Bitdefender Endpoint Security Tools for Windows
This section contains the release notes for Bitdefender Endpoint Security Tools (BEST) for Windows. For the BEST for Windows user's guide, go to this section.
For BEST for Windows release notes from 2019-2021, refer to this document.
Version 7.9.18.468
Release date:
Fast ring: 2024.12.05
Slow ring: 2024.12.10
Important
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes, on slow ring, the improvements and fixes delivered with BEST version 7.9.18.466 released on fast ring.
New features and improvements
Power User
The Power User CLI module has been enhanced to help users easily interpret command results and navigate the interface with improved visual cues:
Red: indicates error messages.
Green: indicates successful commands.
Blue: highlights features, making it easy to distinguish them in the text.
Product
BEST is now compatible with Windows Server 2025 x64.
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
Fixed an issue that caused some On-demand scan tasks to freeze when multiple tasks were running simultaneously.
Product
In some situations, the security agent caused high memory usage.
Resolved a minor translation issue related to the Vietnamese GUI label.
Fixed an issue that prevented the security agent from being compatible with a certain Security Information and Event Management (SIEM) server.
Resolved an issue where the update process failed with error -2013 during a Reconfigure Agent task.
Security fixes.
Version 7.9.18.466
Release date:
Fast ring: 2024.11.27
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Power User
The Power User CLI module has been enhanced to help users easily interpret command results and navigate the interface with improved visual cues:
Red: indicates error messages.
Green: indicates successful commands.
Blue: highlights features, making it easy to distinguish them in the text.
Product
BEST is now compatible with Windows Server 2025 x64.
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Product
In some situations, the security agent caused high memory usage.
Resolved a minor translation issue related to the Vietnamese GUI label.
Fixed an issue that prevented the security agent from being compatible with a certain Security Information and Event Management (SIEM) server.
Resolved an issue where the update process failed with error -2013 during a Reconfigure Agent task.
Version 7.9.17.458
Release date:
Fast ring: 2024.11.06
Slow ring: 2024.11.11
Important
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes, on slow ring, the improvements and fixes delivered with BEST versions 7.9.17.455 and 7.9.17.457 released on fast ring.
New features and improvements
Power User
The Power User CLI module has been enhanced with the following functionalities:
You can enable and disable all modules with one command.
You can set the number of minutes after which any changes made with Power User are reverted, and the GravityZone policy is reapplied.
You can add and remove exclusions for the following features: Antimalware On-access scanning, Advanced Threat Control, Ransomware Mitigation, and Network Protection.
For more information, refer to the Power User CLI commands section of the Using the Power User module page.
Product
Added support for removing the following incompatible products:
Kaspersky Embedded Systems Security 3.x
WithSecure Client Security 16.x
WithSecure Client Security Premium 16.x
WithSecure Server Security 16.x
WithSecure Server Security Premium 16.x
ESET Endpoint Security 11
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
Folder exclusions with wildcards and network paths are now functioning correctly during the scanning process.
Firewall
When the endpoints were shut down, Firewall rules were not correctly updated or applied when using policy assignment rules and transitioning from an out-of-office VPN connection to an in-office Ethernet connection.
Network Protection
Fixed an issue that caused false positives when untrusted certificates ignored timeout errors during website validations.
Resolved an issue that caused excessive memory usage during the transfer of extremely large files.
Product
Fixed an issue that caused the Bitdefender Endpoint Security Tools GUI to crash.
The issue with emails not being restored using Release to intended recipient has been fixed.
The Full Scan button in the status area is now working properly for security agents using French and German.
The issue that was causing security agent crashes has been fixed. It affected endpoints with product version 7.9.17.455, released on fast ring.
Fixed a crash during the update process. It affected endpoints with product version 7.9.11.412 or older.
Known issues
Product
Windows explorer may crash when running a Contextual scan after updating to product version 7.9.17.458. If this issue occurs, please update Microsoft Visual C++ Redistributable to the latest version.
Version 7.9.17.457
Release date:
Fast ring: 2024.11.04
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Added support for removing the incompatible security product ESET Endpoint Security 11.
Resolved issues
Product
The issue that was causing security agent crashes has been fixed. It affected endpoints with product version 7.9.17.455, released on fast ring.
Version 7.9.17.455
Release date:
Fast ring: 2024.10.28
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Power User
The Power User CLI module has been enhanced with the following functionalities:
You can enable and disable all modules with one command.
You can set the number of minutes after which any changes made with Power User are reverted, and the GravityZone policy is reapplied.
You can add and remove exclusions for the following features: Antimalware On-access scanning, Advanced Threat Control, Ransomware Mitigation, and Network Protection.
For more information, refer to the Power User CLI commands section of the Using the Power User module page.
Product
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following incompatible products:
Kaspersky Embedded Systems Security 3.x
WithSecure Client Security 16.x
WithSecure Client Security Premium 16.x
WithSecure Server Security 16.x
WithSecure Server Security Premium 16.x
Resolved issues
Antimalware
Folder exclusions with wildcards and network paths are now functioning correctly during the scanning process.
Firewall
When the endpoints were shut down, Firewall rules were not correctly updated or applied when using policy assignment rules and transitioning from an out-of-office VPN connection to an in-office Ethernet connection.
Network Protection
Fixed an issue that caused false positives when untrusted certificates ignored timeout errors during website validations.
Resolved an issue that caused excessive memory usage during the transfer of extremely large files.
Product
Fixed an issue that caused the Bitdefender Endpoint Security Tools GUI to crash.
The issue with emails not being restored using Release to intended recipient has been fixed.
The Full Scan button in the status area is now working properly for security agents using French and German.
Version 7.9.16.447
Release date:
Fast ring: 2024.09.26
Slow ring: 2024.10.03
Important
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes, on slow ring, the improvements and fixes delivered with BEST version 7.9.16.445 released on fast ring.
New features and improvements
Product
Added support for removing the incompatible security product Trellix Endpoint version 23.x.
BEST is now compatible with Windows 11 version 24H2.
Resolved issues
Update staging
Fixed an issue that prevented the security agent from updating using the correct port.
Product
The security agent no longer generates too many error messages in Event Viewer.
Device Control
Fixed an issue where, in some cases, the module prevented devices from being mounted after a Windows Update.
Version 7.9.16.445
Release date:
Fast ring: 2024.09.19
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Added support for removing the incompatible security product Trellix Endpoint version 23.x.
Resolved issues
Product
Fixed an issue that caused the security agent to generate too many error messages in Event Viewer.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks performed on endpoints with product versions between 7.9.4.313 and 7.9.5.318 require a reboot and are discarded afterwards. After rebooting the target endpoints, you need to run the Reconfigure agent tasks again.
Version 7.9.15.439
Release date:
Fast ring: 2024.09.02
Slow ring: 2024.09.04
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes, on slow ring, the improvements and fixes delivered with BEST version 7.9.15.437 released on fast ring.
