Note: This release announces the following:
|Note: For the context of this article, the following terms apply:|
- IMPORTANT CHANGES
- SYSTEM REQUIREMENTS
- UPDATE NOTES
- KNOWN ISSUES AND WORKAROUNDS
- BUG FIXES
- HELPFUL ARTICLES
1. IMPORTANT CHANGES
Legacy agent support for Windows XP and Windows Server 2003 now available through the console
Action Required: When installing agents on Windows XP or Server 2003 machines, use the "legacy agents" feature to deploy a legacy agent to your Windows XP or Server 2003 endpoint.
You can now select legacy agents to deploy to Windows XP and Windows Server 2003 endpoints. When creating an installer package, you will be prompted for the agent type and Target Operating System. Simply select the correct agent type (VIPRE Antivirus Business or Business Premium) and the Target OS (XP or Server 2003) to create the installer for these machines.
2. SYSTEM REQUIREMENTS
Management Console and VIPRE Site Service
- Windows Server 2016
- Windows Server 2012 (excluding Server 2012 Core)
- Windows Server 2008 R2 (excluding Server 2008 Core)
- Windows 10 All editions (32- & 64-bit)
- Windows 8 (32- & 64-bit)
- Windows 7 (32- & 64-bit)
Note: Embedded operating systems are not supported
- Dual core processor or higher
- 1 GB free disk space(up to 20 GB could be required for Endpoint Security versions for caching of patches)
- 2 GB RAM
- 1024 x 768 monitor resolution
- MDAC 2.6 SP2 or later
- Internet Explorer 8 or later
- Microsoft .NET Framework 4.6 (if not already installed, .NET will automatically install during installation)
VIPRE Business Mobile Security
Android 2.2 and above
- iOS 5.1.1–11.4 and above
VIPRE Agent for Mac
- OS X Mountain Lion (10.8)
- OS X Mavericks (10.9)
- OS X Yosemite (10.10)
- OS X El Capitan (10.11)
- macOS Sierra (10.12)
VIPRE Agent for Windows
- Windows 10 All editions (32- & 64-bit)*
- Windows 8 (32- & 64-bit)
- Windows 7 (32- & 64-bit)
- Windows Vista, Vista SP2+ (32- & 64-bit)
- Windows XP, Windows Server 2003 (32- & 64-bit)***
- Windows Server 2016*/**
- Windows Server 2012 and R2(excluding Server 2012 Core)
- Windows Small Business Server 2011, 2008
- Windows Server 2008 and 2008 R2 (excluding Server 2008 Core)
- Windows Embedded for Point of Service (WEPOS) platforms
* VIPRE Endpoint Security is not supported on these Operating Systems with Microsoft's Device Guard enabled. See this article for more information.
** Windows Server 2016 currently does not support policies using VIPRE's Device Control feature.
*** Certified with legacy Agent.
- Dual core processor recommended
- 1 GB free disk space
- 2 GB RAM or better recommended
- Internet Explorer 8 or later
SUPPORTED EMAIL APPLICATIONS
- Microsoft Outlook 2003+
- SMTP/POP3 (Thunderbird, IncrediMail, Eudora, etc.)
- SSL supported in Outlook only
Product and company names are trademarks and registered trademarks of their respective owners.
3. UPDATE NOTES
If you DO NOT wish to immediately update your existing agents upon installation of the console, you can temporarily turn off automatic agent software updates.
To temporarily stop automatic agent software updates:
- Open the Management Console
- Locate the policy for a set of agents you do not want to be updated, and select the properties for that policy
- Navigate to Updates
- Uncheck Check for agent software updates periodicity in hours
- Repeat as necessary for each additional agent group and associated policy
- Wait 24 hours after this policy change before performing the console update
The agents that use these modified policies will retrieve the policy update and cache it locally. This prevents them from attempting to automatically update. The 24-hour wait (above) ensures the changes you make to the edited policies propagate to all agents before the console is updated.
Once you are satisfied with any testing of the new agent, you may re-enable automatic agent software updates for each policy.
