitting a theft report, click the Investigation Report Contacts link in the report.

Learn more

To support this new functionality, new permissions have been added to User Management. To manage contacts, your user role needs to be granted Manage permissions for Investigation Contact. System Administrators and Security Administrators are granted this permission. To view contacts, your user role needs to be granted the View permission for Investigation Contact. All default roles are granted this permission.

About existing contact lists

The Classic Investigations Contact List area is no longer available in Settings. Your existing contact list has been migrated to the new Investigation Report Contacts area. To view your templates, click on the navigation bar, and click Investigation Report Contacts.

Learn more

You can now view your account's geofences while you're in map view, allowing you to visually compare the location of your devices to the location of the geofences defined in your location rules.

To add geofences to the map, select the new Show geofences check box located next to the map's Search field. A list of the location rules configured for your account opens to the right of the map, and geofence icons are added to the map. Click a rule in the list to view its geofences, or click a geofence icon on the map to view its corresponding rule.

Also, if your user role is granted Manage permissions for Rules, you can edit a rule or geofence directly from the map.

Learn more

The following scripts are now available:

  • Retrieve a list of files from a device
  • Upload files to Dropbox
  • Upload files to FTP server
  • Upload files to network shared folder

Note that these scripts were introduced to replace the following Classic features, which are now retired:

  • File List
  • File Retrieval

To help distinguish it from Absolute Persistence™, Application Persistence has been renamed Application Resilience. The following have been renamed in the console:

  • The Application Persistence report is now the Application Resilience report
  • The Application Persistence Events report is now the Application Resilience Events report
  • The Application Health widget is now the Application Resilience widget
  • The Application Resilience events now start with App resilience instead of App persistence
  • The Persistence tab in Policies is now the Resilience tab

Application Resilience policies, which collect information about the functional status of third party applications installed on your Windows devices, now support the following applications:

You can now persist the following application versions:

  • SentinelOne version 22.x or higher

All newly added applications and versions support file hosting.

In additional to all of the newly added applications and versions, the latest version of the following applications now support file hosting:

  • BitLocker®
  • Dell Data Guardian
  • Lenovo Vantage
  • McAfee® Drive Encryption

The following events are now logged to the Events page in the History area:

  • Device enrolled
  • Freeze events
    • Device freeze replaced
    • Device freeze cancellation requested
    • Device frozen timer expired
    • Remove freeze requested for device
    • Remove freeze failed for device
    • Device freeze message template created
    • Device freeze message template updated
    • Device freeze message template deleted

  • Dual Approval events

    • Action request pending approval
    • Action request approved
    • Action request declined
    • Action request auto declined
    • Action request canceled
    • Dual approval settings updated

To support the new features and enhancements introduced in this release, the following permissions have been added:

  • Investigation Contacts - View and Manage permissions

    System Administrators and Security Administrators are granted Manage permissions. All default roles are granted View permissions. To grant these permissions to any custom roles you've created, update each role's permissions.

  • Freeze Device - Manage permissions

    To allow users to manage Freeze message templates, all user roles that are currently granted Perform permissions for Freeze Device are now granted Manage permissions.

The following resources have been added to the version 3 API:

  • Missing Devices
  • Device Groups

Learn more

Retired features

Absolute has retired the following features:

Feature

Details
Single Sign-On using SHA1 Support for SHA1 hash algorithms and RSA-SHA1 signing algorithms ended in January 2023. Single Sign-On continues to support SAML 2.0 requests and responses that use SHA256 hash algorithms with RSA-SHA256 signing algorithms.
Data Delete In the Settings area, the Data Delete link and the Data Delete Summary Report are no longer available. Use Delete File or Wipe to delete files from your devices.
Classic Activation report The Classic Activation report is now retired. To view information about the devices that have completed a first check-in to the Absolute Monitoring Center, go to the Reports area and view the Activation report.
Classic SCCM Status Reporting and Repair The Classic SCCM Status Reporting and Repair feature and its associated reports are now retired. To report on and repair the SCCM clients installed on your Windows devices, activate the Application Resilience policy for Microsoft SCCM.

