Absolute 7.8 Release Notes

This topic describes the software changes included in Absolute 7.8. It also describes the changes included in all hotfixes since the release of Absolute 7.7.

This release introduces performance, security, data integrity, and usability improvements that enhance the responsiveness, reliability, and ease of use of the system. It also introduces enhancements, improvements, and fixes to existing features and functionality.

NOTE Depending on the Absolute product licenses associated with your account, some of the following enhancements, improvements, and fixes may not be available to you.

Feature enhancements

Policy groups: You can now move devices between policy groups without first moving them to the Global Policy Group.

A new option, Move Devices... is now available on each policy group's Devices page. After you select the devices that you want to move, click the Move Devices... button to select the policy group that you want to move the devices to. A policy group will be grayed out if it doesn't have enough Absolute product licenses available.

For more information about moving devices, see Moving devices between policy groups.

Live Chat Support: A new option is now available on the Support page in the Help and Support area. Click Chat with a Specialist to go to the Absolute community website and begin chatting with a Technical Support Specialist.
Absolute Reach: The following Absolute scripts, which you can run on your Windows devices, are now available in the Script Library in the console's Administration area:
- Audit the local administrators
- Cancel all local printer jobs
- Change display standby settings
- Change page file Size
- Change screen saver settings
- Change system restore frequency
- Collect all scheduled tasks
- Collect .exe files
- Collect frequent errors and warnings of event logs
- Collect information about files from a specified folder
- Collect local disks information
- Copy permissions
- Create monthly scheduled task
- Create weekly scheduled task
- Enable automatic management of page files on a device
- Enable or disable background image on login screen
- Enable or disable fast shutdown
- Enable or disable hibernation on a Windows system
- Enable or disable Security Center displaying messages on a Windows system
- Enable or disable Windows Hello biometrics
- Enable the legal notice message on login screen
- Export events log from the system to a UNC path
- Gather enabled and disabled local accounts
- Gather Windows features
- Get GPS location
- Remove permissions
- Report Windows Updates
- Search for an installed hotfix

For more information about running Absolute scripts, see Running scripts on devices.

Improvements and fixes

Absolute 7.8 introduces the following improvements and fixes:

