Changelog

Version 3.4.1

Release Date: 14 June 2024

Version support until 14 December 2025

Highlights

• API Key Functionality Expanded Across All REST APIs: We have extended the API Key functionality, initially exclusive to event-based RTP, to cover our entire application. This enhancement allows users to generate and utilize an API Key for all available REST API endpoints, facilitating long-term integrations. We recommend periodically rotating the API Key to maintain security.

• As part of our ongoing rebranding to MetaDefender Storage Security, we have updated the default rule to MetaDefender Storage Security inside MetaDefender Core in all new installations. This change ensures that new users start with the latest configuration tailored to MetaDefender Storage Security.

• We have introduced a new field in the report to clearly mark discovery errors. This field will capture and display all errors when discovery fails due to a general issue, improving transparency and troubleshooting capabilities.

• We have boosted our integration with myOPSWAT by introducing an advanced health status report for our product MetaDefender Storage Security. This new feature enables myOPSWAT to effectively diagnose and report problems within our product, enhancing overall functionality and user experience.

• SSO administrators now have the ability to accept or decline new user invitations, aligning their permissions with those of local administrators. This update ensures greater control and parity in user management across our platform.

Performance, Security, and Usability Enhancements

  • Discovery Service: We've implemented a fix for the multithreaded access issue in our Redis cache, ensuring enhanced stability and performance for the discovery service.
  • We have upgraded RabbitMQ to version 3.13, enhancing performance and stability.
  • Box Integration: Improved validation when the specified location does not exist on the remote storage.
  • Windows Native: We have made quality of life improvements and enhanced error messaging for Windows Native, aiming to streamline user experience and provide clearer feedback during install operations. Also, we now include the Visual C++ Redistributable (vc_redist) with our product, enabling full installation on offline Windows systems without the need for additional downloads. This enhancement simplifies setup and improves accessibility.
  • Database Migrations: We've improved the logging mechanisms in mongo-migrations to ensure more detailed and effective troubleshooting.
  • Added robust error handling for pre and post-process events in remediations, ensuring smoother operation and improved reliability during critical workflows.

Version 3.4.0

Release date: 13 May 2024

Version support until 13 November 2025

Introducing Windows Native Compatibility for Our Application

Highlights

  • Windows Native Support
  • We are announcing a new integration capability with Oracle Cloud Object Storage (OCI) via AWS SDK: This integration employs path-based access to connect to OCI, accommodating the platform's limitation on not supporting virtual hosted access.
  • We've introduced Single Sign-On support for MDSS using Active Directory Federation Services and OpenID Connect, streamlining login processes and enhancing security and user experience for seamless authentication and easier access management.
  • Strengthened API Security Enhancements against various security vulnerabilities, ensuring a more secure and reliable environment for our users: Enhanced HTTPS Enforcement, Strict-Transport-Security (HSTS) Implementation, X-Content-Type-Options Header Upgrade, Mandatory Operation Security Field

Bug fixes/Enhancements

  • Stress Testing Enhancements: Conducted stress tests under heavy load on a machine with 8 cores and 16GB of RAM, where RabbitMQ and MongoDB utilized 25% of RAM, in both AWS and SMB environments.
  • Improved Real-Time Processing for NFS: Enhanced Real-Time Protection with Deep Content Disarm and Reconstruction for NFS on Windows shares, improving security performance.
  • Streamlined Command-Line Upgrading for MDSS: Updated the command-line upgrade process to consistently display the EULA page, particularly when using clean commands or exporting support packages, enhancing user compliance and experience during upgrades.
  • Event Limitation and Scaling Guidance: Implemented an event limitation in the discovery process; the system will pause when it reaches 5,000 events. Users are encouraged to scale up their systems to maintain continuous operation.
  • DocumentDB Integration: Successfully integrated our system with DocumentDB, enhancing our database management capabilities.
  • Storage Limitation and UI Enhancements for Simpler Deployments: Introduced a storage limitation per instance to prevent overload and added UI warnings for excessive CPU usage, along with a sizing guide to help customers effectively scale their systems.

