Skip to main content
Windows Agent 10.0 (2023-04-11)
A
Written by Arick Disilva
Updated over 9 months ago

Improvements

Monitoring Settings: Password Tracking Now Supports Special Fields

We have updated the MONITOR KEYSTROKES FOR PASSWORD FIELDS option (found on the Monitoring Settings > monitoring profile > Websites window) so that it can now detect form fields in a webpage with the webkit-text-security CSS property.

mceclip1.png

This non-standard CSS property is used in some sites or web applications to mask password inputs or other sensitive text in HTML form fields such as <input> or <textarea> by replacing them with a shape (e.g., circle, square, disc, etc.). Note that this property isn't supported on Firefox.

Websites monitoring will now be able to detect these fields and let you track the webpage or suspend its monitoring.

Bug Fixes

Behavior Rules/BI Reports: Some Content Rules Missing Alert Description and Notification Email

Due to a bug, some rules wouldn't generate an alert description and the email notification email wouldn't be sent (if used with a Notify action). As a result, the Description column on the BI Reports > Behavior Alerts or the Behavior > Alerts reports would be empty:

The bug is fixed now so that the alert description will be shown properly on all reports and notification emails sent.

Behavior Rules: Content not Detected Properly for Some Rules

Due to a bug in how certain contents (e.g., phone numbers) are detected by the Agent, a rule like the one below wouldn't work properly, i.e., it would trigger randomly, generate false alerts, miss some contents, etc.:

The bug is fixed so that this type of content will be detected properly and the rule will trigger as expected.

Behavior Rules: Some Rules wouldn't Trigger

Due to a bug, a simple rule like the one below wouldn't get triggered on some computers:

The bug is fixed now.

Monitoring/Behavior Rules: Email Addresses in Outlook Distribution Lists not Detected

Due to a bug, email sent to a distribution list (contact list) wouldn't detect the email addresses in that distribution list:

This might also cause behavior rules using the distribution list or emails from that distribution list to generate false positives or other unpredictable behavior.

The bug was reported in Outlook 2016 but other Outlook versions might be affected to.

The bug is fixed now so that email distribution lists will be properly detected.

Monitoring: Agent wouldn't Capture Cyrillic Text from Google Chat

Due to a bug, Cyrillic alphabets such as those used in Russia, Bulgaria, Ukraine, etc. wouldn't get captured by the Agent from Google Chat conversations:

The bug is fixed now so that Cyrillic alphabets are captured properly.

Monitoring Settings: Option to Exclude Processes from DLP Tracking not Working Properly

The DON'T TRACK DLP FOR PROCESSES field on the Monitoring Settings > monitoring profile > Advanced window allows you to whitelist (exclude) processes from being monitored by the Agent. However, due to a bug, it was inserting additional characters, \??\ at the beginning of each process path causing the option to not work properly (this can be seen on the Agent log file):

Agent log file:

<...>
[2023-Jan-13 09:17:22.653617] [driver_events 6] [debug] [FileDriverLogMessages]  ComplexLogMessage: [2023-01-13 09:17:22.652] [Common::SESSION/SessionItem::SetConfig/96] [3632/14312] white_list_processes[4]: \??\svchost.exe

The bug is fixed now so that the option will be working as expected.

Agent: Agent would Crash Randomly with Fatal Error

Due to an internal bug, the Agent would crash sometimes with this error code in the crash dump log:

Fatal Error: EXCEPTION_ACCESS_VIOLATION_READ / 0xc

The bug is fixed now.

Agent/Monitoring: Audio/Network Lag when Using the Revealed Agent

You might have noticed periodic network and/or audio lag when using an online meetings application such as Zoom, Skype, Softphone, etc. when the Revealed Agent is launched. This might happen even when the Audio or Screen monitoring options are turned off.

The bug is fixed now.

Agent/Behavior Rules: Agent would Crashes due to Content Sharing Rules

Due to a bug in the multilingual module, the Agent might crash in a few rare cases when a Content Sharing rule is active. The bug is fixed now.

Agent: Custom DNS Name Parameter not Injected Properly

Due to a bug, the TMDNSNAME installer parameter (dns-name parameter in the Agent configuration file) wasn't being inserted into the web pages. The bug is fixed now so it's working as expected:

For more information about this parameter and others, please check out:

Did this answer your question?