Update the Console
See the following Support article: How to update the VIPRE Business Console and Agents
The following support article has been updated to include special instructions for this release, and is highly recommended: How to configure agent software updates for VIPRE Business
4. KNOWN ISSUES AND WORKAROUNDS
• Outlook 2016 may display forwarded or replied-to emails with image attachments as blank.
VPBAGENT-3656 - Outlook 2016 users with VIPRE Email Protection enabled may experience email messages with a blank email body. Currently, we have narrowed down the issue to  email messages containing pictures, which are  sent on via reply or forward. The issue also seems to be more common when the pictures in the email are created by the Windows Snipping Tool.
VIPRE Email Protection incorrectly identifies some of these messages as threat and strips the message content.
Workaround 1: Some users have reported that saving the email before replying or forwarding can resolve the issue. If this does not work for you, please see Workaround 2, below.
Workaround 2: Temporarily unregister the VIPRE add-in from Outlook, or de-register the DLL, or switch to a different email client.
See the following article: Turn an add-in off for Outlook for Windows
Important: If the add-in or DLL is disabled, VIPRE can no longer scan email attachments for malware and viruses.
• Microsoft Windows Defender continues to run even if policy has Disable selected.
For policies applying to machines running Windows Server 2016, selecting "Disable Windows Defender" does not actually disable Windows Defender.
Workaround: You may manually disable Windows Defender on these machines. Refer to these articles for more information:
- Disabling Windows Defender Antivirus on Windows Server 2016
- Microsoft TechNet article: Windows Defender Overview for Windows Server
• VIPRE Business or VIPRE Business Premium agents on version 9.3 or earlier that are scheduled to upgrade to VIPRE Endpoint Security will not fully upgrade on the initial install.
VIPRE has added multiple driver updates that are included with this release. Depending on the version of the drivers on your system and which features are enabled in your policies (e.g. Device Control), installation may require two or more reboots to complete the agent upgrade.
Make sure any required reboots are completed: For the corresponding agent, check the Console > Agent Details > Agent Environment tab and verify the "Needs Reboot" column is not marked with an "X".
• Color coding of agent version in console does not appear to be consistent for all out of date agents.
In the Protected Computers tab of the console, the agent version field is shaded orange for those agents that need to be updated to the latest agent software version. However, some agents that appear to be out-of-date are not shaded. Those agents include VIPRE Business or VIPRE Business Premium agents that do not have the highest build available. Agents that are not actively communicating are also not shaded but may be out of date.
Workaround: The agents will update with the correct status upon the next communication. You may note VIPRE Business or VIPRE Business Premium agents reporting incorrectly. We recommend these agents be upgraded to VIPRE Endpoint Security to match your VIPRE Endpoint Security 10 console. This will give you our best protection for these devices and correct the reporting issue. If you are not currently licensed for VIPRE Endpoint Security, please contact your sales representative (+1 855-885-5566 or Contact Sales) for more information on how you can upgrade.
• .NET error when version 10 console connects to VSS version 9.6 (or prior) and accessing Site or Policy properties.
Due to changes introduced with VIPRE Business Endpoint Security version 10, including the update to .NET version 4.6, accessing version 10 consoles and resources from an older version of VIPRE Business is not supported. Likewise, using a version 10 console to access older consoles and resources is not supported.
• When changing Active Protection settings within a VM environment, the changes take up to 15 minutes to apply.
This is normal, as communication between the Console > VM takes some time to propagate.
• When VIPRE scans an email archive, files are not quarantined properly.
Workaround: Through your email client, perform a manual cleanup of the email archive containing the infected email. Once the infected email has been removed, re-scan the endpoint to confirm removal.
• When managing over 500 agents, a full SQL database should be implemented.
It is recommended that when managing over 500 agents, a full SQL database (versus SQLite) will provide the best performance.
See the following support article: Recommended SQL Server settings for a VIPRE Business Database
• VIPRE Endpoint Security agents cannot run on Windows XP or Windows Server 2003.
The software limitations of these older platforms do not provide the resources necessary for some more robust agent features. VIPRE Endpoint Security requires a minimum OS version of Windows Vista or Windows Server 2008.
