Release Notes
| MetaDefender Kiosk 4.7.6 | |
|---|---|
| 14 June 2025 (Kiosk 4.7.6.3642) | |
| Fixed Bugs | |
| Fixed invalid Core setup and blank Core console page due to exhausted connections | Fixed an issue in Kiosk 4.7.6 where repeated checks of the embedded Core engine status may exhaust available connections in some cases. This caused the Kiosk to display an "Invalid Core Setup" message and the Core management console to appear blank. |
| Fixed Self-scan skipping all files when using Core 5.14.2 | Fixed an issue in Kiosk 4.7.6 where the Self-scan feature skipped all files when used with Core 5.14.2 |
| Fixed double printing in Automatic Print feature | Fixed an issue in Kiosk 4.7.6 where “Automatic Print” feature triggered printing twice instead of once. |
| Fixed MFT transfer failure over HTTPS | Fixed an issue where Kiosk failed to transfer files to MFT over HTTPS when SSL certificate verification was disabled. This affected Kiosk versions 4.7.5 and 4.7.6 |
| 23 May 2025 (Kiosk 4.7.6.3514) | |
| New Features | |
| Centralized YARA and file hash management via CM10 | Central Management now supports centralized importing of YARA rules and file hashes via REST API. Kiosk will seamlessly apply these items to the embedded Core engine, enabling streamlined, centralized policy enforcement across all connected Kiosk devices.
 |
| Flexible icon visibility controls | Administrators can now choose to hide interface icons entirely or tuck them under the dropdown menu (“…”). These new options give you finer control over the Kiosk UI and let you deliver a cleaner, more customized experience for end users.
 |
| Supervisor MFT approval bypass option | Kiosk introduces a new setting that allows administrators to bypass supervisor MFT approval directly from the Kiosk console. This provides greater flexibility for configuring diverse use cases and streamlining workflows.
 |
| Optional domain selection for active directory login | Kiosk now offers administrators the option to enable domain selection on the login screen when integrated with Active Directory. Enabling this feature displays a domain dropdown, helping users select the correct domain and simplifying the login experience.
 |
| Enhanced validation for predefined question responses | Administrators can now specify input formats for predefined questions, choosing from free text, number, email, or custom regular expressions (Regex). Users must enter data in the required format to proceed, improving data accuracy and consistency.
 |
| New scanning engine status indicator | The Kiosk UI now displays a status indicator for scanning engines. If an engine encounters issues, a warning (exclamation mark) or critical (cross) icon will appear, signaling the severity. This enhancement improves user awareness and helps administrators quickly identify and address engine problems.
 |
| Kiosk supports integration with MetaDefender Drive | Kiosk now supports direct integration with MetaDefender Drive. When an MD Drive is connected, Kiosk automatically uploads stored scan reports to the enrolled Central Management, removing the need for separate SDK installation and configuration.
 |
| Enhancements | - |
| Enhanced media detection across all Kiosk processing screens | Kiosk now detects inserted media (e.g., USB drives) from any screen. When media is inserted, a popup notification confirms detection. If media is inserted while on the Welcome screen, Kiosk will automatically proceed to the User Agreement screen and begin the scanning process. On the Media Detection screen, the detected media is automatically selected for scanning, streamlining the user experience
 |
| Manage scanning engines from Central Management | Kiosk now supports managing scanning engines via My OPSWAT and OPSWAT Central Management, enabling easier configuration and consistent engine updates across multiple devices.
 |
| Option to disable SD Card scanning | Kiosk now provides the ability to disable SD card scanning. This allows administrators to tailor the interface for a cleaner, more streamlined user experience when SD card support is not required. |
| Improved display for Smart Card or RFID as primary login option | When Smart Card or RFID authentication is enabled, Kiosk will now display it as the default login method. Users can still switch to username and password login if preferred, providing flexibility while prioritizing secure access.
 |
| Additional client identifier is included when uploading files to MetaDefender Core and MFT | When uploading files to MetaDefender Core and MFT, Kiosk now sends additional client identifiers (hostname, Kiosk ID, username and timestamp) to Core and MFT. This improves My OPSWAT’s ability to correlate data and enhances traceability for each scanned file. |
| New ‘Scanning Configurations’ tab in Kiosk console | Kiosk now includes an additional ‘Scanning Configurations’ tab, enabling administrators to configure basic workflow settings directly within the Kiosk console. More advanced settings will be introduced in future releases to further enhance this feature.