Version 3.3.4

Release date: 28 March 2024

Version support until 28 September 2025

Introducing the Wasabi storage integration, Copy Functionality for duplicating files in place, seamless preservation of tags during storage transfers, and enhanced High Availability and Disaster Recovery options for uninterrupted data access across regions.

Highlights

  • We're pleased to announce that Wasabi is now a supported storage type! Whether you're in search of cost-effective cloud storage solutions or high-performance storage options, integrating Wasabi provides you with a robust and dependable choice for storing your data.
  • Introducing Copy Functionality: Now, you can duplicate files while keeping them in their original location, providing enhanced flexibility and control over your data management compared to the previous method of removing files from the source.
  • With our latest update, tags remain intact when files are moved between storage locations, safeguarding valuable metadata and ensuring a seamless experience across storage movements.
  • We improved the support for High Availability and Disaster Recovery (HA/DR) that enables the selection of a failover scan pool. In the event of downtime in one region's assigned pool, a backup pool from another region seamlessly assumes control, guaranteeing uninterrupted access to your data.

Bug fixes/Enhancements

  • The Scan Report now includes comprehensive details regarding Document Library and Folder Location within SharePoint, ensuring complete information coverage.
  • You can now effortlessly delete duplicated scan configurations after importing them.
  • Now, it's no longer possible to remove a scan configuration that is in use, as this issue has been resolved.
  • Efficient handling of key name collisions during storage discovery ensures the continuity of the ongoing scan, facilitating completion without hindrance.
  • The scan would be efficiently completed within an appropriate timeframe.
  • The display of stop time for RTP reports is accurate when the RTP scan has been initiated, ensuring precision in data presentation.

For further details on the steps involved in integrating Wasabi you can access this link Add A Wasabi Storage.

Version 3.3.3

Release date: 14 February 2024

Version support until 14 August 2025

With this release, we're introducing NFS storage integration, offering functionality similar to SMB storage.

Highlights

  • Add, edit, and delete NFS from the Storage unit, with the addition only possible from the onboarding page.
  • Validate and add unique units, preventing duplicates, and properly import and export NFS units.
  • Start, stop, and restart RTP and retrieve files once while creating/moving/modifying files after starting RTP.
  • Initiate, cancel, or modify multiple instant scans, with updated reports for empty files, small files (1K - 1MB), medium files (100MB), and large files (1GB).
  • Ensure file scan results display correctly, reflecting MDCore's response and post-actions applied.
  • Perform post-actions such as DeepCDR (Keep/Encrypt/Delete original files), moving sanitized/allowed/blocked files to another storage (S3/Box/Azure Blobs), receiving files from another storage (sanitized files from Box/Azure Blobs), and deleting blocked files.
  • Implement logging mechanisms to audit NFS-related actions and include NFS services in the logs.
  • Improved logging support by allowing extensive configuration and rotation.
  • Polling time intervals support configuration.

Bug fixes/Enhancements

  • Preventing duplicated folder structure for Box.
  • Improving the orchestration of the scanning process to address instances of scans becoming stuck.
  • Additional checks on the Windows docker service before starting MDSS

You can find more information on the NFS Storage Integration steps by accessing the hyperlink.

Version 3.3.2

Release date: 21 December 2023

Version support until 21 June 2025

Highlights:

  • AWS GovCloud (US)
  • Client-Side Encryption for S3 buckets
  • Performance improvements
  • Native Podman support for RHEL 8

Bug fixes/Enhancements

  • File location on retry
  • SMB Connection Caching
  • Outdated UI Reports

Version 3.3.1

Release date: 9 October 2023

Version support until: 9 April 2025

Highlights:

  • Integration with My OPSWAT portal
  • Microsoft SharePoint Integration
  • Scan Configuration History
  • Azure Gov Storage Integration
  • MongoDB v6 Migration Guide
  • Amazon S3 URL Validity Control
  • UI Session Expiration Customization

Bug fixes:

