Enhancements

• Deep Security Agent sometimes crashed when it could not connect to Deep Security Manager. DS-67654
• Updated Deep Security Agent to use TLS 1.2 strong cipher suite by default to improve security. The agent previously used the CBC cipher suite by default. DS-67204
• Deep Security Agent was upgraded to use locally installed kernel modules when new ones can't be fetched from the Deep Security Relay. DS-66599
• Updated Deep Security Agent to support using the "process name" property in "ignore from source" rules for Application Control trust entities on Cloud One Workload Security. DS-67322
• Updated Deep Security Agent's database size management to optimize disk space usage. DS-67347

Resolved issues

• Insufficient file access permission for the Deep Security Relay sometimes caused the agent installer to fail. DS-67278
• Deep Security Agent sometimes showed an incorrect "No such file or directory" error message during installation. DS-67317
• Deep Security Agent sometimes showed plugin installation failures during an upgrade even when the upgrade was successful. DS-67336
• Deep Security Agent sometimes could not start after an upgrade. SF04943063/SEG-123155/DS-67475
• Deep Security Agent sometimes changed the access time of files during the on-demand Anti-Malware scan. DS-67119
• The Deep Security Agent and MQTT connection would sometimes go offline, requiring an agent restart. DS-67487
• Deep Security Agent couldn't properly handle SAP NetWeaver MIME type scan requests containing leading and trailing spaces. DS-67448
• With Anti-Malware real-time scan enabled, Deep Security Agent would sometimes scan unchanged files. DS-67806
• Deep Security Agent sometimes caused the system to crash. SEG-123338/DS-67445

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-6489/DSSEG-7210/DS-65113/DS-67367

• CVSS score: 9.8
• Severity: High

New features

• Anti-Malware offline scheduled scan: Deep Security Agent (version 20.0.0-3445+) adds the offline scheduled scan feature, enabling Anti-Malware scheduled scans to run while an agent is not connected to Cloud One Workload Security. This feature is only available to certain Cloud One Workload Security customers at this time.
• Windows 11 support: Deep Security Agent (version 20.0.0-3445+) now supports Windows 11.
• Windows Server 2022 support: Deep Security Agent (version 20.0.0-3445+) now supports Windows Server 2022.

Enhancements

• Updated Deep Security Agent allow the Deep Security Notifier to be locked on (when installed through the command prompt using msiexec /I "Notifier's installer name" LockAppSettingsDefault=1), preventing users from hiding notifications. DS-64527
• Deep Security Agent sometimes crashed when it could not connect to Deep Security Manager. DS-67654
• Updated Deep Security Agent to use TLS 1.2 strong cipher suite by default to improve security. The agent previously used the CBC cipher suite by default. DS-67204
• Updated Deep Security Agent to support using the "process name" property in "ignore from source" rules for Application Control trust entities on Cloud One Workload Security. DS-67322
• Updated Deep Security Agent's database size management to optimize disk space usage. DS-67347

Resolved issues

• With Anti-Malware enabled, Deep Security Agent caused connectivity issues for third-party software on some systems. SF04087024/SEG-125579/DSSEG-7321
• Deep Security Agent sometimes showed plugin installation failures during an upgrade even when the upgrade was successful. DS-67336
• When an expired certificate was removed from the host, Deep Security Agent's Anti-Malware plug-in update would fail, creating "Anti-Malware Component Update" events. SEG-117871/DS-66139
• If an Anti-Malware scan began before the module had completed its installation on Deep Security Agent, it could cause a system crash and "Anti-Malware Engine Offline" errors after a reboot. SEG-108355/DS-63721
• With Activity Monitoring enabled, Deep Security Agent sometimes crashed due to an issue with SQLite. 04958386/SEG-123752/DSSEG-7300
• Deep Security Agent couldn't properly handle SAP NetWeaver MIME type scan requests containing leading and trailing spaces. DS-67448
• When Integrity Monitoring rules using "UserSet" or "GroupSet" were enabled for a Deep Security Agent on Windows Active Directory Domain Controllers, excessive CPU and memory consumption would sometimes occur. Agent version 20.0.0-3445 blocks these types of Integrity Monitoring rules on Windows Active Directory Domain Controllers and generates an "Inapplicable Integrity Monitoring Rule" event. DS-65965

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-6489/DSSEG-7210/DS-65113/VRTS-6207/DSSEG-7026

• CVSS score: 7.8
• Severity: High

Enhancements

• Updated Deep Security Agent to use TLS 1.2 strong cipher suite by default to improve security. The agent previously used the CBC cipher suite by default. DS-67204
• Updated Deep Security Agent to support using the "process name" property in "ignore from source" rules for Application Control trust entities on Cloud One Workload Security. DS-67322
• Updated Deep Security Agent's database size management to optimize disk space usage. DS-67347

Resolved issues

• Deep Security Agent sometimes crashed when it could not connect to Deep Security Manager. DS-67654
• Deep Security Agent sometimes caused connectivity issues, high CPU usage, or the system to crash. SEG-120758/SEG-123885/DS-67291

Security updates

Security updates are included in this release. For more information about how we protect against vulnerabilities, visit Vulnerability Responses. Please note, in line with responsible disclosure practices, CVE details will only be made available for select security updates once patches have been made available for all impacted releases. VRTS-6489/DSSEG-7210/DS-65113

• CVSS score: 7.8
• Severity: High