• Attempting to launch more than one instance of the administration Console (via terminal services) causes agent > Console communication to fail.
This is a product design safeguard that prevents one administrator from overwriting a different administrator's settings without notification. Only one instance of the admin Console should be running at a time.
• Advanced Active Protection cannot operate on machines with Device Guard enabled.
Due to some of the constraints that Device Guard puts on running processes, Advanced Active Protection cannot provide its detailed and comprehensive monitoring of potentially malicious processes on platforms with Device Guard enabled.
See the following support article: Does VIPRE’s Advanced Active Protection work in conjunction with Microsoft’s Device Guard feature?
• Push agent installations do not work if Simple File Sharing is enabled.
Simple File Sharing prevents installation through the push option. You must manually create the MSI installer package and deploy the installer to the workstation.
See the following support article: Minimum Requirements for Agent Push Deployment
• Without proper firewall configuration, agents are unable to contact the Console.
An incorrectly configured firewall can prevent communication between the agent and the Console.
See the following support article: Minimum Requirements for Agent Push Deployment
• Using a Remote Admin Console running VIPRE Business 9.3 in conjunction with a VIPRE Business 9.6 Console can overwrite the VIPRE Business 9.6 Console settings.
If your primary VIPRE Business Console is running version 9.6, policy changes made on a Remote Console running version 9.3 could potentially overwrite the "Use VIPRE for Updates" setting on the 9.6 Console.
Workaround: Discontinue policy updates on the 9.3 Remote Console until it is updated to version 9.6.
Workaround: After each policy change made from the 9.3 Remote Console, select the "Use VIPRE as Update Server" setting on the 9.6 Console after any 9.3 Remote Console policy changes (below).
To use VIPRE as a (non-local) update server:
- In the Policy Properties, open Agent > Communication
- Check Use VIPRE as Update Server for definitions and software updates
- Click OK.
• Device Control policy changes may require an agent restart before they take effect.
On Consoles upgraded to 9.6 or earlier, policy changes will not be applied until the agent is restarted.
Workaround: Manually restart the agent to apply policy changes.
To manually restart an agent:
- Right-click on the agent in the grid
- Select Issue Remote Restart Command
• The Database Migration Utility may crash if the SQL Database has any spaces in the database name.
The Database Migration Utility for VIPRE 9.6 or earlier may crash during the migration process if your SQL Database has spaces in the name of the database.
Workaround: Resolution is under development. When created, database names should contain no spaces, no symbols, and no carriage returns.
• Anti-Phishing does not work if Outlook is open during agent install.
If Outlook is running when enabling Anti-Phishing in the VIPRE Console before pushing an agent installation, it will not function properly until Outlook is restarted.
Workaround: Shut down Outlook during agent installation when enabling Anti-Phishing.
Workaround: Restart Outlook after agent install when enabling Anti-Phishing.
• Windows 10 agents may BSOD after updating to agent version 6032.
After updating to agent version 6032 for Windows 10 Anniversary support, some users have reported Windows 10 blue screen crashes. We have identified the cause of some of these occurrences and believe they are fixed with this release.
Workaround: As these crashes are difficult to reproduce, we cannot guarantee all are resolved. Occurrences should be rare. If they should happen, please contact Support so we can work with you to identify the cause and resolve the issue. As other causes are corrected, we will publish an agent hot fix to address.
• Outdated Citrix drivers may cause BSOD on Windows 7 agents.
Updating a Windows 7 agent to VIPRE Endpoint Security 9.6 or earlier can cause a blue screen state on systems with older versions of Citrix drivers on them.
Workaround: Updating the Citrix driver should resolve the issue.
