MetaDefender Core™ v5.19.0 Release

AI Content Inspector is our newest AI-powered engine, now available in Beta, and it marks a meaningful step forward in how MetaDefender Core approaches content analysis. Where traditional signature-based scanning can only match what it has already seen, AI Content Inspector goes further: it reads documents the way an analyst would, evaluating visual layout, text semantics, and structural patterns together to determine whether content is authentic or manipulated. The result is a new layer of detection purpose-built for modern document fraud — identifying falsified invoices, staged accident photos, altered insurance claims, and other high-risk submissions that signature engines routinely miss.

Security infrastructure is only as effective as its operational state. When engines fall behind on updates, disk space fills undetected, or health issues accumulate silently across a distributed deployment, the impact on file processing can be significant by the time anyone notices. Version 5.19.0 adds a comprehensive set of health monitoring capabilities designed to surface these issues before they affect operations.

A new in-console notification banner now appears when installed engines or modules are running out of date, giving administrators immediate visibility without manual version checks. A global staleness threshold can be configured in days, with the option to override it per engine. Complementing this, a new health check configuration option lets teams define a time-limit threshold for engine updates — so if any engine has not updated within the configured window, it is automatically surfaced in health status monitoring — with the option to set per-engine threshold overrides for fine-grained control over which engines are held to stricter update windows.

Free disk space is now a supported health check condition, alerting administrators before storage constraints can disrupt scanning operations. Disk IO metrics are also now tracked on both Linux and Windows, providing a new visibility layer for resource monitoring in performance-sensitive deployments.

License expiry warnings now appear at 30, 15, and 7-day thresholds, giving operations teams enough lead time to manage renewals without service interruption. Engine and database update failures now trigger email notifications as well, closing a blind spot where failed updates could go undetected until the next scheduled check.

MetaDefender Core now includes a built-in proxy connection test in the management console, allowing administrators to verify proxy reachability and credentials without leaving the interface. This makes troubleshooting connectivity issues faster and removes guesswork from network configuration changes.

Compliance teams and security operations need records they can produce quickly and with confidence. This release extends the reporting and visibility capabilities within MetaDefender Core across two areas that come up consistently in customer feedback.

The SBOM PDF export has been updated to include additional fields requested for compliance frameworks such as CERT-in, supporting more complete software supply chain documentation for regulatory reporting. For organizations tracking software provenance and component integrity as part of procurement or compliance workflows, this reduces the manual work required to supplement standard SBOM outputs for submission.

This section covers important notices for changes coming in future releases, including end-of-life (EOL) platform announcements and infrastructure requirements. We recommend reviewing these items now to plan accordingly and avoid disruption to your environment.

As part of OPSWAT’s ongoing platform modernization, MetaDefender Core and its engines now require Microsoft Visual C++ Redistributable for Visual Studio 2015–2022 (x64), version 14.44 or later on Windows hosts.

If your servers already meet this requirement, no action is needed - you can verify under Windows Control Panel → Programs and Features. If not, here’s what to plan for:

• Upgrading to MetaDefender Core v5.20.0 (ETA end of June): VC++ Redistributable 14.44 or later must be installed before upgrading - the v5.20.0 installer will fail without it. We recommend completing the update within the next 30 days.
• The next releases of File Type Detection, Archive Extraction, Deep CDR™ Technology, and Country of Origin engines (all version 8.0.0, ETA mid-June) also require VC++ Redistributable v14.44+. Without it, new engine deployments will show as “permanently failed” in the Management Console. Your currently active engine versions continue to function - there is no downtime - but detection coverage will fall behind as engine updates cannot be applied.

If you cannot install VC++ Redistributable immediately, you can temporarily pin the affected engines to their current working versions to suppress the “permanently failed” status. Once VC++ Redistributable is installed, unpin the engines and MetaDefender Core will automatically roll out the latest versions.