Released on : 08 August 2022
Applies to Version : 9.3
Download

Summary
Cumulative enhancements and fixes for v9.3

Who should read this document
Customers who use 9.3 

Severity
Medium

NOTE:

  • EventTracker update ET93U22-070 also must be installed on the console where EDR (Application Control) Add-on is installed.

Enhancements

  • Improved Indicator of Compromise (IoC) lookup algorithm to reduce false positives. IP Reputation lookup now supports setting of threshold limit for the number of feed sources in Threat Center.
  • Enhanced “System” and “Non reporting system” reports to choose asset value and multiple system types.
  • Improved user session handling to fix timeout issues in certain cases.
  • Removed the option to delete/offboard systems for non admin users.
  • Removed IP Void and Borderware from IP Reputation provider list.

 

Bug fixes

  • Alert email was not working for Microsoft 365 accounts in some cases.
  • Log search through Machine Learning -> Model Explorer was not working for some ML jobs.
  • Cloning the watchlist criteria was not working.
  • Configuring a receiver port for syslog over TLS was failing in some cases.
  • Uninstallation of IIS URL Rewrite module 2 was not happening during EventTracker uninstallation.
  • System report and non-reporting system report generated using Report wizard was not matching with the similar report generated using System manager.
  • Security: Upgraded log4j library for search guard plug-in
  • Security: Telerik UI library upgraded to latest version.

 

Affected software
EventTracker Agent, EventTracker Elasticsearch Indexer, EventTracker Receiver and EventTracker Web

Non-affected software
EventTracker Reports, EventTracker Alerter, Event Correlator, EventTracker Daemon, EnterpriseActivity, EventTracker EventVault, EventTracker Remote Installer and EventTracker Scheduler

Process to apply Update

  1. Download Update
  2. Place the Update ET93U22-069.exe in the destination computer.
  3. Execute the exe.