Malwarebytes cloud platform update – December 18, 2017

Document created by rsullinger Employee on Dec 19, 2017Last modified by jkeiderling on Dec 21, 2017
Version 4Show Document
  • View in full screen mode

Malwarebytes is scheduled to update our cloud platform on December 18, 2017 at 8:00pm EST/5:00pm PST. As a customer of this platform, we want to take a moment to familiarize you with the changes that are about to become available.


New Features

  • Added exclusion support for Exploit Protection in Malwarebytes Endpoint Protection: This enables administrators to enter the MD5 hash of a file they’d like excluded from protection. Click on the Settings tab in the cloud console, choose Exclusions, select New, then scroll down and click the circle for “Exclude a file from Exploit Protection (Windows)” and type in the desired MD5 hash:

 

 

  •  Added new on-demand reports for Quarantine and Endpoint summaries: Administrators can request a CSV format export of quarantined items and endpoint records for the previous 24 hours, 7 days, or 30 days. Click on the Reports tab in the cloud console, then click the “Generate Now” link for the desired report. The request is placed into a queue for processing. When the report is ready, an email with a link is sent to the requestor’s email address allowing them to download the desired report:

 

 

  •  Added support for nested Groups: This provides administrators the flexibility to create an organizational structure in the cloud console that reflects their real-world environment (e.g., different businesses, business units, departments, locations). Click on the Settings tab in the cloud console, choose Groups, then click on the Add button. Type in the new Group Name, select the security policy for this group, and select the box to nest this group within an existing group:

 

 

  •  Added a scan progress dialogue window for Malwarebytes Endpoint Protection: When a user initiates a Threat Scan, they will see the details of all scan phases, files being scanned, number of items being scanned, elapsed time, and threats identified on their endpoint. They also have the option to cancel their Threat Scan in this dialog window:

 


Improvements

  • Display selected Detection Details and Quarantine Details in their own modal dialog window
  • Added new detection data fields within Detection Details (where applicable) for the group name the endpoint belongs to, IP address, and port number
  • Enhanced cloud console Endpoint page by converting the list of Group names to a simple drop-down selector with filter capabilities:

 

 

  • Updated Malwarebytes Discovery and Deployment Tool to warn if disk space is unavailable for installation on remote endpoint (To be released on 12/20)
  • Updated Malwarebytes Discovery and Deployment Tool to display an error if download server cannot be reached (To be released on 12/20)
  • Reduced Endpoint Agent error logging to only log unrecoverable errors
  • Fixed: macOS tray icon tool tip doesn’t reflect policy setting
  • Fixed: Inconsistent verbiage when no threats or infections are found in the console
  • Fixed: Renamed “NebulaAgent” to “EndpointAgent” in macOS logs to maintain convention
  • Fixed: Incorrectly formed exclusions prevent subsequent exclusions from being applied
  • Fixed: Endpoint Agent Tray exceptions when switching between user accounts while an active scan is running
  • Fixed: User-initiated scan UI Time Elapsed field resets when logging into a different user account
  • Fixed: Visio 2010 uninstall string causes installed software list to not populate correctly
  • Fixed: Malwarebytes Discovery & Deployment Tool would show a failure even if the agent was successfully installed
  • Fixed: macOS handling of GMT (+0000) time
  • Fixed: Web Protection will prevent web traffic for some customers who connected to a VPN. If you experience issues, please contact Malwarebytes Customer Success team with your VPN details for assistance
  • Fixed: If an exclusion was entered incorrectly, the Endpoint Agent would ignore any subsequent exclusions


Known Issues

  • We are not currently listing the MD5 hash for processes that Exploit Protection detects. In order to add an Exploit Protection exclusion, administrators must calculate their own MD5 hashes.

 

Our next cloud platform update is scheduled for January 2018. 

Attachments

    Outcomes