- VIPREBIS-6389 - Added a warning if the user turns off Advanced Active Protection
- VPBAGENT-3697 - Console now provides authority to select legacy agents for Windows XP and Windows Server 2003
- VPBAGENT-3368 - The VIPRE Agent now runs a newer version of the VIPRE base code
- VPBAGENT-3415 - The VIPRE Agent now gathers diagnostic data more efficiently
- VPBAGENT-3501 - Updated VIPRE Advanced AP engine functionality
6. BUG FIXES
- VIPREBIS - Attempting to perform a password reset from the agent would fail, as the Console would not properly process the event
- VIPREBIS - Certain IDS rules were not properly being copied over into the SNORT_RULE table, leaving it blank
- VIPREBIS - Certain email items quarantined on an agent did not show up in the Console; had to be manually released from the agent side
- VIPREBIS - Certain software patches would still show as outdated after being updated
- VIPREBIS - Certain web filter events could cause the XML processor to fail, causing a buildup of unprocessed XML data
- VIPREBIS - Console could become very slow due to database purging issue unless the service was restarted
- VIPREBIS - For sites with unapplied patches, the statistics show in “Severity of Unapplied Patches” were calculated incorrectly
- VIPREBIS - In some cases, attempting to remove users from receiving email alerts would fail
- VIPREBIS - Machines with a large number of virtual NICs could not install the agent
- VIPREBIS - Not all agents set for deployment from the Console would deploy on the first attempt
- VIPREBIS - On certain systems, updating to .NET 4.6 while updating the VIPRE Console to 10.0 was causing an immediate forced reboot. Reboot is still needed when updating .NET 4.6 but is no longer immediately forced
- VIPREBIS - Report created to show “Last Full Scan Finished” statistics
- VIPREBIS - Scheduling many (70+) reports caused the Report Viewer to run very slowly
- VIPREBIS - Server storage for definitions was not being properly purged, causing potential disk space issues
- VIPREBIS - Some VIPRE consoles would crash due to an issue reading XML data
- VIPREBIS - The Firewall Daily Intrusions Blocked report could sometimes show incorrect numbers of intrusions blocked
- VIPREBIS - The Weekly Health report now includes the VSS site name on the report
- VIPREBIS - Users with over 2000 deployed agents had to manually purge firewall statistics in order to remove unresponsive agents
- VIPREBIS - When changing configurations from one network to another, the reporting server address was unable to be edited in the UI, but still appeared to be in use
- VIPREBIS-20056 - VIPRE Console did not work with agents on a VDI virtual desktop environment
- VIPREBIS-5630 - Some patch reports could only be saved by selecting “all products” for the report
- VIPREBIS-6269 - Attempting to add too many Sites to the Console at once will not work
- VIPREBIS-6336 - Agents could stop updating patch signatures due to invalid caching with the Polipo web proxy
- VIPREBIS-6378 - On older versions of VIPRE, some console dashboard widgets could crash when there was no data to display
- VIPREBIS-6388 - Attempting to install version 10.0.3.17 of the console would fail, with a prompt for reboot
- VIPREBIS-6417, VIPREBIS-6325, VIPREBIS-6246 - Patch Management reports could sometimes show duplicate entries
- VIPREBIS-6430 - An Agent could occasionally enter a loop state and continually request the same definitions from the console until it crashes
- VPBAGENT - Agent upgrade process failed because certain services were unable to be automatically stopped before the upgrade could occur
- VPBAGENT - Certain database applications running on the same network as a VIPRE agent could cause increased bandwidth usage between the agent and the database
- VPBAGENT - Enabling Device Control could cause many extra information messages to be written to the system log
- VPBAGENT - Enabling Edge Protection could drastically reduce upload/download speed on certain machines
- VPBAGENT - MS Office file types being saved to a network location would trigger a delay in the writing of the file
- VPBAGENT - On certain devices, Outlook would hang when the VIPRE plugin was loaded
- VPBAGENT - Outlook email protection could sometimes remove all email headers from a message
- VPBAGENT - Some agents running on virtual machines would not always check for software updates before each scan
- VPBAGENT - Some roaming agents calling in to the VIPRE Site Service were unable to update their licensing information, causing definition updates to fail
