Release Notes

MetaDefender Kiosk 4.7.2
04 November 2024
Hidden MD Core Console from KIOSK UI	In this new KIOSK version, access to the MD Core Console has been disabled in the KIOSK UI to address certain security concerns.
18 October 2024
New Features
Support for Smartcard authentication	Kiosk now supports Smartcard for user authentication. Limitation: Authentication for MFR file retrieval is not supported.
Embedded Management Console within Kiosk UI for streamlined configuration	Administrators now can access and manage configurations directly from the Kiosk UI without exiting the application. A gear icon on the top right opens Kiosk Management Console for configuration.
Support copying processed files to SharePoint and OneDrive	Administrator now can configure the option to copy processed files to SharePoint or OneDrive directories. Before utilizing this feature, it is necessary to setup Microsoft Entra ID with API integration. If the destination path is left empty, Kiosk will automatically copy the files to the root folder.
Configuration backup and restore enhancement	This update includes additional configurations for backup and restore functionality. Administrators can choose the specific configurations to restore: Local Windows Certificates: Restore all trusted certificates from Certificate Microsoft Management Console (MMC) System Hosts file: Restore the custom Hosts file at C:\Windows\System32\drivers\etc\hosts License: Restore the activated Kiosk license Branding and Logo Customization: Restore logo and branding files found in C:\Program Files (x86)\OPSWAT\Metadefender Kiosk\Client\en\resources Secure connection: Restore the security certificate and enable Secure Connection option User management: Restore configured User Directories (AD, SSO and Entra ID) and accounts Known Wi-Fi network: Restore the known Wi-Fi networks (Notes____: this feature is only available in Kiosk version 4.7.2 or later)
Change logon password on Kiosk Hardened Image	Administrators can now change user logon password directly from Kiosk Management Console on Kiosk Hardened Image. (Notes: This feature is only available on Kiosk Hardened Image. This settings cannot configured via My OPSWAT and the Set setting of OCM)
Enhancements
Permission control on end user folders when copying files	When Kiosk is configured to copy processed files to a destination folder, the Administrator can choose to copy the files to the end user's folder with specific permissions. Inherited: Files and folders will inherit the same permissions as the parent folder Restricted: Only the file owner will have the permissions to access the files and folders
Support on-screen French (AZERTY) keyboard layout	Kiosk now supports on-screen keyboard for French (AZERTY) layout.
Support on-screen Chinese (Traditional) layout	Kiosk now supports on-screen keyboard for Chinese (Traditional) layout.
Display file progress and results for file retrieval	Kiosk now shows the file scanning progress and results when retrieving files.
Hide on-screen keyboard with physical keyboard connected	When a physical keyboard is connected, Kiosk will automatically hide the on-screen keyboard. Administrators can click the keyboard icon on the top right corner to toggle the visibility of the on-screen keyboard.
Improve stability when generating Kiosk support package	Improve stability when generating Kiosk support package.
Improve stability of database when scanning files	Improved stability of database to avoid performance impact when scanning large volumes of files
Improve AD authentication mechanism to prevent user account lockout	In the previous versions, multiple failed sign-in attempts to the Kiosk UI could cause users to be locked out due to Active Directory policies. This new version enhances the AD authentication mechanism to prevent unnecessary fallback methods, reducing the risk of user account lockouts during login attempts.
Enhanced Self-scan on all drives	All drives in the system will be scanned when using Self-scan feature, including the boot sector. When malicious files are detected in the boot sector, Kiosk will lock the system and inform the Administrator.
Support more variables in Email Session Report template	Kiosk supports more variables in Email Session Report template: session_id: Kiosk session ID start_time: Start time end_time: Finish time device_model: Media model device_serial_number: Media serial number device_media_type: Media type device_id: Media ID total_files_scanned: Total files were scanned blocked_files: Number of files were blocked allowed_files: Number of files were allowed skipped_files: Number of files were skipped scanning remediated_files: Number of files were remediated
Enable select files or process all files at workflow level	In the new version, Administrator can configure enable select files or process all on each individual workflow. Select files: User can select files for processing Process all files: User has to process all files in the media Select or process all files: User can select between ‘Select files’ or ‘Processing all files’ option Disable file processing: Kiosk does not process file Use Global Settings: Apply the Global Settings (under configurations > Kiosk UI > Choose Files Scanning Option)
Support unlocking encrypted USBs with passwords containing special characters	Kiosk supports unlocking encrypted USB devices with passwords containing special characters.
Enhanced visual appeal and engagement for Kiosk UI	Several components of the Kiosk UI have been updated with a modern design, enhancing visual appeal and user engagement.
Known Issues
Cannot apply Disclaimer via OCM or My OPSWAT Set settings	After applying a custom Disclaimer from the Set settings in OCM or My OPSWAT, the custom Disclaimer does not apply to instance within the Set. This will be addressed in the next version.