[RELEASE] SecTeer VulnDetect Agent v126.96.36.199 - 2022-02-26
VulnDetect Agent 188.8.131.52 is now the officially recommended version and is available for automated upgrades. It utilises a new EXE app instead of a VBScript to silently run packages. This enables capturing of console output and allows packages to run on systems with restrictions of Windows Script Host and VBScript. Furthermore, the tokenized MSI installer now supports offline installations. The 184.108.40.206 release also improves the registration of offline hosts so it doesn't require a restart.
In VulnDetect - Personal you can update to 220.127.116.11 by clicking the blue Update button.
In VulnDetect - Corporate you can update to 18.104.22.168 by clicking the blue "Approve Version in Selected Approvals" and with the green "Automate Selected Approvals" under Patching->Approvals.
Note: Older agents will continue to work, but only 22.214.171.124 and newer supports upgrading user-based installations, it also supports Software Deployment, as well as a new type of packages.
SecTeer strongly recommends upgrading to VulnDetect Agent 126.96.36.199 or newer and running PowerShell 5.1 on a fully supported version of Windows. The agent will work on Windows 7 SP2, WIndows 8.1 and Windows Server 2012, but may have limited functionality.
- Fix issue with agent install process.
- Improve task handling with new task-runner app.
- Improvements to agent install process.
- Sign the Task Scheduler task runner script.
- Change Task Scheduler script execution policy to RemoteSigned.
- Optimize user lookup functionality to minimize overhead.
- General availability of Windows Task Scheduler tasks in the agent.
- Avoid running tasks when their registered prerequisites are currently running.
- Expand WMI result value conversion to include some arrays.
- Add support for scheduling agent tasks with Windows Task Scheduler, to facilitate running tasks as regular users, allowing user-based application management.
- Refactor agent tasks to be more modular, allowing different task provider implementations.
- Refactor configuration data processing to be more generic.
- Fix issue with inspecting certain files with unusual data headers.
- Improve registry querying mechanism to be more dynamic.
- Improve WMI querying mechanism to be more dynamic.
- Add install tokens.
- Miscellaneous minor changes.
- Collect more properties from Windows Updates.
- Finalize the Windows Update detection in the agent.
- Correctly merge include and exclude paths from the registry and command-line into the inspection configuration.
- Add a driver-related WMI query.
- Fix critical regression in pkgapp.
- Expand Windows Update enumerations to collect more data about updates and Windows Update configuration, and be more configurable.
- Add support for asynchronous Windows Update enumerations, with a configurable timeout.
- Add a configurable timeout when running external processes, in particular when running package tasks.
- Refactor to reduce the size of the executable.
- Correctly report the file size of files that are accessed via a symbolic link.
- Fix a few other minor issues.
- Sign with new certificate.
- Update year in copyright message.
- Add more install-tokens.
- Make the installer more robust when doing silent upgrades.
- Update year in copyright message.
- Add the capability to detect certain errors in filesystem enumeration and add them to the inspection results.
- Add support for exclusive tasks and task priorities.
- Fix miscellaneous minor issues.
- Version 188.8.131.52 was never released to the public.
- Pass arbitrary command-line options from the installer to the agent and on to the server during installation.
- Enable inspection progress reports to be sent by the agent.
- Add capability to look for specific filenames during inspection, to allow targeted inspections.
- Expand inspection rules to include filenames.
- Add more diagnostic tests.
- Change api endpoints used for inspections to be more consistent with REST principles.
- Upgrade tools to Visual Studio 2019.
- Update third-party libraries.
- Enable more diagnostic tests.
- Add support for diagnostic task.
- Add support for capturing log messages during diagnostic tasks, and when upgrading packages.
- Miscellaneous minor fixes.
- Add 20 more tokens and build tokenized MSI installers with them.
- Fix issue with registry enumeration.
- Fix issue with MSI enumeration.
- Create tokenized MSI installers.
- Fix issue with MSI installer.
- Fix issue with installer not setting the correct log level.
- Fix issue with installing agent using email parameter.
- Enumerate MSI database when inspecting.
- Support wildcards in registry paths when enumerating the registry.
- Preserve non-default logging settings across installations.
- Add support for 8-character base-32 installation tokens in the agent and installer.
- Add inspection tasks.
- Add choco 0.10.13.0 support to pkgapp.
- Increase the network timeout when submitting large inspections.
- Miscellaneous minor fixes.
- Fix issue which caused inspections to stall when enumerating files on a drive with no recycle bin.
- Add support for multiple --path arguments, and add the --ignore argument, which can also be specified multiple times. Support reading these from the registry as well, as the multi-string values 'inspectionPaths' and 'ignorePaths'.
- Detect directory loops and avoid them when enumerating directories.
- Ignore offline files and directories unless a flag is set (--inspect-remote).
- Output current local time as a reference when outputting the configuration.
- Ignore 64-bit registry rules when running on 32-bit systems.
- No code changes, only bump the version number to allow testing self-updating.
- Run package app from a temporary copy to resolve conflict when self-updating.
- Parse chocolatey output to figure out if an upgrade task worked.
- Change some internal strings for clarity.
- Stop task processing on certain errors, wait until next check-in and then retry.
- Change the way the installer starts the VulnDetect service to work around an issue when updating the agent.
- Report task status individually to better support self-updating of the agent.
- Compile with Visual Studio 2017 Professional
- Add pkg sources to choco
- Agent now sends report for installing choco
- Fix uninstall icon.
- Add log message when running task.
- Minor internal fixes.
- Add /email and /token parameters to installer to allow for skipping the email page and for silent mode.
/email and /token are equivalent. Note that if an AuthToken is present in the registery, then any /email or /token option will be ignored.
- Add task running capabilities to the agent. Currently, the only supported tasks are install-package and upgrade-package, with choco as the only supported package provider.
- Fetch and parse inspection rules from server before running an inspection
- When registering, the backend now expects a usernameHash property, rather than a hashedUsername property
- Suppress useless log message when registering
- Add /server option back to installer
- Registration endpoint has moved
- Miscellaneous minor changes
- Much work on patching, even though it is still incomplete
- New application icon
- Move start menu shortcut, use new application icon for it
- Minor change to the way the local timezone is reported to the server
- Explicitly enable TLS1.2 in WinHTTP, it is disabled by default on older Windows versions
- Set service to AutoStart, and DelayedAutoStart if possible
- Add Start Menu shortcut that loads the SecTeer Personal Carma web page in the user's default browser
- Unsigned binary sent to user to test TLS change
- First release