New features and improvements
Network Protection
The Network Protection module no longer blocks invalid or expired certificates. Instead, browsers are going to display a warning message for them.
Product
Enhanced support for removing the following incompatible security products:
eScan Corporate Edition 14.x
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Product
Internal fixes.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks performed on endpoints with product versions between 7.9.4.313 and 7.9.5.318 require a reboot and are discarded afterwards. After rebooting the target endpoints, you need to run the Reconfigure agent tasks again.
Version 7.9.15.437
Fast ring: 2024.08.27
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
The Network Protection module no longer blocks invalid or expired certificates. Instead, browsers are going to display a warning message for them.
Product
Enhanced support for removing the following incompatible security products:
eScan Corporate Edition 14.x
Added support for upcoming features available with the next major GravityZone release.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks performed on endpoints with product versions between 7.9.4.313 and 7.9.5.318 require a reboot and are discarded afterwards. After rebooting the target endpoints, you need to run the Reconfigure agent tasks again.
Version 7.9.14.430
Release date:
Fast ring: 2024.08.05
Slow ring: 2024.08.06
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes, on slow ring, the improvements and fixes delivered with BEST version 7.9.14.428 released on fast ring.
Resolved issues
Endpoint Detection and Response (EDR)
The issue that was causing security agent crashes has been fixed. It affected endpoints with product version 7.9.14.427, released on fast ring.
Product
Issues with translations have been fixed.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.14.430, you must run a new Reconfigure agent task.
Version 7.9.14.428
Release date:
Fast ring: 2024.07.29
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Endpoint Detection and Response (EDR)
The issue that was causing security agent crashes has been fixed. It affected endpoints with product version 7.9.14.427, released on fast ring.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.14.428, you must run a new Reconfigure agent task.
Version 7.9.14.427
Release date:
Fast ring: 2024.07.24
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements.
Product
Added support for Copilot+ PC endpoints.
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Security for Exchange
The product installation no longer fails if the Security for Exchange module is not enabled.
The issue with emails not being restored from quarantine has been fixed.
Product
The product installation no longer remains in progress after running a Reconfigure agent task. This issue occurred on Windows 11 systems.
The Relay agent is now completely removed using the Reconfigure agent task.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.14.427, you must run a new Reconfigure agent task.
Version 7.9.13.423
Release date:
Fast ring: 2024.06.27
Slow ring: 2024.07.04
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Power User
The Power User GUI module is now available only for endpoints that use Windows 10 and higher and Windows Server 2016 and higher.
The Power User CLI module now offers suggestions when a command is incorrect or incomplete.
Endpoint Detection and Response
You can now submit raw events to both Bitdefender MDR and Security Information and Event Management (SIEM) servers.
Product
You are now notified if the Boot-Start Driver Initialization Policy is set to Good only when installing the security agent using the local interface. This policy can cause critical errors (BSOD).
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Exchange Protection
The module quarantined DOCX attachments despite the Attachment Filtering rule being set for executable files only.
Blacklisted email addresses managed to deliver messages even after they were added in the Connection Blacklist.
Advanced Threat Control
Addressed an issue where Advanced Threat Control caused critical errors (BSOD).
Integrity Monitoring
Created or modified files were not moved to quarantine according to active Integrity Monitoring rules.
Endpoint Detection and Response
In some situations, the EDR module caused high memory usage.
Product
The communication between endpoints, and the Incidents server failed when using a Relay.
In some situations, the installation failed. This issue is no longer occurring.
In a particular scenario, the product installation failed on Windows Server 2022 endpoints. This issue affected endpoints with product version 7.9.11.412.
The product updates remained in progress and failed to install after scanning the system for vulnerabilities using Nessus.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.13.423, you must run a new Reconfigure agent task.
Version 7.9.12.418
Release dates:
Fast ring: 2024.05.31
Slow ring: 2024.06.04
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes, on slow ring, the improvements and fixes delivered with BEST versions 7.9.12.414 and 7.9.12.415, released on fast ring.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Anti-tampering
Callback Evasion detections have been improved.
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Implemented internal optimizations to enhance the performance of the security agent.
Product console commands, including Power User CLI, are no longer case-sensitive.
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
Addressed a specific scenario where the module caused critical errors (BSOD). The issue has been fixed.
The security agents could not connect to the Bitdefender Global Protective Network, when the communication was configured through Relay and the DNS was not configured.
The installation could not be completed during certain custom deployments. This issue has been fixed.
Resolved a cleanup issue in the ProgramData folder. This issue affected endpoints with product version 7.9.10.392.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.12.418, you must run a new Reconfigure agent task.
Version 7.9.12.415
Release dates:
Fast ring: 2024.05.28
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Antimalware
Addressed a specific scenario where the module caused critical errors (BSOD). The issue has been fixed.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.12.415, you must run a new Reconfigure agent task.
Version 7.9.12.414
Release dates:
Fast ring: 2024.05.23
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Anti-tampering
Callback Evasion detections have been improved.
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Product console commands, including Power User CLI, are no longer case-sensitive.
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Product
The security agents could not connect to the Bitdefender Global Protective Network, when the communication was configured through Relay and the DNS was not configured.
The installation could not be completed during certain custom deployments. This issue has been fixed.
Resolved a cleanup issue in the ProgramData folder. This issue affected endpoints with product version 7.9.10.392.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.12.414, you must run a new Reconfigure agent task.
Version 7.9.11.412
Release date:
Fast ring: 2024.05.20
Slow ring: 2024.05.21
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Antimalware
Addressed a scenario where the module caused critical errors (BSOD). The issue is now fixed.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.11.412, you must run a new Reconfigure agent task.
Version 7.9.11.407
Release date:
Fast ring: 2024.05.14
Slow ring: 2024.05.15
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Endpoint Detection and Response
In some cases, executable files added to the Blocklist could still be run. This issue has been fixed.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.11.407, you must run a new Reconfigure agent task.
Version 7.9.11.406
Release date:
Fast ring: 2024.05.07
Slow ring: 2024.05.08
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes on slow ring the improvements and fixes delivered with the BEST version 7.9.11.404 released on fast ring.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Network Protection
The module blocked a particular website even if it was added as an exclusion. This issue has been fixed.
Power User
The CLI version of the module displayed Ransomware Mitigation as disabled, even if it was enabled from the policy.
Product
In some cases, endpoint users were incorrectly notified in Windows Action Center and in the local GUI that the product was out of date.
Advanced Threat Control displayed command line detections with additional spaces, leading to potentially incorrect exclusions.
The Education web category from Content Control was incorrectly translated.
The product installation failed when a reconfigure agent task was in progress, and another task started afterwards.
The security agent failed to install the latest product updates. This issue has been fixed.
