What's New

New Features

  • Dynamic Package is a new package type ready for download. Dynamic Package with R80.40 can reduce network traffic significantly during existing client upgrades. See "Deploying Endpoint Security Clients" in the R80.40 Endpoint Security Management Server Administration Guide.

  • VMware Horizon Non-Persistent VDI is now in Early Availability. Contact E81_EA@checkpoint.com for more information.

  • Application Control includes a new feature for developer protection that prevents leakage of sensitive information and the use of vulnerable packages. See sk165615 for details.

  • Behavioral Guard now protects against Credential Dumping.

  • Forensics can now report the URL for the file source when the SandBlast Agent Browser Extension is active.

  • Machine type, roles and features now show in the Forensics report.

Enhancements

  • Anti-Malware

    • Resolves a possible issue where the server does not display the latest Anti-Malware signature version of the Endpoint Security clients.

    • Resolves an issue where the policy state displays as "Unknown" in the client User Interface.

  • Anti-Exploit

    • Fixes a rare BSOD related to Anti-Exploit infrastructure.

  • Anti-Ransomware, Behavioral Guard and Forensics

    • Reduces repeated logs for specific errors to improve Behavioral Guard performance.

    • Adds a default exclusion to prevent a known case of an Anti-Ransomware false positive.

    • Forensics and Anti-Exploit now correctly identify the latest versions of Microsoft Edge (based on Chromium) as a browser.

    • SandBlast Agent browser extensions now report the URLs used to download files to Forensics. This information now displays in the Entry Point view in the Forensics report when it is present.

    • Fixes an issue where the Behavioral Guard log and the equivalent Forensics log show different levels of confidence.

    • Fixes a rare race condition that can override the current Forensics policy with the default policy.

    • Fixes an issue where Forensics generates "Analysis Failed" reports when policy disables Forensics Analysis.

    • Fixes an issue that can cause DNS sensor information to be withheld from Forensics.

    • Fixes an issue in the Forensics report where trigger processes incorrectly show as remotely executed by Windows Management Instrumentation (WMI).

    • The Overview screen Entry Point tooltip now displays correctly for Windows Management Instrumentation (WMI) executions.

    • Adds the type of the machine to the General view of the Forensics Report. The type can be a desktop, a laptop, a Virtual Machine, or a server.

    • Machines Roles and Features as defined by Windows are now available in the General view of the Forensics Report.

    • The Reputation view in the Forensics report now has an option to select and copy Hashes, URLs and IPs.

  • Firewall and Application Control

    • Improves compatibility with 3rd-party VPN software.

  • Full Disk Encryption

    • The firmware logo wallpaper now shows when Windows loads after the Full Disk Encryption pre-boot.

    • Fixes dual recovery file delivery on fresh installations on UEFI machines.

  • Media Encryption and Port Protection

    • Resolves an issue where allowed devices can show as blocked in SmartEndpoint Media Encryption and Port Protection reports.

    • Resolves an issue where the user does not see an option to override company encryption policy to copy data from network shared folders.

    • Resolves an issue where the wrong authorization status shows in the Media Encryption UI.

    • Resolves a possible system freeze from corrupted settings of the Media Encryption blade.

  • Installation

    • Resolves an issue where the Endpoint Security installation can fail after a miscalculation of the required disk space.

    • No longer displays a redundant user check pop-up on an installation retry.

  • Infrastructure

    • Resolves an issue where the client can report logs incorrectly if the username contains non-ANSI symbols.

    • Resolves a rare issue with policy corruption that can put some blades in non-running states.

    • Resolves an issue where the VPN client automatically reappears in Automatic Start although it is disabled by the Task Manager.

    • Fixes the vulnerability to "RobinHood" (CVE-2018-19320).