Feature/Area	Improvements and fixes
Administration	In the Agent Management area, if a policy group is currently assigned to the default agent version and you assign it to a higher agent version, the default agent version information no longer becomes hidden.
Absolute agent	The following Absolute agent related information now shows on the Device Details page for Windows devices: Agent A field and report column showing the version number of the core agent (rpcnet) installed on a Windows or Mac device. Component Manager The component manager is installed on top of the core agent and manages the agent components responsible for initiating device actions and collecting device data. Most agent components are controlled by policies, such as the Hardware and Installed Applications policies. Persistence agent A field and report column showing the version number of the Absolute Persistence agent (rpcnetp), which is embedded in the firmware of a Windows device by the device manufacturer. The Persistence agent performs the device's inital connection to the Absolute Monitoring Center, which triggers the Absolute agent to be downloaded and installed. You can also add these columns to reports and filter a report by these fields. NOTE This information will be available for Mac, Android, and Chromebook devices in a future release. A number of software changes were introduced to make the Absolute agents for Windows and Mac more robust and improve their connectivity to the Absolute Monitoring Center. As a result, device information in the Absolute console is more up-to-date. The Absolute agent for Windows now detects the correct serial number for a NVMe hard drive. Previously, the drive's EUI-64 identifier was detected and shown in the Serial Number field in reports and the device's Device Details page. When an external drive is attached to a device, the Absolute agent for Windows now detects the correct hard drive serial numbers. Previously, the serial numbers associated with Disk 1 and Disk 2 were interchanged.
Absolute APIs	The Device Reporting API now supports the following OData parameters: $top, $skip, $select, $orderby, and $filter. If you edit the name or description for an existing API token in the Absolute console, the token no longer becomes invalid.
Alerts	If you set an alert condition to trigger an alert when a device moves outside of a Geofence, the alert is now triggered as expected. Previously, in some cases, the alert was only triggered after the device moved back inside the Geofence. When the following condition is configured in an alert, an alert is now triggered if the condition is met: Username - Is Not - <value>.
Anti-Malware	When Bitdefender Endpoint Security Tools is upgraded on a Windows device, the correct version number for the application now shows in the Anti-Malware report.
Application Persistence	You can now configure the Application Persistence policy for Ivanti Endpoint Manager to persist version 11.0.x of the Ivanti Endpoint Manager agent. A new Repair Status, Pending reboot, has been added. This status shows in Application Persistence reports if a device reboot is required to complete the repair of a persisted app. Previously, devices in this state showed a Repair Status of Failure. A new configuration is now available in the Application Persistence policy for McAfee ePolicy Orchestrator. Select the Report higher versions as Compliant check box if you want a status of Compliant to be returned when all health checks pass but the Absolute agent detects a higher version than the selected version. On the policy configuration dialog for McAfee ePolicy Orchestrator, the helper text under the URI field now shows the correct file format of the installer (.exe).
Authentication	The Absolute Login page has a new look. Also, the page now displays correctly when you access it from a mobile device's browser.
Custom Fields	After you select a Classic device group on the View and Edit Device Fields page in the Administration > Data area, the group's device count is now correct and any edits you make are applied to all devices in the group.
Dashboards	The percentage of encrypted devices shown in the Overview widget now matches the value shown in the Encryption Status widget.
Data Delete	The IP address that shows in a Data Delete notification email now corresponds to the Public IP address of the user who requested the Data Delete operation. If you manually enter a date in the Date of Loss field, the system now checks that the date is valid and shows an error message if it is not. Additional field validation has been added to the Request Data Delete page. After you click Continue on the Request Data Delete page, the Cancel button and the Close icon are now disabled. If you are in the process of creating a Data Delete request when you decide to cancel it, a "Leave Site?" warning message no longer shows after you click Cancel.
Device Freeze (Classic version)	When a user submits an Unfreeze Device request for a device, that user’s name now shows in the Requested By field. Previously, the user who submitted the original Freeze request was recorded as the requester of the Unfreeze Device request.
Device Freeze (Absolute 7 version)	If the Device Freeze component's properties file is tampered with on a Mac device, the Absolute agent now detects an error and self heals the component. If an entry related to the Device Freeze component is deleted from the registry on a Windows device, the Absolute agent now self heals the component by restoring the registry entry. Previously, if a device was frozen by an Offline Device Freeze Policy before its associated Absolute account was upgraded from Classic Device Freeze to Absolute 7 Device Freeze, unfreezing the device in Absolute 7 may have disabled the device's Windows Registry editor and Task Manager. This issue is now fixed. Previously, after an Unfreeze code was used to unfreeze a frozen device, the device user was repeatedly logged out their session in some cases. This issue is now fixed. If the Absolute agent attempts to freeze a device while a Windows software update is in progress, the agent now waits for the update to complete before freezing the device.