In some cases, starting updates from the notifications displayed in the Windows Action Center caused the product update to fail with error 21.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.11.406, you must run a new Reconfigure agent task.
Version 7.9.11.404
Release date:
Fast ring: 2024.04.24
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Network Protection
The module blocked a particular website even if it was added as an exclusion. This issue has been fixed.
Power User
The CLI version of the module displayed Ransomware Mitigation as disabled, even if it was enabled from the policy.
Product
Advanced Threat Control displayed command line detections with additional spaces, leading to potentially incorrect exclusions.
The Education web category from Content Control was incorrectly translated.
The product installation failed when a reconfigure agent task was in progress, and another task started afterwards.
The security agent failed to install the latest product updates. This issue has been fixed.
In some cases, starting updates from the notifications displayed in the Windows Action Center caused the product update to fail with error 21.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.11.404, you must run a new Reconfigure agent task.
Version 7.9.10.392
Released date:
Fast ring: 2024.04.04
Slow ring: 2024.04.04
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Anti-tampering
The Anti-tampering module has been removed from the local interface until it becomes available with the next major GravityZone update.
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Firewall
Addressed an issue where the Firewall caused critical errors (BSOD) after updating to version 7.9.10.390.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.10.392, you must run a new Reconfigure agent task.
Version 7.9.10.390
Release date:
Fast ring: 2024.04.01
Slow ring: 2024.04.03
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.9.10.387 released on fast ring.
New features and improvements
Anti-tampering
Added support for the new Anti-tampering feature that will be released with the next major GravityZone update. The module is disabled on endpoints at the moment with no impact on the current capabilities of the security agent.
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Live search
Osquery has been upgraded to version 5.11.0.
Power User
The Command Line Interface (CLI) version of the module is now the default option when selecting Power User from the system tray. The GUI version can still be accessed through the
EPPowerConsole.exe
file.
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and requires no action from your side.
You are now notified in the local interface when:
a quarantined file has been restored to your system.
the endpoint requires a restart to complete an update, a malware disinfection action, a patch installation, to configure installed modules, and to resolve a threat found by Sandbox Analyzer.
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following incompatible security products:
Trellix Agent 5.x
Trellix Endpoint Security 10.x
New Bitdefender Global Protective Network addresses have been added. You must update your firewall rules to cover them. For more information, refer to GravityZone (on-premises) communication ports.
Resolved issues
Network Protection
In some situations, applications blocked according to Application Blacklisting rules could still be accessed. This issue has been fixed.
Product
In some cases, the security agent services stopped when product updates remained in progress.
In some cases, the security agent remained in an active state after the uninstall process finished causing system issues.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.10.390, you must run a new Reconfigure agent task.
Version 7.9.10.387
Release date:
Fast ring: 2024.03.26
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Live search
Osquery has been upgraded to version 5.11.0.
Power User
The Command Line Interface (CLI) version of the module is now the default option when selecting Power User from the system tray. The GUI version can still be accessed through the
EPPowerConsole.exe
file.
Product
The endpoint update mechanism is being improved. These improvements are being rolled out in stages and require no action from your side.
You are now notified in the local interface when:
a quarantined file has been restored to your system.
the endpoint requires a restart to complete an update, a malware disinfection action, a patch installation, to configure installed modules, and to resolve a threat found by Sandbox Analyzer.
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following incompatible security products:
Trellix Agent 5.x
Trellix Endpoint Security 10.x
Resolved issues
Network Protection
In some situations, applications blocked according to Application Blacklisting rules could still be accessed. This issue has been fixed.
Product
In some cases, the security agent remained in an active state after the uninstall process finished causing system issues.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.10.387, you must run a new Reconfigure agent task.
Version 7.9.9.381
Release date:
Fast ring: 2024.03.06
Slow ring: 2024.03.11
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out. This update is silent, with no action required from your side (no agent reconfiguration required).
Product
Starting with this release, we are going to bring improvements to the endpoint update mechanism. These improvements are being rolled out in stages and require no action from your side.
Resolved issues
Network Protection
In a specific scenario, the rules set through Network Protection > Application blacklisting were not applied correctly.
Product
Security fixes.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.9.381, you must run a new Reconfigure agent task.
Version 7.9.9.370
Release date:
Fast ring: 2024.02.21
Slow ring: 2024.02.22
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Network Protection
A new Network Protection driver is being rolled out, on fast ring. This update will be silent, with no action required from your side (no agent reconfiguration required).
Resolved issues
Product
In some situations, the Datto RMM integration was not working correctly after updating the security agent to product version 7.9.9.367.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.9.370, you must run a new Reconfigure agent task.
Version 7.9.9.367
Release date:
Fast ring: 2024.01.29
Slow ring: 2024.02.06
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Power User
The Power User module is now also available through the Command Line Interface (CLI). This change reduces the disk size of the installed product, eliminates the Chromium dependency and supports more GravityZone features. For more information, refer to Using the Power User module.
Network Protection
A new Network Protection driver is being rolled out, on fast ring. This update will be silent, with no action required from your side (no agent reconfiguration required).
Product
Added support for removing the following incompatible security products:
Avast Business Security 23.x
Adaware antivirus free 12.x
TotalAV 5.x
Enhanced support for removing the following incompatible security product:
Trend Micro Worry-Free Business Security Agent 6.x
Resolved issues
Network Protection
In some situations, the Network Protection module caused performance issues.
Antimalware
In a specific scenario, Linux path exclusions added in the policy prevented the Antimalware On-Access scan from working correctly.
Content Control
The module blocked multiple website categories that were allowed in the policy, after updating the security agent to product version 7.9.8.350.
Product
In some cases, the security agent incorrectly reported the user last login time to the GravityZone console.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.9.367, you must run a new Reconfigure agent task.
Version 7.9.8.350
Release date:
Fast ring: 2023.12.04
Slow ring: 2023.12.06
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Product
Internal fixes.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.8.350, you must run a new Reconfigure agent task.
Version 7.9.8.346
Release date:
Fast ring: 2023.11.13
Slow ring: 2023.11.20
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.9.8.343 released on fast ring.
New features and improvements
Live Search
The Live Search feature is now compatible with ARM64 architecture CPUs.
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
Exclusions were not being taken into account when scanning registries. This issue has been fixed.
In specific cases, the security agent crashed when a new product version was available.
Product
Addressed an internal issue that caused the product update process to fail with error -1007.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.8.346, you must run a new Reconfigure agent task.
Version 7.9.8.343
Release date:
Fast ring: 2023.11.09
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Live Search
The Live Search feature is now compatible with ARM64 architecture CPUs.
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
Exclusions were not being taken into account when scanning registries. This issue has been fixed.
In specific cases, the security agent crashed when a new product version was available.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.8.343, you must run a new Reconfigure agent task.