  • Onboarding: Users can now successfully add an MD Cloud instance
  • SMB Storage Integration: Resolved an issue by adding an alternative method to check for file uploads in the SMB storage integration
  • Addressed an issue related to queries when utilizing Cosmos DB
  • Resolved an issue where scans appeared as stuck when processing spanned multiple days

Version 3.3.0

Release date: 13 July 2023

Version support until: 13 January 2025

Highlights:

  • SFTP Storage integration now available under Network Attached Storage section
  • Transitioned Core Pool settings from the storage level to the scan level to enhance flexibility
  • Simplified the licensing. With a valid license, access to all storage integrations is now granted.
  • Mark unavailable storage units, based on ENABLED_MODULES from environments variable file

Bug fixes:

  • Better Failure Handling: We've made improvements to how the system manages failures.
  • Introducing an option to set the interval for flagging a file as failed if it gets stuck during processing. Adjust this with the MARK_STUCK_FILE_AS_FAILED_HOURS environment variable in the configuration file.
  • Significant performance improvements in file discovery.

Version 3.2.0

Release date: 18 May 2023

Version support until: 18 November 2024

Highlights:

  • Flexible deployments - User has now the ability to deploy only storage services that will be used. This can be done through an environment variable.
  • Generic API for storage units - Exposed a generic API (api/storage/) to handle the Add/Edit/Delete operations on storage units.
  • Processing indicator improvements - Showing a single progress bar which indicates the overall processing (discovery, scanning and remediations) progress
  • Angular 15 update - Migrated the UI to Angular 15. We suggest to clear the browser cache before upgrading
  • API for Offline Activation - Removed content encoding when calling /api/settings/admin/license/activate/offline
  • System Checks - Added RabbitMQ and Redis details

Bug fixes:

  • Reports Performance improvements - Improved the scan report performance. Added the option to filter by date, improved the search and pagination. Added Refresh button the the Real-Time Processing report.
  • Fixed the issue with Keep folder Structure for SMB remediations
  • Import settings Fix for empty destination on Remediations
  • Remediation actions Remediation Actions resilience improvement
  • Fixed Document DB integration
  • S3 compatible file download Fixed the download error for some S3 Compatible providers

Version 3.1.4

Release date: 21 February 2023

Version support until: 21 August 2024

Highlights:

  • SMB integration SMB integration refactoring for high availability and scalability. Removed discovery debounce time
  • OneDrive integration refactoring for high availability and scalability
  • Real-time data display on the Dashboard
  • Event-based Real-Time processing Moved from Blob-trigger to eventgrid and documented the setup
  • RAM authentication option for Alibaba Cloud storage unit
  • Terraform example for configuring MDSS

Bug fixes:

  • Fixed the issue with Box storage unit set as a remediation destination
  • Improved UI for showing blocked files
  • More reliable mechanism to download files from the storage

Version 3.1.3

Release date: 22 December 2022

Version support until: 22 June 2024

Highlights:

  • SSO integration - Added SSO capability using OIDC (Open ID Connect) for Azure AD identity provider
  • Azure Files refactoring - Refactored Azure Files storage unit integration to use Azure Files SDK
  • Windows Server 2022 - Added Windows Server 2022 to the list of supported operating systems
  • Google Cloud Provider Authentication - IAM role authentication option for a GCP storage unit
  • Alibaba Cloud Authentication - RAM authentication option for Alibaba Cloud storage unit
  • Terraform resources configuration - Terraform example for configuring MDSS

Bug fixes:

  • Amazon S3/Alibaba Cloud/Google Cloud Provider event based real-time - Improved event-based real-time validation and events tracking mechanism
  • Decrypt logging - Added logs when a file is decrypted
  • Box - Revert encryption mechanism bug fixes
  • Report bug fixes - Date filter and user name bug fixes

Known limitations:

  • Windows 11 installation with Docker 4.15.0 - As a workaround, please downgrade Docker

Version 3.1.2

Release date: 27 October 2022

Highlights:

