We've extended the amount of files recognized by the ThreatLocker service when Windows flags the file as being executed and the process is PowerShell or rundll. This may lead to an increase in logs and denies on your machines. If you're experiencing issues, please reach out to a Cyber Hero for help.
Known Bug: Identified an issue in which Applications with a wildcard in the Created By Process field would show as matching but not follow the policy action. Issue is expected to be resolved in 7.10.1.
Bugs and Fixes
- Resolved an issue with the editing of registry keys
- Resolved an issue where baselining would begin prior to policy downloading completing
- Resolved an issue with the security in connection to applications running from a WebDav
- Resolved an issue with drivers in connection to the WebDav folder and Clio software
- Resolved an issue with the status of USB updates during reformatting
- Resolved an issue with the “Run Now” popup in the tray
- Resolved an issue with the logs and execution of Visual Basic scripts
- Resolved an issue with the popup messages for .bat and .cmd files
- Resolved an issue with the correct logging of new processes
- Resolved an issue where cache times were not allowing for server recognition of workstations
- Resolved an issue with incorrect APIURL
- Resolved an issue with Unified Audit showing incorrect Effective Action
- Resolved an issue with the recreation of Private Keys on service restart
- Resolved an issue where the Realtime Unified Audit showed an incorrect Effective Action
- Changes startup procedure to mitigate potential duplication of computer entries on install
- Resolved an issue where certain regex rules were not being processed.
- Improved the error log to include Service/Driver version
- Improved the Unified Audit by adding an option, named LogRegistryPermit, that will log registry permits