Version 7.9.7.336
Release date:
Fast ring: 2023.10.30
Slow ring: 2023.10.31
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.9.7.334 released on fast ring.
New features and improvements
Content Control
The Content Control module now blocks SSL connections, from non-browser processes to malicious domains. This improvement is going to be gradually enabled on all endpoints.
Product
Added support for removing the following incompatible security products:
Trellix Agent
Trellix Endpoint Security Platform
Trellix Endpoint Security Adaptive Threat Protection
Trellix Endpoint Security Threat Prevention
Trellix Endpoint Security Web Control
Enhanced support for removing the following incompatible security product:
Trend Micro Apex One Security Agent 14.x
Callback evasion notifications are now displayed for users when:
The product’s integrity is compromised and the system administrator needs to be contacted.
A system restart is required to restore the product's integrity.
The product is no longer compromised.
Resolved issues
Network Protection
When enabled in Google Chrome and Mozilla Firefox, the Encrypted ClientHello (ECH) protocol prevented content filtering and traffic scanning.
Security for Exchange
Discovery Search Mailboxes no longer take license slots for the Security for Exchange module.
Product
Fixed incompatibility with Ninja Agent that prevented the product from updating.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.7.336, you must run a new Reconfigure agent task.
Version 7.9.7.334
Release date:
Fast ring: 2023.10.23
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Content Control
The Content Control module now blocks SSL connections, from non-browser processes to malicious domains. This improvement is going to be gradually enabled on all endpoints.
Product
Enhanced support for removing the following incompatible security product:
Trend Micro Apex One Security Agent 14.x
Callback evasion notifications are now displayed for users when:
The product’s integrity is compromised and the system administrator needs to be contacted.
A system restart is required to restore the product's integrity.
The product is no longer compromised.
Resolved issues
Network Protection
When enabled in Google Chrome and Mozilla Firefox, the Encrypted ClientHello (ECH) protocol prevented content filtering and traffic scanning.
Security for Exchange
Discovery Search Mailboxes no longer take license slots for the Security for Exchange module.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.7.334, you must run a new Reconfigure agent task.
Version 7.9.6.331
Release date:
Fast ring: 2023.10.05
Slow ring: 2023.10.11
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process. For more information, refer to this article.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 7.9.6.329 and 7.9.6.330 released on fast ring.
Resolved issues
Firewall
In some cases, rules configured in the policy were no longer applied after a period of time, resulting in blocked applications.
In some cases, the Firewall module crashed after changing the Network Adapter settings.
Product
In some cases, the Support Tool generated empty or corrupted reports. This issue has been fixed.
Internal fixes.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.6.331, you must run a new Reconfigure agent task.
Version 7.9.6.330
Release date:
Fast ring: 2023.09.27
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process.
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Product
In some cases, the Support Tool generated empty or corrupted reports. This issue has been fixed.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.6.330, you must run a new Reconfigure agent task.
Updating your endpoints to BEST version 7.9.5.318, released on fast ring, can fail due to an issue with one of the filter drivers. Endpoints affected by the issue will be displayed as offline in Control Center since August 17, or the latest date a product update has been attempted. To fix this issue, refer to this article.
Note
These issues occur with security agents, which are updated from versions ranging between 7.8.4.269 and 7.9.4.313 to version 7.9.5.318.
Version 7.9.6.329
Release date:
Fast ring: 2023.09.25
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process.
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Firewall
In some cases, the Firewall module crashed after changing the Network Adapter settings.
Product
Internal fixes.
Known issues
Product
The update process may fail with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.6.329, you must run a new Reconfigure agent task.
Updating your endpoints to BEST version 7.9.5.318, released on fast ring, can fail due to an issue with one of the filter drivers. Endpoints affected by the issue will be displayed as offline in Control Center since August 17, or the latest date a product update has been attempted. To fix this issue, refer to this article.
Note
These issues occur with security agents, which are updated from versions ranging between 7.8.4.269 and 7.9.4.313 to version 7.9.5.318.
Version 7.9.5.324
Release date:
Fast ring: 2023.09.11
Slow ring: 2023.09.12
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 may require an endpoint reboot to complete the update process.
During this update, the Microsoft Exchange Transport service will be stopped.
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 7.9.5.318 and 7.9.5.322 released on fast ring.
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Users are now notified whenever the communication between endpoints and the GravityZone console cannot be established.
Users are now notified whenever communication with the Incidents Server cannot be established.
Implemented internal optimizations for enhanced stability of the security agent.
Live search
Osquery has been upgraded to version 5.9.1
Resolved issues
Integrity Monitoring
The Integrity Monitoring module did not generate Change events for files that have been accessed and modified from another endpoint, through Server Message Block (SMB) protocol.
Endpoint Detection and Response
In some cases, the EDR module caused performance issues on Remote Desktop Servers (RDS), when users connected via Remote Desktop Protocol (RDP).
Product
Security fixes.
Known issues
Product
The update process to version 7.9.5.322 fails with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks used to add new modules on previous security agent versions require endpoints reboot. After rebooting and updating the endpoints to version 7.9.5.324, you must run a new Reconfigure agent task.
Updating your endpoints to BEST version 7.9.5.318, released on fast ring, can fail due to an issue with one of the filter drivers. Endpoints affected by the issue will be displayed as offline in Control Center since August 17, or the latest date a product update has been attempted. To fix this issue, refer to this article.
Note
These issues occur with security agents, which are updated from versions ranging between 7.8.4.269 and 7.9.4.313 to version 7.9.5.318.
Version 7.9.5.322
Release date:
Fast ring: 2023.09.04
Slow ring: -
Important
Security agents with product versions between 7.8.4.269 and 7.9.5.318 will require an endpoint reboot to complete the update process.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Live search
Osquery has been upgraded to version 5.9.1
Product
Users are now notified whenever communication with the Incidents Server cannot be established.
Resolved issues
Endpoint Detection and Response
In some cases, the EDR module caused performance issues on Remote Desktop Servers (RDS), when users connected via Remote Desktop Protocol (RDP).
Product
Security fixes.
Known issues
Product
The update process to version 7.9.5.322 fails with error -2011. You must run the update again to complete the process.
Reconfigure agent tasks that are used to add new modules require endpoints reboot. After rebooting the endpoint, you must run the Reconfigure agent task again to complete the process.
Updating your endpoints to BEST version 7.9.5.318, released on fast ring, can fail due to an issue with one of the filter drivers. Endpoints affected by the issue will be displayed as offline in Control Center since August 17, or the latest date a product update has been attempted. To fix this issue, refer to this article.
Note
These issues occur with security agents, which are updated from versions ranging between 7.8.4.269 and 7.9.4.313 to version 7.9.5.318.
Version 7.9.5.318
Release date:
Fast ring: 2023.08.17
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Users are now notified whenever the communication between endpoints and the GravityZone console cannot be established.