Classic Agent Management page

The link to the Classic Agent Management page has been removed from the main Agent Management page. Use the updated Agent Management area to download the Absolute agent.
Classic Investigations Contact List The link to the Investigations Contact List has been removed from the Settings area. To access and manage your contact list, go to the new Investigation Report Contacts page.

File List

The File List Summary Report link has been removed from the Settings area and the File List feature is now retired. To get a list of the files stored on a device, use the new Reach script named Retrieve a list of files from a device.

Learn more about running a Reach script

File Retrieval

The File Retrieval Summary Report link has been removed from the Settings area and the File Retrieval feature is now retired. To retrieve files from a device, use one of the new Reach scripts:

  • Upload files to Dropbox
  • Upload files to FTP server
  • Upload files to network shared folder

Learn more about running a Reach script

Improvements and fixes

Absolute 7.22 introduces the following improvements and fixes:

Feature/Area

  

Applications

Application Resilience

  • Previously, for some errors that occurred while uploading an Application Resilience file, the error message was generic. The errors messages are now more detailed.

  • The scan frequency for the latest version of all supported applications has increased from every six hours to every 15 minutes. The upload frequency has increased from every 24 hours to every six hours.

  • In some cases, when the installer failed to download for some applications, the status details would incorrectly show that a restart was required to complete the reinstallation. This issue is now fixed.

  • The Application Resilience widgets and reports now use Last App Resilience scan The date and time the Application Resilience (RAR) component of the Absolute agent last ran a status check on the device. instead of Last connected The date and time when a device's Absolute agent last checked in to the Absolute Monitoring Center..

  • Devices in a policy group that had an Application Resilience policy activated for FortClient Fabric Agent were rebooting every 15 minutes. This issue is now fixed.

  • In some cases, when a change was made to an Application Resilience policy, the new policy was not always applied to devices. This issue is now fixed.

  • The following Application Resilience policies have now been updated:

    • Absolute Secure Access

      Policies for NetMotion Mobility have been renamed Absolute Secure Access. The RAR component now checks for either Absolute Secure Access services and drivers, or NetMotion Mobility services and drivers.

    • Cisco Secure Endpoint

      Policies for Cisco Secure Endpoint (formerly Cisco AMP) now check for both Cisco Systems, Inc. and CISCO SYSTEMS CANADA CO as signers for the services being monitored for health checks.

    • Cortex XDR

      If policies for Cortex XDR have Supervisor password configured, and the RAR component can find Cytool on the device, attempts to repair and reinstall Cortex XDR on the device use Cytool. If the Supervisor password isn't configured correctly, or Cytool cannot be located on the device, the RAR component attempts to repair and reinstall Cortex XDR.

    • FireEye Endpoint Agent

      Policies for FireEye Endpoint Agent now check for both Fire Eye and FireEye, Inc. as signers for the services being monitored for health checks.

    • GlobalProtect

      Policies for GlobalProtect now allow you to enter optional command-line parameters.

    • Lightspeed Smart Agent

      Policies for Lightspeed Smart Agent now check for both LIGHTSPEED SYSTEMS and LIGHTSPEED SYSTEM, INC. as signers for the services being monitored for health checks.

    • ManageEngine Desktop Central

      Policies for ManageEngine Desktop Central can now be configured so ManageEngine UEMS - Remote Control (dcrdservice.exe) is optional and is only used in health checks if it is selected in the policy configuration.

      NOTE  The ManageEngine UEMS - Remote Control service may also be known as ManageEngine Desktop Central - Remote Control, depending on the version.

    • Microsoft® SCCM

      The RAR component no longer checks to see if the SMS Agent Host (ccmexec) service is running if SCCM is using Task Sequence.

      NOTE  If your account is not configured to receive automatic agent upgrades, you’ll need to assign agent version 7.21.0.1 to your policy groups to apply this change to your devices.