  • Event-Based Real-time processing - Enhanced the MetaDefender Storage Security Real-Time processing by adding the option to process notifications when a new object is added to an Amazon S3, Azure Blob, Alibaba Cloud and Google Cloud Provider storage.
  • UI improvements - Consistency changes for input controls
  • Amazon S3/ S3 Compatible Added the option to keep the folder structure when moving files to an Amazon S3/ S3 Compatible storage unit
  • Vulnerabilities display - Enhanced the vulnerabilities details table with a new CVSS 3 section

Bug Fixes:

  • Remediations action rollback Improved rollback mechanism when applying remediations
  • Decrypt logging Added logs when a file is decrypted

Version 3.1.1

Release date: 06 October 2022

Highlights:

  • Box storage migration - Discover, scan and apply remediation actions on objects from Box.
  • Logs improvements - Added the same logging system to all micro-services
  • Documented environment variables - Provided information about the usage of each environment variable

Bug Fixes:

  • Reduced number of requests for license validation
  • Reset Password page UI fixes

Version 3.1.0

Release date: 31 August 2022

Highlights

  • Alibaba Cloud storage integration - Discover, scan and apply remediation actions on objects from Alibaba Cloud
  • Google Cloud storage integration - Discover, scan and apply remediation actions on objects from Google Cloud
  • Job dispatcher service improvements - High-availability improvements for the job dispatcher service
  • Log aggregation and persistence - Logs created inside the containers will now persist when restarting MetaDefender Storage Security

Bug fixes

  • Real-Time Processing handling type display- The handling type can now be seen on the dashboard as well
  • Improve validation of move remediation actions - Fixed validation for same type of move remediation action, when having a possible circular dependency between storages
  • Audit filter - The filter is now resetting when moving to another page
  • Date picker validation improvement - Improved filtering reports based on date

Version 2.2.3

Release date: 31 March 2022

Highlights

  • Event based Real-Time processing for AWS storage - Added event based notifications support to process new S3 objects via AWS Event Bridge service
  • API Key support authentication - Added API key authentication for AWS Event Bridge notifications
  • UX improvements - Added new navigation between reports
  • Database import and export actions - Added command-line actions to import and export the MDSS database contents

Bug fixes

  • Revert encryption of large files - Fixed timeout issue when reverting encryption for a large file
  • Memory usage improvements - Fixed high memory usage when processing files
  • Improve reports pages performance - Improved responsiveness on reports pages
  • Non-English language on Box issue - Fixed the issue with processing files from a box account that is set to use a Non-English language
  • Windows installer - Fixed some issues regarding installation on different Windows versions

Version 2.2.2

Release date: 23 February 2022

Highlights

  • Azure Blob - Keep folder structure - Improved remediations actions, folder structures are kept when files are moving to Azure Blob
  • UI facelift - Improved reports menu and some additional small changes
  • Import/Export database - Implemented import/export of database for backup/restore scenario

Bug fixes

  • Audit for Data retentions - Added audit logs for Data retentions menu changes
  • Windows installer fixes - Added additional checks for pagefile on Windows Server 2019

Version 2.2.1

Release date: 27 January 2022

Highlights

  • Support for Assume Role ARN - Added a new option to the Amazon S3 integration, to assume the role ARN, so files from a different account can be processed.
  • UI facelift - Added About Page and Copyright details.

Bug fixes

  • Streamlined requests for Azure Blob storage unit - Reduced the number of requests to Azure when processing Azure Blob objects
  • Real-Time processing improvements on SMB - Fixed an issue with SMB Compatible/Dell Isilon and Azure Files storage units where files are picked-up multiple times during Deep CDR processing.
  • Notifications improvements - Add better handling for an SMTP server that is not responding.

Version 2.2.0

Release date: 30 December 2021

Highlights:

  • Syslog UDP external logger integration - Added integration with Syslog server, using the UDP protocol. Audit logs will be forwarded to the integrated Syslog instance(s).
  • UI changes - Updated MD™ for Secure Storage UI to match the MD™ Core and MD™ Email Gateway Solutions UI versions
  • User account change email notifications - Added email notifications for user name, email address or password updates. This functionality requires the SMTP to be configured.