Resolved issues
Integrity Monitoring
The Integrity Monitoring module did not generate Change events for files that have been accessed and modified from another endpoint, through Server Message Block (SMB) protocol.
Version 7.9.4.313
Release date: 2023.08.10
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Network Protection
In a particular situation, the exclusions defined in Web Access Control for websites did not function as intended. This issue affected endpoints with product version 7.9.4.306.
Version 7.9.4.306
Release date:
Fast ring: 2023.07.31
Slow ring: 2023.08.02
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.9.4.303 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Antimalware
The Antimalware module can now monitor files that use the
.log
and.gif
extensions.
Product
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following incompatible security products:
Coro Cybersecurity
Cylance PROTECT, version 3.x
Resolved issues
Integrity Monitoring
The Integrity Monitoring module generated Renamed events instead of Deleted events when a monitored file was deleted.
Antimalware
The module did not detect files transferred at the same time on a network share via Remote Desktop Protocol (RDP).
The security agent did not allow the safe removal of external storage devices when the Antimalware module was installed.
Content Control
The module blocked a particular web address, which had been excluded in the policy, while the Web Proxy category was configured for blocking.
Network Protection
The Network Protection module blocked certain websites. The issue affected endpoints with product version 7.9.4.303, released on fast ring.
Product
Security fixes.
Version 7.9.4.303
Release date:
Fast ring: 2023.07.26
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Antimalware
The Antimalware module can now monitor files that use the
.log
and.gif
extensions.
Product
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following incompatible security products:
Coro Cybersecurity
Cylance PROTECT, version 3.x
Resolved issues
Integrity Monitoring
The Integrity Monitoring module generated Renamed events instead of Deleted events when a monitored file was deleted.
Antimalware
The module did not detect files transferred at the same time on a network share via Remote Desktop Protocol (RDP).
The security agent did not allow the safe removal of external storage devices when the Antimalware module was installed.
Content Control
The module blocked a particular web address, which had been excluded in the policy, while the Web Proxy category was configured for blocking.
Product
Security fixes.
Version 7.9.3.298
Release date:
Fast ring: 2023.07.03
Slow ring: 2023.07.04
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 7.9.3.297 and 7.9.3.297 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
The Support Tool and Uninstall Tool are now console applications.
The
bruteForce
parameter that can be used when uninstalling the security agent is now available only for product versions starting with 7.x.Added support for removing the following incompatible security product:
Webroot SecureAnywhere 9.x
Resolved issues
Content Control
The Content Control module did not block web pages when a proxy was used. The issue affected endpoints with product version 7.9.2.290
Network Protection
The update process failed with error –1018 on endpoints with the Network Attack Defense module installed.
Exchange Protection
The Exchange scan was not working correctly. This issue has been fixed.
Firewall
The Firewall module caused endpoints to temporarily lose network connectivity when starting services or when changing policies. This issue occurred on Windows 10 and 11 systems.
Product
The Relay agent failed to properly remove old installation kits, leading to high disk usage.
The Sysprep tool did not work properly on endpoints with product version 7.8.3.x and higher.
Internal fixes.
Version 7.9.3.297
Release date:
Fast ring: 2023.06.29
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Firewall
The Firewall module caused endpoints to temporarily lose network connectivity when starting services or when changing policies. This issue occurred on Windows 10 and 11 systems.
Version 7.9.3.296
Release date:
Fast ring: 2023.06.27
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
The Support Tool and Uninstall Tool are now console applications.
The
bruteForce
parameter that can be used when uninstalling the security agent is now available only for product versions starting with 7.x.Added support for removing the following incompatible security product:
Webroot SecureAnywhere 9.x
Resolved issues
Content Control
The Content Control module did not block web pages when a proxy was used. The issue affected endpoints with product version 7.9.2.290
Network Protection
The update process failed with error –1018 on endpoints with the Network Attack Defense module installed.
Exchange Protection
The Exchange scan was not working correctly. This issue has been fixed.
Product
The Relay agent failed to properly remove old installation kits, leading to high disk usage.
The Sysprep tool did not work properly on endpoints with product version 7.8.3.x and higher.
Version 7.9.2.290
Release date:
Fast ring: 2023.06.08
Slow ring: 2023.06.13
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.9.2.289 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Antimalware
You can now create certificate hash exclusions for PowerShell scripts.
Live search
Osquery has been upgraded to version 5.8.1.
Product
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following incompatible security products:
CrystalIDEA Uninstall Tool 3.x
Sophos Endpoint Agent, version 2022.4.x
Resolved issues
Firewall
In some cases, the Firewall module blocked applications already excluded in the policy.
Patch Management
The module postponed the application of patches if the Relay server was not reachable.
Antimalware
The module could not quarantine Java Archive files, even though the archives could be deleted.
Network Protection
The Network Protection module prevented browsers from accessing web pages when Web Access Control was enabled. The issue occurred after updating the security agent to version 7.9.2.289, released on fast ring.
Product
The local console failed to open when accessed from Start Menu. The issue occurred after updating the security agent to version 7.9.1.285.
The local console displayed the default contact information for technical support when the language was changed, instead of the details defined in the policy.
Version 7.9.2.289
Release date:
Fast ring: 2023.06.06
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Antimalware
You can now create certificate hash exclusions for PowerShell scripts.
Live search
Osquery has been upgraded to version 5.8.1.
Product
Added support for upcoming features available with the next major GravityZone release.
Added support for removing the following security products:
CrystalIDEA Uninstall Tool 3.x
Sophos Endpoint Agent, version 2022.4.x
Resolved issues
Firewall
In some cases, the Firewall module blocked applications already excluded in the policy.
Patch Management
The module postponed the application of patches if the Relay server was not reachable.
Antimalware
The module could not quarantine Java Archive files, even though the archives could be deleted.
Product
The local console failed to open when accessed from Start Menu. The issue occurred after updating the security agent to version 7.9.1.285.
The local console displayed the default contact information for technical support when the language was changed, instead of the details defined in the policy.
Version 7.9.1.285
Release date:
Fast ring: 2023.05.16
Slow ring: 2023.05.17
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 7.9.1.280, 7.9.1.281 and 7.9.1.283 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Advanced Anti-Exploit
Bitdefender has optimized LSASS detection reporting for less traffic and less disk space required to store events on endpoints.
Integrity Monitoring
The endpoint users are no longer distracted by Integrity Monitoring status alerts whenever a Suspend or Resume task runs.
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
The Antimalware module caused a system slowdown when copying files from network shares.
Custom scan displayed incorrect paths in the local scan log when multiple scan tasks occurred at the same time.
Advanced Threat Control
Addressed an issue where Advanced Threat Control caused critical errors (BSOD) after updating to version 7.9.1.280 released on fast ring.