 |
| Improved display during file scan initialization | In previous versions, Kiosk displayed “0 files found” while searching for files to process, which caused confusion for end users. This has been improved to show “Initializing...” during the search to provide clearer feedback.
 |
| Improved unsent scan report synchronization | Kiosk will now automatically synchronize any unsent scanning reports (for example, due to connectivity disruptions) to My OPSWAT once the connection is restored. Additionally, when a Kiosk instance is newly enrolled, any existing locally stored scan data will be sent to My OPSWAT, ensuring improved data consistency and completeness. |
| Enhanced “About” page with system details | The Kiosk “About” page has been enhanced to display additional details, including the Core version, hardened image version, hardware specifications, service tag, and more. This expanded view provides valuable information for support and troubleshooting, improving the overall customer experience.
 |
| Unified Kiosk About page in Central Management | The Kiosk About page in Central Management is now aligned with the version displayed on the Kiosk console, ensuring consistency and improving usability across platforms. |
| Improved CD/DVD scanning performance | Kiosk now optimized CD/DVD scanning to reduce scan time and enhance the overall user experience, ensuring faster and more efficient processing of optical media. |
| Support for manifest generation with Unicode characters in file names | Kiosk now fully supports generating manifest files containing Unicode characters in file names (e.g Japanese). By leveraging Unicode APIs and converting file names to UTF-16, Kiosk ensures reliable manifest creation across systems with different locale settings and code pages, enhancing compatibility and reducing encoding-related issues. |
| Revert customization settings to default | Kiosk now includes an option to revert customization settings, such as logo, color scheme, and other visual elements, back to their default values, making it easier to undo changes and restore the original appearance.
 |
| Secondary logo now displayed on session end screen | Kiosk now displays the secondary logo on the session end screen, aligning with branding customizations and improving visual consistency across the user experience. |
| Improved Hebrew translation in Kiosk UI | Kiosk UI improved Hebrew translations, providing a clearer and more accurate user experience for Hebrew-speaking users. |
| Enhanced support for simultaneous SharePoint and Entra ID (OIDC) integration | Kiosk now supports configuring SharePoint and Microsoft Entra ID (OIDC) simultaneously. Files are correctly transferred under the authenticated user’s credentials, ensuring accurate file handling across both MFT and SharePoint/OneDrive workflows. |
| Support for export and import of offline activated Core | Kiosk now supports exporting and importing configurations of MetaDefender Core instances that were activated offline or via volume license on Central Management. This will also allowed Kiosk Hardened Image to be upgraded with offline-activated Core |
| Enhance Kiosk Hardened Image Upgrade for greater stability and error handling | Enhanced Kiosk Hardened Image Upgrade with improved stability and bug fix. Critical failures (such as failed to backup Core license) during configuration restoration are now logged in the upgrade history, and ensure the system will automatically roll back to a stable state when needed |
| Security enhancements | Various security issues have been addressed to enhance the overall security of the system |
| Bugs | |
| Resolved Error when saving Syslog settings | Resolved an issue that caused an “Error Saving” message when setting up a Syslog server in Kiosk. The problem was related to how log level settings were handled. With this fix, Syslog configuration now works as expected, regardless of the selected log level. |
| Known issues | |
| Backup and restore fails with embedded Core using HTTPS certificate requiring passphrase | Kiosk cannot perform backup and restore when the embedded Core is configured to use HTTPS with a certificate that requires a passphrase. |
| Upgrade fails when Network Policy Hardening is enabled | When the Network Policy Hardening is enabled, certain network services are disabled as part of the security configuration. This prevents some components (such as firewall and network settings) from being backed up, causing the Kiosk upgrade process failed. |
| Self-scan skips all files | Self-scan feature in Kiosk 4.7.6 does not work as expected with Core 5.14.2. When initiated a self-scan, all files are skipped. |
MetaDefender KIOSK Documentation
The users can consult this web page or, alternatively, they can download the manual in pdf format from the link below:
MetaDefender KIOSK manual (SHA256: F04E3E41A63510C9020099580E01C0ED6AA029D7E1C52B5A3132EFD22404A3B2).
OPSWAT MetaDefender AGD Documentation_v1.7 (SHA256: 259810B13EAC53AFFFFDF3710603E61E955909BDC7CCC5126EDC9313CB7D1696).
Was this page helpful?