Bug fixes:

  • Windows installer improvements - Fixed issues with Windows installer where dependencies could not be installed when internet connection is not available
  • Improved Amazon S3 and S3 Compatible storage validation - Added validation for configuring Amazon S3 and S3 compatible storages with folder locations that contain './' or '../'.

Version 2.1.8

Release date: 25 November 2021

Bug fixes:

  • Performance issue when processing large files - Fixed performance issues with real time processing of large files in which the discovery process had remained blocked during processing
  • Deep CDR for large files - Fixed a Deep CDR related issue when processing large archives using Real Time Protection mode
  • Windows installer fixes and improvements - Fixed an issue with support package generation
  • Email notification service - Fixed notification service so that multiple emails will not be sent when database is not available
  • Azure blob error handling - Improved error handling when azure blob credentials are invalid

Version 2.1.7

Release date: 27 October 2021

Highlights

  • Expanded AWS - Cloud Configuration Checklist (Authenticated access only, Least privilege access principle, Cross-data region replication, Object locking configuration)
  • More options when sending email notifications - Email notifications can be sent for every blocked file. These emails can be sent to administrators or to file owners (applicable only to Box and OneDrive) or both. If a remediation action has been applied, the email notification will contain this information.
  • Error handling for failed remediation actions - Improved error handling for remediation actions has been implemented in this release. Errors that occurred during a remediation will now be displayed in the file report for troubleshooting purposes.

Bug fixes

  • Retry with a different MetaDefender Core on scan failure - Fixed the internal load balancing mechanism such that files will always be retried on a different node when there is a scan failure
  • Windows installer improvements - Fixed issues with Windows installer that occurred for a specific Windows Server version when upgrading from a previous version

Version 2.1.6

Release date: 28 September 2021

Highlights

  • Added a mechanism for users to be able to reset passwords if they forgot them.
  • Installation of MetaDefender Storage Security on Windows Server 2019 was improved by automating dependencies installation

Bug fixes

  • Fix implemented for the issue where the Box storage unit could not be integrated if one or more Box users needed to reset their passwords
  • Added the possibility to edit a MetaDefender Core pool name, fixed table display for long URLs
  • A user should not be able to process a file outside the configured SMB (storage) share

Version 2.1.5

Release date: 26 August 2021

Highlights

  • AWS Cloud Configuration Checklist was expanded to include more automated checks to verify if bucket versioning, access logging and server-side encryption are enabled.
  • If there is a failure while processing a Box file an exponential retry mechanism will attempt to reprocess the file.

Bug fixes

  • On specific versions of Windows Server a fix was implemented for an issue that caused the installation to fail once before succeeding on a subsequent retry.
  • The Real Time Processing mechanism has been standardized across all SMB storage units to follow an identical discovery process.

Version 2.1.4

Release date: 9 July 2021

Highlights

  • Internal load balancer for multiple MetaDefender Core servers
  • Group filtering for Box units
  • (BETA) AWS Configuration Checklist

Bug fixes

  • A certificate hash mismatch that was preventing the online download of the .NET Framework installer
  • All active sessions would be terminated after a user changed the password
  • The generated support package will retain logs for a longer period of time
  • Improved the validation process when adding an Azure Blob storage unit to avoid a misleading failure message

** **

Version 2.1.3

Release date: 26 May 2021

Highlights

  • Customized tags for AWS S3/S3-Compatible units
  • Symbolic links for Linux shares
  • Report retention
  • License status display
  • More security options for SMTP configuration

Bug fixes

  • Performance improvements for Box
  • Multiple MD Core servers with the same URL
  • File search for S3 without full path
  • Support package for Windows deployments

Version 2.1.2

Release date: 2 April 2021

Highlights

  • New storage integration: Azure Blob
  • Amazon Machine Image (AMI) available
  • Enhanced blocked file remediation actions

Bug fixes

  • Cache issue after upgrading to a newer version
  • Timeout when searching for users in remediation action configuration
  • Logging for scan failures
  • Blocklisted files display