Live search
The Live Search feature was unavailable on endpoints although it was enabled in the policy.
Network Protection
The security agent blocked Remote Desktop connections when the Network Attack Defense module was enabled in the policy along with the Scan RDP option.
Content Control
In a particular case, the Content Control module prevented PDF files from being downloaded from a website. The website remained in a loading state and eventually displayed the page as inaccessible.
Events generated by the Data Protection rules displayed IPs instead of web addresses when keyword filters were added for web traffic.
Policies
The default policy was assigned on endpoints instead of the correct policy when assignment rules applied. The default policy did not contain the previous assignment rules.
Product
Multiple managed endpoints could not communicate with the GravityZone console and were listed as unmanaged.
The logging session started when gathering support tool logs using command line or from the GravityZone console remained active for long periods of time.
Addressed a specific scenario where the product caused critical errors (BSOD). The issue is now fixed.
Version 7.9.1.283
Release date:
Fast ring: 2023.05.10
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Advanced Threat Control
Addressed an issue where Advanced Threat Control caused critical errors (BSOD) after updating to version 7.9.1.280 released on fast ring.
Version 7.9.1.281
Release date:
Fast ring: 2023.05.08
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Content Control
Events generated by the Data Protection rules displayed IPs instead of web addresses when keyword filters were added for web traffic.
Version 7.9.1.280
Release date:
Fast ring: 2023.04.26
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Integrity Monitoring
The endpoint users are no longer distracted by Integrity Monitoring status alerts whenever a Suspend or Resume task runs.
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Live search
The Live Search feature was unavailable on endpoints although it was enabled in the policy.
Network Protection
The security agent blocked Remote Desktop connections when the Network Attack Defense module was enabled in the policy along with the Scan RDP option.
Content Control
In a particular case, the Content Control module prevented PDF files from being downloaded from a website. The website remained in a loading state and eventually displayed the page as inaccessible.
Antimalware
Custom scan displayed incorrect paths in the local scan log when multiple scan tasks occurred at the same time.
Policies
The default policy was assigned on endpoints instead of the correct policy when assignment rules applied. The default policy did not contain the previous assignment rules.
Product
Multiple managed endpoints could not communicate with the GravityZone console and were listed as unmanaged.
The logging session started when gathering support tool logs using command line or from the GravityZone console remained active for long periods of time.
Addressed a specific scenario where the product caused critical errors (BSOD). The issue is now fixed.
Version 7.8.4.270
Release date:
Fast ring: 2023.03.29
Slow ring: 2023.04.04
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.8.4.269 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Patch Management
The Bitdefender Endpoint Security Service crashed during Patch Management assessment when unavailable patches were returned. The issue occurred on endpoints with version 7.8.4.269, released on fast ring.
Microsoft Office 365 was not included in the Patch Management scan. This issue is now fixed.
Policies
Policies were not being assigned on endpoints when using a location assignment rule with hostname.
Product
An incorrect path was created when installing security agents with Relay role. This behavior led to inaccurate rules in Windows Firewall and affected versions starting with 7.7.2.x.
The security agent installation crashed on Windows Server 2016 endpoints with a very large number of certificates.
Removed features
Product
Live Search is no longer supported for x86 architecture endpoints.
Version 7.8.4.269
Release date:
Fast ring: 2023.03.28
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Policies
Policies were not being assigned on endpoints when using a location assignment rule with hostname.
Patch Management
Microsoft Office 365 was not included in the Patch Management scan. This issue is now fixed.
Product
An incorrect path was created when installing security agents with Relay role. This behavior led to inaccurate rules in Windows Firewall and affected versions starting with 7.7.2.x.
The security agent installation crashed on Windows Server 2016 endpoints with a very large number of certificates.
Removed features
Product
Live Search is no longer supported for x86 architecture endpoints.
Version 7.8.3.265
Release date:
Fast ring: 2023.03.09
Slow ring: 2023.03.13
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Content Control
The Content Control exclusions did not work properly when using a blocking action in Web Access Control Scheduler on endpoints with product version 7.8.3.263.
Version 7.8.3.263
Release date:
Fast ring: 2023.03.01
Slow ring: 2023.03.08
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.8.3.259 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Live Search
You can now execute Live Search queries using the command line interface. The Live Search feature is part of the Early Access programs.
Product
Security content updates are now automatically performed with each product update to ensure optimal performance.
Added support for upcoming features available with the next major GravityZone release.
Bitdefender Endpoint Security Tools has removed some processes and folders from the exclusions lists on Exchange servers to improve performance and stability. For more information, refer to the official Microsoft documentation.
Resolved issues
Advanced Threat Control
In certain scenarios, endpoints encountered critical errors (BSOD) when the Advanced Threat Control module was active.
Content Control
Fixed an issue that caused Content Control to create a temporary Windows profile for automatic logins.
The Content Control module prevented the GravityZone console from properly reporting blocked web addresses and the applied web rules in the Blocked Websites report.
Antimalware
Removed the unused caching database files on partitions smaller than 1GB.
Fixed an issue where the Antimalware module failed to report detections of infected browser plugins in certain scenarios.
Endpoint Detection and Response
Fixed an issue that caused cached DNS servers to be used for EDR submission.
Integrity Monitoring
Fixed an issue that caused Integrity Monitoring to generate empty reports.
Product
The security agent caused high CPU usage on Microsoft Windows Server 2019.
Version 7.8.3.259
Release date:
Fast ring: 2023.02.23
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Live Search
You can now execute Live Search queries using the command line interface. The Live Search feature is part of the Early Access programs.
Product
Security content updates are now automatically performed with each product update to ensure optimal performance.
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Advanced Threat Control
In certain scenarios, endpoints encountered critical errors (BSOD) when the Advanced Threat Control module was active.
Content Control
Fixed an issue that caused Content Control to create a temporary Windows profile for automatic logins.
The Content Control module prevented the GravityZone console from properly reporting blocked web addresses and the applied web rules in the Blocked Websites report.
Antimalware
Removed the unused caching database files on partitions smaller than 1GB.
Fixed an issue where the Antimalware module failed to report detections of infected browser plugins in certain scenarios.
Endpoint Detection and Response
Fixed an issue that caused cached DNS servers to be used for EDR submission.
Integrity Monitoring
Fixed an issue that caused Integrity Monitoring to generate empty reports.
Product
The security agent caused high CPU usage on Microsoft Windows Server 2019.
Version 7.8.2.254
Release date:
Fast ring: 2023.02.06
Slow ring: 2023.02.06
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Network Attack Defense
Fixed an issue that prevented the Network Attack Defense module from updating security content.
Version 7.8.2.248
Release date:
Fast ring: 2023.01.26
Slow ring: 2023.02.02
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Policies
GravityZone assigned the default policy instead of the new policy when applying new assignment rules.