Device Groups	When you're performing a device action from a device group, if you filter the device list and then select the Select All Devices check box, the action is now performed on the filtered device list only. Previously, the action may have been performed on all devices in the device group.
Endpoint Data Discovery	A new column, File Accessed, can now be added to the History report, Reporting Data report, and Devices with At-Risk Data in Cloud report. This column shows the date and time when a file was last accessed on a Windows device. Note that a value will show in this column only if the Last Access Time setting is enabled in the device's operating system. For Mac devices, and Windows devices with disabled settings, the column always shows two em dashes (— —). When you add any of the following columns to some EDD reports (History report, Reporting Data report, or Devices with At-Risk Data in Cloud report), you can now use the column to sort the report: Username, Serial Number, Device Name, Make, Model, Platform Type, Excluded from Reports, File Extension, and any Encryption column. After you select some devices in a report and request an EDD scan, the report page now refreshes to clear the selection of the devices. When you export a Reporting Data report that includes the File Match Status column, the values in the column are now consistent with those shown in the console. When a filename does not include a file extension, two em dashes (— —) now show in the File Extension column instead of the file's path. When you set the Scan Level for an EDD scan to Moderate or Targeted, the following directories are no longer scanned: Mac devices: /opt/local/include. Windows devices: <any drive letter>\ProgramData On Mac devices, the performance and stability of the Absolute agent's EDD component is now improved.
Full Disk Encryption	If one of the following versions of Dell Full Disk Encryption is installed on a device, the application's status is now available in the Full Disk Encryption Status report: 10.0, 10.1 or 10.2. When both BitLocker and TrueCrypt are installed on a device but only TrueCrypt is being used for full disk encryption, the Absolute agent now detects the correct status of TrueCrypt and shows it in the Full Disk Encryption Status report. When one of the following applications is installed on a device with a self encrypted drive (SED), and the drive is encrypted, a status of Encrypted now shows in the Full Disk Encryption Status report: Trend Micro Full Disk Encryption Check Point Full Disk Encryption Previously, the status may have been reported as Installed (Not Encrypted). If a device is upgraded from the 32-bit to the 64-bit version of WinMagic SecureDoc, the correct status now shows in the Full Disk Encryption Status report.
General	The Risk Analysis feature, which was included with Absolute Resilience, is no longer available. NOTE If you submitted a Risk Analysis request prior to the release of Absolute 7.8 and are waiting for the completed report, the Risk Response team will email it to you. When you search for an item in the console, the list of search results matches your keyword more closely because fuzzy searches are now more restrictive. If you are viewing the Absolute console in version 75.0.x of the Chrome browser, the icon that shows on the sidebar in some areas, such as Policy Groups and Roles, is now visible.
Geolocation	On the Device Location Report, all device count text boxes that show on the map are now formatted correctly. Previously, the text box may have included some extra whitespace to the right of the value. The most recently reported location of a device is now the same in both the Device Location Report and the Device Location History Report.
Hardware Data Collection	The asset number detected on a Windows device now shows in the BIOS section of the Device Details page in the new Asset Tag field. You can also add the BIOS > Asset Tag column to a report and filter a report by this field. Some software changes have been introduced to the Absolute agent to fine-tune the scheduling of Hardware Data Collection scans.
Language Support	When you view the Absolute console in a language other than English, month and day names now show in the correct language in the Calendar picker in Announcements.
License Management	When you purchase Absolute product licenses, you can now assign the licenses to your devices as soon as the Purchase Order is completed. Previously, you may have had to wait a few hours.
Policy Groups	When a policy group contains a very large number of devices, you can now successfully configure, activate, or deactivate the policy group's policies and apply those changes to all associated devices.
Reports	When you add the Total Physical Memory column to a report, the correct units now show for each value. Previously, "KB" may have been shown when the value was actually in gigabytes (GB). On the Edit Filter dialog for a report, if you select a new option in the Select Condition field after you have completed all of the filter fields, the filter's Enter Value field is now cleared so you can enter a new value. When you rename a custom Device Analytics report, the report's Scope and Series filters are no longer deleted causing the report's data to be discarded. When you edit a custom date range for a Device Analytics report, the correct date range is now reflected in the report. After you use the Upload File for Bulk Device Action option to run a Script on some devices, you can now successfully perform a Device Action from a report. You can now successfully perform a Device Action from a report that you’ve filtered using one or more Anti-Malware fields. The value shown in a report's Average Daily Usage column is now consistent with the data shown for each device on its Usage Event Details page.
Absolute Reach	On the Add Script dialog, if you replace an uploaded script that includes parameters with a script without parameters, the dialog's Script Variables fields are now cleared of the first script's parameters.
User Management	The Modified (UTC) field for a user, which shows the date and time when the user's account was last edited, is no longer updated when that user logs in to the Absolute console.