Version 2.1.1

Release date: 3 March 2021

Highlights

  • New storage integration: Azure Files
  • Added filtering options for Box storage
  • Enhanced support package
  • SMB protocol: improved performance

Bug fixes

  • Loop discovery of failed files
  • Malformed text in UI after page reload
  • Box: metadata not retained
  • Box: shared file processed multiple times

Version 2.1.0

Release date: 23 December 2020

Highlights

  • Windows deployment
  • IAM Role support for AWS deployments
  • Added new storage unit type: SMB-Compatible

Bug fixes

  • Scan failure in Box due to links
  • Dell Isilon performance issues
  • Missing details for sanitization failures
  • Missing real time processing for duplicate files

Version 2.0.7

Release date: 30 October 2020

Highlights

  • Expanded remediation functionality for Dell Isilon
  • New remediation feature: Move allowed files
  • Load Balancing support: Integrate with multiple MetaDefender Core servers via a Layer 7 Load Balancer

Bug fixes

  • Correctly move the sanitized file (with the encrypt original file option configuration)
  • Ability to add an empty bucket
  • Fixed timeout when adding an OneDrive storage unit
  • Fixed search results display for filtered reports
  • Display audit records with many items

Version 2.0.6

Release date: 25 September, 2020

Highlights

  • Perform instant, scheduled or real-time scanning on your Dell Isilon storage units.
  • Email notification for new user registrations
  • More information in Audit related to remediation actions

Bug fixes

  • Incorrect file timestamp for S3 / S3-Compatible storage units
  • Bundled dependency instead of downloading from the Internet
  • Missing loader on page change
  • SMTP and Notifications pages

Version 2.0.5

Release date: 19 August, 2020

Highlights

  • Improved onboarding for easier setup
  • More file details in the reports
  • Token expiration information exposed via authentication API

Bug fixes

  • Multiple files were created by Deep CDR remediation
  • Incorrect display of long filenames in Process A File page
  • Deleted files still available in the Trash folder after remediation action

Version 2.0.4

Release date: 15 July, 2020

Highlights

  • Version and licensing information
  • Improved installation experience

Bug fixes

  • Restart RTP when the storage discovery will fail for some reason
  • Fixed caching issue that led to missing text for some UI elements
  • Field validation was fixed such that the correct list of users is displayed when changing storage for move / delete remediation actions

Version 2.0.3

Release date: 25 June, 2020

Highlights

  • Additional remediation actions
  • Improved dashboard
  • Revert Deep CDR
  • Process single files for Box and OneDrive

Bug fixes

  • Improved installation experience on RHEL7 and RHEL8
  • The process scheduling algorithm was improved to ensure that the next process starts at the correct time
  • Real Time Processing configuration had been fixed so a new file is not scanned more than once needlessly (at the same time).

Version 2.0.2

Release date: 27 May, 2020

Highlights

  • Deep CDR as a remediation action
  • Support for an advanced installation using an external MongoDB database
  • Added audit trail

Bug fixes

  • Filtering reports by date could yield no results
  • Large file processing with OneDrive
  • Performance issues when refreshing the dashboard
  • Unicode support for scan names

Version 2.0.1

Release date: 15 April, 2020

Highlights

  • Improved the email report
  • Added left-side navigation menu to the initial configuration tutorial (onboarding)
  • Enhanced file analysis with vulnerability information
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
On This Page
ChangelogVersion 3.4.1Version 3.4.0Version 3.3.4Version 3.3.3Version 3.3.2Version 3.3.1Version 3.3.0Version 3.2.0Version 3.1.4Version 3.1.3Version 3.1.2Version 3.1.1Version 3.1.0Version 2.2.3Version 2.2.2Version 2.2.1Version 2.2.0Version 2.1.8Version 2.1.7Version 2.1.6Version 2.1.5Version 2.1.4Version 2.1.3Version 2.1.2Version 2.1.1Version 2.1.0Version 2.0.7Version 2.0.6Version 2.0.5Version 2.0.4Version 2.0.3Version 2.0.2Version 2.0.1