Security for Exchange
Fixed an issue that prevented policies from being applied to endpoints.
Antimalware
Fixed an issue that caused the security agent to create database registry files on partitions smaller than 1 GB.
In certain scenarios, endpoints encountered critical errors (BSOD) when the Antimalware module was active.
Fixed an issue that caused the Antimalware module to prompt users to take actions on clean files.
Relay
Fixed an issue that prevented the Reconfigure Client task from being applied to BEST Linux endpoints when using Windows Relay as an update server.
Content Control
Fixed an issue that prevented Content Control from blocking websites on newer editions Windows Server 2019 and Windows Server 2022.
Product
The security agent caused high CPU usage on Microsoft Windows Server 2019.
Version 7.8.1.244
Release date:
Fast ring: 2023.01.03
Slow ring: 2023.01.10
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools versions 7.7.2.230 and 7.8.1.241 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
The security agent now automatically scans USB devices before users log into the Windows system.
Added support for Windows 11 Enterprise Multi-Session (22H2).
Added support for Windows ARM64 CPUs. The following features are supported:
Antimalware
HyperDetect
Firewall
Content Control
Network Attack Defense
Integrity Monitoring
Device Control
Full Disk Encryption
Sandbox Analyzer
Endpoint Risk Analytics
Endpoint Detection and Response
eXtended Detection and Response (available only for GravityZone Cloud)
The following features are not yet supported:
Advanced Anti-Exploit
Patch Management
Application Control (available only for GravityZone On-Premise)
Power User
Security for Exchange
Security Server - the Relay role
Support for these features on Windows ARM64 will be added in time.
Note
On endpoints with ARM64 CPUs, Bitdefender Endpoint Security Tools supports only Windows 10 and Windows 11.
Bitdefender Endpoint Security Tools is available for ARM64 CPUs only through the Windows downloader.
Resolved issues
Product
In some cases, the Bitdefender Endpoint Protected Service generated high RAM usage after updating endpoints to version 7.8.1.241.
Bitdefender EDR
Fixed an issue that caused multiple website false positives when using Bitdefender EDR.
Version 7.8.1.241
Release date:
Fast ring: 2022.12.13
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
The security agent now automatically scans USB devices before users log into the Windows system.
Added support for Windows 11 Enterprise Multi-Session (22H2).
Version 7.7.2.230
Release date:
Fast ring: 2022.11.24
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Bitdefender EDR
Fixed an issue that caused multiple website false positives when using Bitdefender EDR.
Version 7.7.2.228
Release date:
Fast ring: 2022.11.15
Slow ring: 2022.11.17
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.7.2.227 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Firewall
The default Firewall driver has changed.
Product
Added support for upcoming features available with the next major GravityZone release.
The information window title now reflects the product name.
The Crypto Miner threat detection has been added.
The Power User module is now available in Vietnamese.
Resolved issues
Network Protection
Fixed an issue that prevented users from accessing specific websites while the SSL Scan option was enabled.
Advanced Threat Control
In some situations, the Advanced Threat Control module caused high memory usage and performance issues.
Fixed an issue that caused the Bitdefender Endpoint Security Service to crash when Advanced Threat Control was installed.
Exchange Protection
Fixed an issue that caused Exchange Protection to mark multiple valid emails as spam.
Product
Fixed an issue that prevented the security agent from detecting samples during unpacking archived files.
Version 7.7.2.227
Release date:
Fast ring: 2022.11.10
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Firewall
The default Firewall driver has changed.
Product
Added support for upcoming features available with the next major GravityZone release.
The information window title now reflects the product name.
The Crypto Miner threat detection has been added.
The Power User module is now available in Vietnamese.
Resolved issues
Network Protection
Fixed an issue that prevented users from accessing specific websites while the SSL Scan option was enabled.
Advanced Threat Control
In some situations, the Advanced Threat Control module caused high memory usage and performance issues.
Exchange Protection
Fixed an issue that caused Exchange Protection to mark multiple valid emails as spam.
Product
Fixed an issue that prevented the security agent from detecting samples during unpacking archived files.
Version 7.7.1.216
Release date:
Fast ring: 2022.09.21
Slow ring: 2022.09.28
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Content Control
Content Control detection events now contain details about the web categories of blocked websites. You can view these categories in the Event log section.
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Antimalware
The product was causing high disk usage when scanning certain SSD drives.
Firewall
Fixed an issue that was causing network disconnects for Intel-based NICs.
EDR Sensor
Fixed an issue that caused the IP addresses of the source of remote Windows logins (RDP) to not be recorded.
Version 7.6.3.212
Release date:
Fast ring: 2022.09.06
Slow ring: 2022.09.19
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Product
Fixed an issue that prevented endpoints from being displayed in the Amazon EC2 Integration.
Security fixes.
Version 7.6.3.211
Release date:
Fast ring: 2022.08.30
Slow ring: 2022.08.30
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.6.3.210 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Product
In some situations, endpoints failed to reflect the scan mode set through a Reconfigure Client task. The issue occurred on version 7.6.3.210, released on fast ring.
Security fixes.
Advanced Threat Control
Addressed an issue where the Advanced Threat Control feature caused critical errors (BSOD).
Endpoint Detection and Response
Fixed an issue that prevented the Endpoint Detection and Response module from displaying the correct hostname of remote attackers.
Version 7.6.3.210
Release date:
Fast ring: 2022.08.24
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Advanced Threat Control
Addressed an issue where the Advanced Threat Control feature caused critical errors (BSOD).
Endpoint Detection and Response
Fixed an issue that prevented the Endpoint Detection and Response module from displaying the correct hostname of remote attackers.
Product
Security fixes.
Version 7.6.2.207
Release date:
Fast ring: 2022.07.27
Slow ring: 2022.08.03
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Added support for upcoming features available with the next major GravityZone release.
Patch Management
You can now see when a patch installation is in progress. The event is available in the Event log whenever a new installation begins.
Resolved issues
Firewall
Fixed an issue that caused network disconnects for Intel-based network interface cards.
Exchange Protection
Fixed an issue that prevented Exchange Malware Detected notifications from being received in the console or by email.
Network Attack Defense
The Network Attack Defense module prevented domain joined endpoints from receiving group policies.
Content Control
Fixed an issue that caused filtering inconsistencies for web categories across multiple Windows 10 endpoints.
Patch Management
In some situations, the patch installation was performed outside the scheduled interval set in the maintenance window.
Version 7.6.1.203
Release date:
Fast ring: 2022.07.12
Slow ring: 2022.07.13
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Product
Endpoints that have used installation kits with versions up to 6.6.16.222 failed to complete maintenance operations such as uninstall, or reconfigure, after updating to version 7.6.1.202. This is now fixed.
