Hello everyone,

Bitdefender has released version 7.2.4.200013 of Endpoint Security for Mac on fast ring. The release notes are available here (English only).

Please read your Security Alerts:

Deployments have reached Customer’s maximum license limit:

Notification Details:

The Customer company XYZ FD has reached the maximum number of endpoints protected by the license key (Company Key).
To protect more endpoints for this company, you should extend its service subscription or add more licenses.
Otherwise your endpoints will not be protected and are subject to malware

MspPortal Reported the issue on 7-7-2021

For PrintNightmare we currently have the following detections live:
Exploit.RPRN.CVE-2021-1675.PrintNightmare — from our NAD module (I know the CVE in the name differs, but it still detects the attack)
Alert.RPRN.AddPrinterDriver — from our EDR module
We are also working on detection from our behavioral engine. However, that will take a bit more time as it requires extensive testing but will be available soon.

 

Solution 7-12 Bitdefender Solved the issue

Bitdefender technologies will now protect against this vulnerability. 

Folks if you are not receiving Bitdefender Alerts

Please send an email to goldsupport@bitdefender.com

Subject Line: Not receiving Bitdefender Mail Alerts Important You should receive a response with a case number

** Importance to this is alerting you folks as to Incidents occurring in Gravity Zone -> whatever you have chosen to receive alerts on**

I have already made Development aware of this issue

Please see below release notes for the new Endpoint Security for Mac Version 4.17.16.200166, release on Slow Ring on April 12^th.

Endpoint Security for Mac Version 4.17.16.200166 Release Notes

https://www.bitdefender.com/support/Endpoint-Security-for-Mac-Version-4-17-16-200166-Release-Notes-2684.html

Release date:

• Fast ring: 2021.04.12
• Slow ring: 2021.04.12

New Features and Improvements

General

Added support for Apple M1 processors, with the following protection modules:

• Antimalware
• Device Control
• Content Control
• Encryption

Support for other features on Apple M1 will be added in time.

Note:  This version of Endpoint Security for Mac has universal binaries and runs natively on both Intel and Apple M1 architectures. In case of existing installations on systems running macOS versions older than Big Sur (11.x), you must first update them to the intermediary version 4.15.139.200139. This will enable migration to the new update location for product versions with universal binaries. This version does not install on OS X El Capitan (10.11), following the Bitdefender announcement regarding the end of support for this operating system. We advise you to upgrade the operating system to a supported version to benefit from the latest Bitdefender protection technologies.

Resolved Issues

General

• Installing the macOS kit (Apple M1) on machines with M1 processors prompted endpoint users to install Rosetta as well.
• The product failed to connect to Bitdefender cloud services due to an internal issue.

Graphical User Interface

• The application top menu was not displayed when launching Endpoint Security for Mac from the dock.
• Events sorting in the History section was not performed by date after making actions such as resizing columns.

Please see below release notes of Bitdefender Endpoint Security Tools Version 6.6.25.362, released on 3/29 on Slow Ring.

Bitdefender Endpoint Security Tools Version 6.6.25.362 Release Notes (Windows)

https://www.bitdefender.com/support/Bitdefender-Endpoint-Security-Tools-Version-6-6-25-362-Release-Notes-(Windows)-2677.html

Release date:

Fast ring: 2021.03.24

Slow ring: 2021.03.29

 

Important:       During this update, the Microsoft Exchange Transport service will be stopped. This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 6.6.25.353 and 6.6.25.359 released on fast ring.

 

New features and improvements

Product

• Specific error messages will be displayed when Product fails to update due to missing critical Windows patches.

Advanced Anti-Exploit

• The Advanced Anti-Exploit (AAE) technology is now available for Windows Servers. The module will be installed on and removed from servers via the new Install and Reconfigure task.
  The Advanced Anti-Exploit module is deployed, configured and managed via GravityZone using the same management workflows on servers as available for workstations.

Incompatible Software Removal

• Added support for removing the following security products: 
  • TrustPort Total Protection 17.x
  • Driver Support One 2.x
  • Avast Business Security 20.x
  • VIPRE Antivirus 11.x
  • Sophos Endpoint Agent 2.x (Tamper Protection must be turned off)
  • Endpoint Protector Client 5.x

• Enhanced support for removing the following security products: 
  • McAfee Total Protection 16.x

Resolved Issues

Product

• Fixed an incompatibility with Cisco Advanced Malware Protection (AMP) for Endpoints that caused crashes of File Explorer processes and overall performance issues on Windows 7 machines.
• In some instances, the product blocked websites with untrusted certificates, while not providing the “Accept risks and continue” option.

Antimalware

• Fixed an issue with the On-Access Scanning feature, where users without administrative rights could restore a quarantined file. These users are now prompted to enter their username and password when using the Restore button.

Content Control

• The Content Control module failed to report the web category of a blocked website, in the Blocked Websites report.

Firewall

• The Firewall driver generated a memory leak in EPSecurityService on Windows machines.
• The Events timeline from the local interface displayed wrong messages for incoming and outgoing connections.
• Fixed an issue where blockPortScans remained active even when the Firewall module was enabled.
• Fixed an issue where traffic was received from an unknown profile.

User Interface

• The graphical user interface showed that three features part of the Content Control module (Application Blacklisting, Web Access Control and Data Protection) were turned off after logging off or rebooting.

Release date:1-13-2021

Fast Ring: 2021.01.12

Slow Ring: –
New Features and Improvements

EDR

Added improvements to EDR exclusions performance in accordance with specific use-cases.

 Folks add this to your email alerts. (Bell Top Right hand corner-> Sprocket)

Companies and endpoints need to be licensed IMPORTANT otherwise you will have endpoints not updating correctly

It will appear as Notification Details:

The Customer company XYZ has exceeded the maximum number of endpoints protected by the license key .

Roy

Release date:
Fast Ring: 2020.12.15
Slow Ring: 2020.12.17
New Features and Improvements
General
• Added improvements for product crash scenarios.
Antimalware
• Added improvements for better resource consumption.
Resolved Issues
Installation
• The security agent failed to install on a Red Hat Enterprise 6.5 Korean system.
Antimalware
• The Antimalware module appeared as disabled in the local interface when the mount point used NFSv4.
• The product caused system crashes on Red Hat Enterprise 8.3.
Endpoint Detection and Response (EDR)
• The security agent consumed a large amount of memory triggering Linux Out of Memory Killer on some Ubuntu systems