- VPBAGENT - VIPRE Email Protection reported incorrect user on Windows terminal services environments when multiple users were logged in
- VPBAGENT-2192 - URL Blocking caused internal web pages to load slowly or not at all
- VPBAGENT-2470 - Changes made to Malicious URL Blocking would sometimes not appear on-screen until the window was reopened
- VPBAGENT-2478 - The Outlook plug-in could cause a conflict with other applications, causing them to lock up when sending email
- VPBAGENT-2582 - Some non-malicious URLs were blocked by the Malicious URL blocking feature
- VPBAGENT-2607, VPBAGENT-2386 - A conflict between a network driver and the VIPRE Firewall could sometimes cause the firewall to crash
- VPBAGENT-2697 - Some users attempting to print a file using Adobe Acrobat DC were unable to do so
- VPBAGENT-2889 - Logging in to an agent while the agent was performing specific processes could cause the agent to hang
- VPBAGENT-3033 - Malicious URL Blocking is causing "OnBase" application to crash
- VPBAGENT-3096 - Malicious URL Blocking is causing problems with file uploads to Wordpress
- VPBAGENT-3165 - AntiPhishing was incorrectly detecting a part of a domain as a threat
- VPBAGENT-3166 - AntiPhishing was not properly detecting threats in emails with a blank subject
- VPBAGENT-3184, VPBAGENT-3185, VPBAGENT-3186 - Certain infected files were being remediated differently between different versions of VIPRE
- VPBAGENT-3189 - Realtime Active Protection was not blocking all test samples created by a custom test tool
- VPBAGENT-3190 - Certain test samples were being deleted instead of quarantined
- VPBAGENT-3253 - Under certain conditions, Advanced Active Protection exclusions with wildcards could incorrectly be ignored by VIPRE
- VPBAGENT-3253 - Under certain conditions, exclusions with wildcards could incorrectly be ignored by VIPRE
- VPBAGENT-3264 - During setup, VIPRE's scanning could occasionally cause sharing violations
- VPBAGENT-3286 - On lengthy scans (over 24 hours), the “scan time” clock would not show an accurate scan time when completed
- VPBAGENT-3312 - Custom exclusion settings could occasionally disappear
- VPBAGENT-3353 - The amount of working RAM required by the SBAMSvc service has been reduced
- VPBAGENT-3396 - Under certain conditions, VIPRE could quarantine a file that is supposed to be excluded
- VPBAGENT-3421 - When waking up a computer from "Sleep", the VIPRE agent may attempt to send a hello call to the console before the network connection is active
- VPBAGENT-3433 - Some Windows 10 users reported the VIPRE service could sometimes randomly crash. This issue was introduced with agent 10.0.7234 and is now resolved
- VPBAGENT-3470 - Under some conditions, toggling IDS in the Firewall on the agent could cause the agent to crash
- VPBAGENT-3474 - Improved VIPRE crash recovery in the situation where a corrupted definitions file is received
- VPBAGENT-3494 - An Agent could occasionally enter a loop state and continually request the same definitions from the console until it crashes
- VPBAGENT-3500 - Internal improvements to log collection
- VPBAGENT-3516 - VIPRE Agent could incorrectly remove files, causing a BSOD condition
- VPBAGENT-3534 - Older versions of VIPRE could not properly load the latest definitions
- VPBAGENT-3543 - Certain XML files with embedded malicious content could fail disinfection properly
- VPBAGENT-3575, VPBAGENT-3283 - Fixed a situation where the agent stops communicating after attempting to connect to Windows Defender Security Center
- VPBAGENT-3596 - In certain situations, scans could cause a machine to hang or become unresponsive
- VPBAGENT-3600 - When performing a Deep Scan with a CD-ROM disc present, the Agent could hang
- VPBAGENT-3657 - Under certain conditions, the Windows Defender Security Center would incorrectly report firewall protection is off
7. HELPFUL ARTICLES
What is required for VIPRE Business Console to update properly?
Minimum Requirements for Agent Push Deployment
Repairing a VIPRE Agent's Communication
How to add exceptions in VIPRE Business
Troubleshooting VIPRE Business Agent push installation failures
What are Roaming Agents and how do they work?
How to setup VIPRE Business Agents for different environment types
How to confirm connectivity between a VIPRE Agent & Console
Copyright © 2018 VIPRE Security. All Rights Reserved. VIPRE Security, VIPRE and the VIPRE Logo are trademarks or registered trademarks of VIPRE Security in the U.S. and other countries. Other names may be trademarks of their respective owners.