Version 7.6.1.202
Release date:
Fast ring: 2022.06.28
Slow ring: 2022.07.05
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Bitdefender Endpoint Security Tools is now available in Japanese language.
Added support for removing the following incompatible security products:
Trend Micro Apex One Security Agent 14.x
Qi An Xin Enterprise Security Assistant
Resolved issues
Product
Fixed an issue that affected a few product files after an unexpected shut down.
Network Protection
Exclusions created using wildcards failed to work properly for websites with invalid certificates.
Antimalware
The Antimalware module displayed On-Access as disabled in the local interface even though it was enabled in the policy.
Power User
The Remarks column was displayed when accessing a policy with Power User however, it contained no information. The column is now available only in the GravityZone console.
Policies
Fixed an issue that caused rule-based policies to change constantly.
Version 7.5.3.195
Release date:
Fast ring: 2022.06.09
Slow ring: 2022.06.15
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Product
In some cases, the security content update process resulted in error code
-1016
. The issue is now fixed.
EDR
Fixed an issue that prevented the EDR module from generating incidents for remote Latent Semantic Analysis (LSA) dumps.
Version 7.5.3.192
Release date:
Fast ring: 2022.05.27
Slow ring: 2022.05.30
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.5.3.190 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Bitdefender Endpoint Security Tools is now available in Vietnamese language.
Resolved issues
Product
The security agent was not displayed as running in Windows Security Center after updating to version 7.5.3.190 released on fast ring.
In some situations, the security agent failed to display the Exchange Protection module in the local interface even if the module was installed and running.
Policies
Fixed an issue that caused assignment rules to apply incorrectly.
Network Protection
The module scanned multiple secure connections resulting in error
400 Bad Request
. The issue is now fixed.
Patch Management
Fixed an issue that prevented scheduled patch scans and deployments to run properly.
Version 7.5.3.190
Release date:
Fast ring: 2022.05.24
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Product
Bitdefender Endpoint Security Tools is now available in Vietnamese language.
Resolved issues
Policies
Fixed an issue that caused assignment rules to apply incorrectly.
Network Protection
The module scanned multiple secure connections resulting in error
400 Bad Request
. The issue is now fixed.
Patch Management
Fixed an issue that prevented scheduled patch scans and deployments to run properly.
Product
In some situations, the security agent failed to display the Exchange Protection module in the local interface even if the module was installed and running.
Version 7.5.2.186
Release date:
Fast ring: 2022.05.02
Slow ring: 2022.05.09
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Patch Management
Software applications are now visible in the Event log section. Under Patch Management events you can see successfully installed patches, patches that require a reboot, or failed installations.
Now users can choose between multiple time intervals to postpone a system restart. They can postpone a reboot until a more convenient time up to one day.
Product
Added support for upcoming features available with the next major GravityZone release.
Resolved issues
Patch Management
The Patch Caching Server failed to download patches and caused high CPU usage.
Antimalware
On-demand scans affected the indexing service of Windows 11 systems resulting in a reset of indexed items. After this, the Windows indexing process started automatically from the beginning.
Product
When installed the security agent removed the Xpient update service due to incompatibility with the application. The issue is now fixed.
Version 7.5.1.177
Release date:
Fast ring: 2022.04.05
Slow ring: 2022.04.11
Important
This version also includes on slow ring the improvements and fixes delivered with the Bitdefender Endpoint Security Tools version 7.5.1.172 released on fast ring.
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Content Control
The Content Control module is now available for Windows servers including Citrix virtual apps and desktops and is designed to monitor user session traffic. For existing installations, the module is available through a Reconfigure agent task, while new installations require packages configured accordingly. For more information refer to Content Control on Windows servers.
Resolved issues
All fixes previously delivered for workstations with version 7.5.1.172 are now also available for servers.
Security fixes.
Version 7.5.1.172
Release date:
Fast ring: 2022.03.29
Slow ring: -
Important
During this update, the Microsoft Exchange Transport service will be stopped.
This update applies only to Windows workstations on fast ring.
Resolved issues
Advanced Anti-Exploit
Advanced Anti-Exploit was blocking the installation of CAB files.
Patch Management
Patch Management was skipping patch downloading when additional actions were required, such as accepting EULA terms.
The module was causing high CPU usage on the Relay machine when the Patch Caching Server could not download patches requested by a large number of endpoints.
Policies
Fixed an issue that was causing the assignment rules to be applied incorrectly.
Certain hosts would have the default policy as active, instead of the custom one which had been assigned to them.
Product
Update Server was failing to tunnel HTTPS connections when another proxy was set up in the user's OS.
Epprotectedservice.exe
would not run after upgrading from Windows 7 to Windows 10.In some circumstances, the endpoints could not communicate with the Control Center.
Minor translation change related to German GUI label.
Fixed an issue that was causing
analysecrash.exe
to crash.In some cases, GravityZone did not display the correct MAC address.
Vlflt.sys
was causing the exchange server to crash.Too many DNS requests were being generated when verifying IP addresses.
Version 7.4.4.159
Release date:
Fast ring: 2022.02.16
Slow ring: 2022.03.07
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
eXtended Detection and Response (XDR)
Added support for the new Active Directory sensor that can be configured to collect and process user login information.
Version 7.4.3.146
Release date:
Fast ring: 2022.01.27
Slow ring: 2022.02.02
Important
During this update, the Microsoft Exchange Transport service will be stopped.
New features and improvements
Full Disk Encryption
The Full Disk Encryption configuration window now uses an enhanced font color providing more visibility and easier focus to users.
Resolved issues
Endpoint Detection and Response (EDR)
The Bitdefender Endpoint Protected Service caused high CPU usage on a few Windows Server 2012 systems with the Endpoint Detection and Response module enabled.
Fixed an issue that prevented endpoints communicating through Relay from sending EDR incidents to Control Center.
The EDR incidents submission was failing when endpoints lacked DNS server configuration.
Ransomware Mitigation
In a corner case scenario, the Ransomware Mitigation module caused false positive detections.
Endpoint Risk Analytics (ERA)
Vulnerable applications could not be patched using the Patch App button from the App Vulnerabilities section, even though the Patch Management module was licensed and properly configured.
Product
In some cases, endpoints failed to communicate with the GravityZone console when using an IPv6 to IPv4 VPN tunneling.
In a particular situation, Microsoft Hyper-V Server 2016 machines were incorrectly displayed in the GravityZone console as Linux systems.
Security fixes.
Version 7.4.2.142
Release date:
Fast ring: 2022.01.04
Slow ring: 2022.01.05
Important
During this update, the Microsoft Exchange Transport service will be stopped.
Resolved issues
Product
In some situations, the Support Tool feature used for troubleshooting collected and removed directories located at the same destination path as the saved logs. The issue was encountered only when running the tool locally using command line or the executable file.
Product installation remained in pending in a ConnectWise Automate environment integrated with GravityZone.