    • Zscaler Client Connector

      Policies for Zscaler Client Connector now support both 64-bit and 32-bit installers.

Authentication

  • Password resets are now more secure.
Chromebook support

  • All customers using Classic Chromebook have now been migrated to Absolute 7 Chromebooks. Settings > Classic Account Settings > Chromebook - Google Accounts has been removed for all accounts. You can now find your Chromebook account information in Settings > Chromebook Settings.

    Learn more

  • The Chromebook extension now supports Manifest V3.

    NOTE  A pop-up will appear when geolocation data is collected. This is expected behavior.

Dashboard

  • The following labels in the Dark Devices widget have been updated:

    • The label Devices is now Trend over
    • The label Not checked in for 30 days or more is now Currently Dark
  • The Application Health widget has been renamed Application Resilience.

Device Details

Device groups

  • In some rare cases, devices that met the filter criteria for a smart device group may have failed to be included in the group. This issue is now fixed.

  • You can now select all the devices in a device group even if there are more than 10,000 devices in the group. This allows you to perform a device action on all of the devices.

    NOTE  Although you can select all devices, some device actions are limited to a maximum number of devices.

  • When adding filters to create a smart device group, you can now filter by any of your account's Custom Data fields.
File Delete

  • The log file is now available for download for all Delete File requests with a status of Completed.

  • In some cases, the status of a Delete File request was not updated from Processing to Completed after the applicable files were deleted from the device. This issue is now fixed.
History > Actions
  • When viewing a Device Action request that includes a long description (up to 255 characters), the description is now truncated. Users can view the full description in a tooltip.

Insights

  • All maps shown in dashboard widgets, such as the Device Count & Map widget, now use Kibana's Maps feature. For more information about working with Maps, refer to Kibana documentation.
  • The Dark Devices (No contact for 7 Days) widget has been removed from the Executive Summary dashboard.

Investigations

  • After cloning a theft report, you can now use the search field in the cloned report to successfully search for a device.
Messages
  • Messages are now displayed on devices that are accessed using a remote connection.
  • When a user includes an email address in a message response, the system now validates that the email address does not exceed 250 characters.
  • To make it easier to work with messages, the following toolbar now shows when you hover over a message:

    Click the applicable icon to Edit, Copy, or Delete the message.
Reach Scripts
  • The Delete Aged User Profiles script has been updated to add more exit codes and to improve the script description.

Reports

  • Previously, when saving a report with a Custom Field filter, the filter was not applied to the saved report and a Custom Field removed error was displayed. This issue is now fixed.
  • When a Windows device connected to an external power source, the Battery > Estimated runtime column showed a value of 71582788. This column now shows Plugged in. Note that this column is empty when it's exported.
  • You can now sort report results by Local IP address and Public IP address.
  • The within last and not within last filter conditions have been updated to use exact values. For example, specifying within last 2 days will now show the last 48 hours of results, not today's results plus the previous 2 days.

Rules

  • To create a new rule, you can now click the Create icon on the console's quick access toolbar and then click Rule. Note that the Alert link is no longer available in the Create menu.
  • When creating a custom rule with the event condition set to is or contains, you can now specify multiple values in the value field. In this case, the event is triggered when any of the values are included in the event record.
  • To make it easier to work with rules, the following toolbar now shows when you hover over a rule:

    Click the applicable icon to Edit, Copy, or Delete the rule.

User Management and permissions

  • The date and time when a user last logged in to the Absolute console is now shown on the User Management page in Users, and on the Assigned Users page in Roles.

  • Previously, View and Manage permissions for Insights could not be assigned to some older custom roles. This issue is now fixed. If an Absolute Insights license is associated with your account, these permissions are now available for selection on the Define Role and Permissions page for all custom roles.

  • When creating a custom role, assigning View permissions for Remove Freeze now automatically assigns Perform permissions, and vice versa. As a result of this change, your user role now needs to be assigned Perform permissions to view the Device Freeze Status report, not just View permissions. System Administrators, Security Administrators, and Security Power Users are granted these permissions.