A new Heimdal agent build (Windows OS), 4.5.2 Release Candidate, can now be downloaded from the Guide section -> Download and install tab of the Heimdal RC dashboard.
The updated version will be deployed, gradually, through our self-update mechanism, in the following weeks.
This new Windows Heimdal agent build consists of fixes and stabilization enhancements related to the Privilege & App Control product module, the primary ones being:
• Application Control, Command Prompt pop-up fix - this answers an issue triggered when the Allow auto elevation functionality was enabled for certain applications and consisting of erroneous spawning in the background and displaying of an UI pop-up window.
In order to correct this behavior, we further customized the process of creation/ update of an App Control rule with Allow auto elevation, by adding two new settings:
“Hide elevated GUI” and “Only elevate user input”, in the GP area.
These two new settings are also available in the modal window displayed post taking an action from the Application Control product pages.
The new settings are mutually exclusive.
If enabled, the “Hide elevated GUI” check box will ensure that the elevated application displays the corresponding GUI only when it is actually started by the user (in other cases, it will run, elevated, in the background).
The “Only elevate user input” functionality, if enabled, will see that the selected application is only going to be elevated, when interactions are made by the logged-in user (otherwise, the application will run with non-elevated privileges).
In order to provide an optimal UX, the new App Control grid has been compressed and a new “Rule settings” column was added.
Previously, certain settings were configurable from within the grid; this will be now possible just for Appfencing, while in the normal App Control setup, all other settings need to be edited and saved in order to be updated.
• PEDM: Compliance mechanism not picking up the correct AD Groups for the corresponding endpoints - the fix ensures accurate update of the AD users compliance data, which had previously recorded activity on the machine;
• PEDM: “Signed in” elevation wrongfully displaying the remaining elevation time for hybrid users – this fix corrected the elevation timer information that was showing 00:00:00, when the elevation had been performed using the “Sign In” Heimdal Agent button;
• Application Control: “Allow” rules based on MD5 not working for UNC paths - fixes an issue causing an MD5 calculation error for an application launched from a network drive;
• Application Control: MSI installer auto elevation error - corrects an issue which did not allow .msi extension files to be auto elevated.